A giant cyber-defence exercise has pitted teams from NATO nations against mysterious hackers trying to cause chaos during the elections of a small, fictional, country.
The aim of the annual Locked Shields exercise is to give teams the chance to practice protection of national IT systems and critical infrastructure under the intense pressure of a severe cyberattack.
The event is organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), which describes the event as the largest and most advanced international live-fire cyber exercise in the world.
According to the Locked Shields scenario, the fictional island country of Berylia finds itself under a cyberattack just as the country is conducting national elections. The coordinated attacks aim to disrupt water purification systems, the electric power grid, 4G public-safety networks, and other critical infrastructure components. The cyberattacks also attempt to undermine the trust in the election result – leading to public unrest.
The teams play the role of a national cyber rapid-reaction team deployed to assist Berylia in dealing with the attacks. In addition to maintaining nearly 4,000 virtualised systems while being hit with more than 2,500 attacks, the teams must report incidents, make strategic decisions, solve forensic and legal challenges, and deal with requests from the in-game media.
While the aim of the tech game is to maintain the operation of various systems under intense pressure, there is also a linked strategy game, which allows teams to deal with the broader impact of a cyberattack, including law enforcement and communications.
While the organisers of the exercise are in Tallinn, Estonia, the participating Blue Teams play from their home bases.
"Locked Shields allows teams to practice solving cyber incidents in the most complex and intense playground possible. To build resilience against cyberattacks against our critical infrastructure, such as power supply or telecommunications, we need to understand both the technical and strategic challenges," said Colonel Jaak Tarien, director of the NATO-accredited cyber-defence hub.
According to Lauri Luht, head of Cyber Exercises at CCDCOE, the exercise this year has tackled more complex attacks: "Considering the real-world cyber threats at national level, the training audience has a unique opportunity to practice the defence of a large-scale power grid control system and power-generating substations, and 4G public-safety network for law enforcement and emergency communication."
This year's exercise was won by the team from France, with the Czech and Swedish teams taking second and third place respectively.