A team of nearly 40 cyber security experts led by the NATO Communications and Information Agency will compete this week in Locked Shields 2019, a live-fire cyber exercise conducted from Tallinn, Estonia.
More than 1,000 international cyber security experts and decision makers will gather from 9 to 12 April 2019 to participate in the exercise. Organized by the NATO Cooperative Cyber Defence Centre of Excellence, the event uses a game-based approach to allow participants to take on roles in fictional response teams.
Their goal is to assess the situation, maintain availability of services and defend networks that have fallen victim to cyber-attacks.
After winning last year's competition, the NCI Agency decided it would contribute its expertise this year by forming a team of not only Agency experts, but with representatives from several NATO Nations.
The NCI Agency has welcomed 10 members from six Nations to be part of a united NATO team. Six Nations –Turkey, Norway, Croatia, Romania, Bulgaria and Slovenia – volunteered cyber experts to participate.
During the several-day exercise, the NATO team will act as a Blue Team protecting networks.
In this elaborate fictional scenario, the Island of Berylia is in the midst of attempting to restore services after extreme flooding and landslides when it is hit with cyber-attacks. NATO Deterrent Forces commanders and international advisers are also accused of accepting money in exchange for helping traffic refugees to Berylia. Those commanders are asked to step down from their posts, and others take on leadership roles. DF troops, as well as advisors, direct their personnel to conduct a humanitarian aid mission alongside the Berylian troops in hopes of changing public opinion in favour of an international presence.
Blue Teams such as NATO's can expect to notice quite a few vulnerabilities in the systems they must protect. They will have limited access to the environment before the exercise, so they will have to quickly assess the situation once Locked Shields begins.
The exercise takes place in a lab environment, so no production networks are used.
Preparing for this exercise was a two-way mentoring effort, where the experts learned from the Agency, and the Agency learned from them. Forming this team was another way for Agency to strengthen the community of cyber security experts it is building under its Cyber Security Collaboration Hub initiative.
The Agency took the first step to launch the Hub on 12 February 2019. Allied Computer Emergency Response Teams from five Nations – Belgium, France, Netherlands, United Kingdom, and United States -- were connected then to NATO's protected business network.
This pilot programme will allow Nations to quickly and securely share information with each other, and with the Agency.
Access to the network, which provides an encrypted workspace with secure video, voice, chat and information gathering, will roll out to all 29 Nations later this year.