Locked Shields is an annual cyber defence game based in Estonia, and puts teams from NATO member states in the position of defending a fictional island against a sustained cyber attack across a range of vital systems.
According to the game scenario, the fictional country of Berylia suffers coordinated cyber attacks against its major internet service provider and a military airbase. The attacks cause severe disruptions to the electric power grid, 4G public safety networks, drone operations and other critical infrastructure components.
One 'Red Team' of attackers attempt to hack into the systems defended by the 22 'Blue Teams' of defending IT experts, which play the role of national rapid reaction teams deployed to assist the fictional country in handling a large-scale cyber incident. The Blue Teams mostly consist of national military and civilian cyber security experts. The organisers of the exercise gather in Estonia's capital Tallinn, while the Blue Teams have online access from their home nations.
The exercise involves more than 1,000 security experts from 30 nations, around 4,000 virtualised systems and more than 2,500 attacks altogether. As well as protecting the infrastructure, the Blue Teams must also solve forensic and legal challenges and deal with requests from the in-game media.
Aare Reintam, project manager of technical exercises at the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), which organised the event, said it reached a new level of complexity this year: "Considering the real-world cyber threats at national level, the training audience has a unique opportunity to practice the defence of a large-scale power grid control SCADA system and substations, 4G public safety network for law enforcement and emergency communication, PLC-controlled water purification plant, and military surveillance drone and ground station controlling the drone operations."
CCDCOE said that, to tackle the threats that are worrying NATO members most at the moment, the exercise focuses on the protection of vital services and critical infrastructure. Governments are increasingly concerned about the potential damage that cyberwarfare could do to their critial infrastructure.
A team from NATO itself came top in the exercise; the French team was the runner-up, while the Czech team came third.
"Locked Shields exercise enables teams to practice solving cyber incidents in the most complex and intense playground possible. To build resilience against cyber attacks against our critical infrastructure, such as power supply or telecommunications, we need to understand both the technical and strategic challenges that entails," said Merle Maigre, Director of the NATO-accredited cyber defence hub.