Results: NATO’s 2021 Cyber War Game
The team from Sweden ranked highest at the largest and most complex international live-fire cyber defence exercise Locked Shields 2021. Blue Teams from Finland and the Czech Republic took second and third place respectively.
The importance of international collaboration in cyber security has become increasingly evident and the 2021 exercise highlighted the growing need to enhance dialogue between technical experts, civil and military participants and decision-making levels.
The event was organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) based in Tallinn, Estonia. The CCDCOE integrates the technical and strategic game, enabling participating nations to practice the entire chain of command in the event of a severe cyber incident involving both civilian and military players.
For the first time, the exercise also included satellite mission control systems needed to provide real time situational awareness to facilitate military decision-making.
Military cyber security specialists play-out the largest cyber war game in the world, that used a fictional NATO member state of Berylia that came under attack. The scenario was based on an attack on the fictional country of Berylia and an adversary called Crimsonia that is creating some artificial islands.
In the exercise, non-NATO member “Crimsonia” attacks vital infrastructure such as water supplies and mobile networks on the island state of “Berylia,” as well as the financial sector. In addition to maintaining more than 150 complex IT systems per team, the Blue Teams had to be efficient in reporting incidents, executing strategic decisions, solving forensic, legal and media challenges and dealing with hostile information operations. Crimsonia is also engaging in information warfare, persuading the people of Berylia that their government is responsible for a series of accidents through fake news and social media posts.
Understanding the interdependencies of national IT systems is at the heart of protecting a nation under a massive cyber attack.
The exercise tested NATO allies and other states’ abilities to protect vital services and critical infrastructure. Technical and strategic games will facilitate participating nations with whole-command-chain rehearsals in the context of a major cyber incident, affecting both military and civilian systems.
Merle Maigre, head of government relations at CybExer Technologies commented that “The exercise scenario consolidates a number of real-life situations and follows recent threat trends which show that cyber criminals are targeting vital service providers more and more often... Our critical information infrastructure companies will be extremely vulnerable in a situation where long supply chains, unclear procurement mechanisms and, more often than not, saving pennies will result in purchasing security solutions from the countries whose software and developers we never see, know or monitor.”
More than 2000 participants from 30 nations test and train their entire chain of command in the event of a severe cyber incident, ranging from the strategic to the operational and tactical levels and involving both civilian and military capabilities.
Reflecting real world cyber threats, the exercise deals with the protection of vital services and critical infrastructure that are fundamental for modern societies to operate, including critical information infrastructure, power and water supply and national defence systems.
The exercise was taking place alongside a real-world cyber defense conference in Tallinn at which NATO Deputy Secretary-General Mircea Geoana on Thursday 15th April warned that the pandemic has made countries more vulnerable to cyber attacks. “Russia and China have tried to use the COVID-19 crisis to exploit vulnerabilities, including those in cyberspace, with cyber-enabled disinformation campaigns, designed to sow distrust and division in our democratic societies,” he said.
“Congratulations to the teams, whose strategy proved to be the best, however every single participating team is a winner for tackling the unrivaled complex cyber challenges of Locked Shields exercise,” said Carry Kangur, Head of Cyber Exercises at the CCDCOE. “This year the exercise involved in total more than 5000 virtualised systems that had to be defended against over 4000 attacks.
CCDOE: e-Estonia: The Defense Post: European Defence Agency: Sky: I-HLS:
You Might Also Read:
NATO Live-Fire Cyber Exercise: