Locked Shields 2019, the annual NATO Cooperative Cyber Defense Center of Excellence (CCDCOE) live-fire cyber exercise is underway until 12 April in Tallinn, Estonia, simulating an attack on vital services and critical infrastructure of a fictional island country, Berylia.
The exercise aims to highlight the increased need for a better functional understanding between various experts and decision-making levels. The organizers intend to integrate the technical and strategic game, enabling participating nations to practice the entire chain of command in the event of a severe cyber-incident, from strategic to operational level and involving both civilian and military capabilities.
The scenario entails Berylia experiencing a deteriorating security situation while the country conducts national elections. Various hostile events coincide with coordinated cyber-attacks against major civilian ITC systems. The attacks cause severe disruptions in the operation of water purification systems, the electric power grid, 4G public safety networks, maritime awareness capability, and other critical infrastructure components. The cyber-attacks also affect national perceptions of the election results, leading to public unrest.
The drill is billed as a “live-fire” event, which means all actions by six teams of competing network defenders will have immediate effects in the game-like environment.
Participants train as national cyber rapid reaction teams that are deployed to assist Berylia in handling a large-scale cyber-incident. While the aim of the tech game is to maintain the operation of various systems under intense pressure, the strategic part addresses the capability to understand national coordination mechanisms, law enforcement options, and strategic communication.
Locked Shields 2019 is organized by CCDCOE in cooperation with the Estonian Defense Forces, the Finnish Defense Forces, the United States European Command, National Security Research Institute of the Republic of Korea and TalTech. More than 1,000 international cybersecurity experts and decision makers will participate in the exercise.
Industry partners in the exercise include Siemens AG, Elisa, Cybernetica, Cisco, VTT Technical Research Centre of Finland Ltd, Arctic Security, Clarified Security, Iptron, Bytelife, BHC Laboratory, Bolt and many others.
Following a series of cyberattacks against Estonia’s financial sector and communications nodes in 2007, the country has become a leading cybersecurity force within the alliance. Estonian officials have blamed the Russian government for the attacks, which Moscow has denied.