NATO Cyber War Games 2017: Czechs Win

Uploaded on 2017-05-11 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

The Czech Republic team wins the largest and most complex international live-fire cyber defence exercise Locked Shields 2017.  The Estonian team and NATO Computer Incident Response Capability (NCIRC) team from NATO take second and third place respectively.

The defensive team from Czech Republic also takes home the special prize for the scenario inject. NCIRC team scored the highest in the legal game of the exercise, while the German team came out on top of forensic challenges and the team from the United Kingdom achieved the highest scores in handling the strategic communication challenges

The US team scored the most improved in this year's NATO Locked Shields cyber war games, but experts said that result might not be reason to celebrate.

The Locked Shields event is a "live-fire" cyber defense exercise organised by the NATO Cooperative Cyber Defence Centre of Excellence in which teams are "tasked to maintain the services and networks of a military air base of a fictional country, which, according to the exercise scenario, will experience severe attacks on its electric power grid system, unmanned aerial vehicles, military command and control systems, critical information infrastructure components and other operational infrastructures."

During the cyber war games, there were more than 2,500 possible attacks that could be carried out against more than 3,000 virtualised systems meant to simulate military air command and control systems, drone and ground control, a large-scale SCADA system controlling the power grid and programmable logic controllers.

Nathaniel Gleicher, head of cyber-security strategy at Illumio and former director of cyber-security policy for the White House, said this type of cyber war practice is "essential to effective cyber-security."
"Exercises like this are an important way that security teams can build experience for real threats. The Locked Shields war game is interesting in that it focuses entirely on defense: teams compete to protect their networks, with third parties playing the intruders," Gleicher told SearchSecurity. "This is an especially useful form of wargame, defense is much more difficult than offense, and any opportunity our teams get to improve their skills in defense is a great opportunity."
John Bambenek, threat research manager at Fidelis Cybersecurity, said it was especially important for the cyber-war games to be "live-fire."
"Defenders learn best in a live-fire environment. When the 'red team' can simulate what adversarial nations are doing, that's even better," Bambenek told SearchSecurity. "Tabletop exercises can only take learning so far. Operators need valuable experience, and they need to do so under fire."

The US Army Cyber Brigade was one of 25 countries to compete in the Locked Shields 2017 cyberwar games and finished 12th, which is a marked improvement from the 2016 event where the US was last out of 19 countries participating.
However, Bambenek said "given the threats we face as a nation, we simply can't accept anything less than number one."
"That said, the improvement from last place to the middle of the pack shows an increase in capability. It also shows that they are learning. That's exactly the point of these exercises," Bambenek said and noted that enterprises should take a lesson from the games. 

"Training, particularly hands-on training, is crucial for the continued improvement and development of defenders. Enterprises should set aside funds to participate in third-party exercises so their team can practice. Always use events within an organisation as training. Successful, yet minor, breaches should not resort in blamestorming sessions. Instead, they should be used to help defenders improve."

Gleicher said the US team's results offer an important lesson, "everyone struggles with defense."
"To be honest, the cards are stacked against defenders from the beginning. The teams are placed in an unfamiliar environment to make life more difficult for them, but the truth is that most defenders are operating in an unfamiliar environment anyway because most organisations understand surprisingly little about the applications that they are protecting,"

Gleicher said. "If there's any lesson from this exercise and others like it, it's that we need to substantially increase our ability to understand and control the environments we are protecting."

SearchSecurity:   NATO CCDCOE:     

You Might Also Read: 

Forget Trident & Welcome To Cyber Warfare:

Locked Shields 2015: NATO Holds Major Cyber-Security Drill

Handbook Of Russian Information Warfare:

NATO Cyberwar: Establishing Rules Of Engagement:

 

 

« The Cybersecurity Threats That Keep Banks Alert
Hackers Stole A £60,000 BMW »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ACIS Professional Center

ACIS Professional Center

ACIS provides training and consulting services in the area of information technology, cybersecurity, IT Governance, IT Service management, information security and business continuity management.

miniOrange

miniOrange

miniOrange is a cloud and on-premise based identity and access management (IAM) solution provider.

DataProtect

DataProtect

DataProtect is a specialized information security company providing consultancy, information management, integration and training services.

CyVolve

CyVolve

Cyvolve is the next great leap forward in data security, ensuring constant encryption and pervasive control over all your data.

Adlumin

Adlumin

Adlumin Inc. provides the enterprise-grade security operations platform and managed detection and response services that keep mid-market organizations secure.

RIA in a Box

RIA in a Box

MyRIACompliance combines our team of RIA compliance experts with an online software platform to help investment advisers better manage regulatory compliance and cybersecurity responsibilities.

eXate

eXate

eXate provides pioneering technology that empowers organisations to protect, control and manage their sensitive data centrally, providing a complete data privacy solution.

River Loop Security

River Loop Security

River Loop Security specialize in solving complex cybersecurity challenges in the IoT and embedded devices space.

Cypress Data Defense

Cypress Data Defense

Cypress Data Defense helps clients build secure applications by providing training, best practices, and evaluating security during every stage of the Secure Application Development Lifecycle.

Intersistemi Italia

Intersistemi Italia

Intersistemi is a leading Italian company in the field of information technology integration and digital transformation including cybersecurity.

Secuna Software Technologies

Secuna Software Technologies

Secuna is the most trusted Cybersecurity Testing Platform in the Philippines. Our pool of vetted security researchers will find and ethically report security vulnerabilities in your product.

American Binary

American Binary

American Binary is a Quantum Safe Networking (TM) and post-quantum encryption company.

Karthik Consulting (KC)

Karthik Consulting (KC)

Karthik Consulting is a technology service provider specializing in IT services for the U.S. federal government.

Seiber

Seiber

Seiber are a UK based Cyber Security company who provide consultancy and training services. Our objective is to stop bad things happening to good people.

AC3

AC3

AC3 is a leading secure cloud services provider, focused on turning your technology challenges into real results.

Teal

Teal

Teal provides exceptional managed IT solutions for small- to medium-sized organizations that value real partnerships and elevated security.