32 Nations Conduct NATO Locked Shields Exercise
April 20, 2022
two days more than 2000 participants from 32 nations practice the
protection of national IT systems and critical infrastructure under the
pressure of a large-scale cyberattack at the annual live-fire cyber
defence exercise Locked Shields. In addition to protecting numerous
cyber-physical systems the participating teams practice tactical and
strategic decision making, cooperation and the chain of command in a
crisis situation where they also have to tackle forensic and legal
issues and respond to information operations challenges.
The annual real-time network defence exercise is a unique opportunity
for cyber defenders to practise protection of national IT systems and
critical infrastructure under the pressure of a severe cyberattack.
Col Jaak Tarien, Director of the NATO-accredited cyber defence hub says
that organizing Locked Shields is a huge responsibility to CCDCOE. “Our
Centre’s member nations have designated Locked Shields as the premier
annual training event for their top-tier national cyber defense teams.
Justifiably, the expectation is that each year Locked Shields is on the
cutting edge, challenging and superbly run world-class event. If our
member nations send us their absolute best for training, we do not
intend to disappoint, ” comments Col Tarien.
According to Carry Kangur, Head of Cyber Exercises at CCDCOE, this
years’ exercise had the opportunity to be planned mostly on-site and
less remote as the COVID-19 situation has eased. Additionally, there
were quite a few new partners introduced, which made organising the
whole exercise easier.
According to the scenario, a fictional island country located in the
northern Atlantic Ocean, Berylia, is experiencing a deteriorating
security situation as there have been a number of coordinated
cyberattacks against Berylian military and civilian IT systems. These
attacks have caused severe disruptions to the operation of government
and military networks, communications, water purification systems and
the electric power grid and eventually lead to public unrest and
protests. For the first time the exercise includes the simulation of a
reserve management and financial messaging systems of a central bank.
Additionally, a 5G Standalone mobile communication platform is deployed
as part of a critical infrastructure to give the first experience to
cyber defenders about upcoming technology change.
Locked Shields is a Red Team (RT) vs. Blue Team (BT) exercise with Teams
formed by member nations and partners of CCDCOE. In 2022 there are 24
BTs participating with an average of 50 experts in each team. The teams
take on the role of national cyber Rapid Reaction Teams that are
deployed to assist a fictional country in handling a large-scale cyber
incident with all its implications. The Exercise involves about 5500
virtualised systems that are subject to more than 8000 attacks. In
addition to securing complex IT systems, the participating teams must
also be effective in reporting incidents and solving forensic, legal,
media operations and information warfare challenges.
In total there are more than 2000 participants from 32 nations expected
to be involved in Locked Shields 2022. The exercise is organised by
CCDCOE in cooperation with NATO, Siemens; TalTech; Clarified Security;
Arctic Security; CR14. The Centre also acknowledges the unique elements
added to Locked Shields 2022 by Microsoft, the Financial Service
Information Sharing and Analysis Center (FS ISAC), SpaceIT, Fortinet.