NATO Team Wins Cyber Defence Exercise

NATO has flexed its cyber defence muscles after winning an annual exercise last week that simulated incoming cyber attacks.

The international cyber defence exercise, dubbed Locked Shields 2013 took place over two days last week, and involved some 250 people in 11 locations all over Europe.

Cyber-Attack Exercise

Locked Shields 2013 simulated – in a virtual environment – a cyberattack on a real-time network by the red team (i.e. the hackers), against ten different blue teams from Estonia, Finland, Lithuania, Germany, Holland, Italy, Poland, Spain, Slovakia and NATO.

The exercise is an annual event and took place on the premises of NATO Cooperative Cyber Defence Centre of Excellence located in Tallinn, Estonia. The centre was also  one of the organisers of the exercise, along with the Finnish Defence Forces, Estonian Defence Forces, Estonian Cyber Defence League and Estonian Information Systems’ Authority.

Security specialists such as Cisco, Clarified Networks, Clarified Security and Bytelife offered technical support.

The idea behind the exercise is to train IT personnel on how to detect and mitigate large-scale cyber attacks and handle incidents. The organisers stressed that although the scenario of the exercise was fictitious and the events took place in a specially built environment, the attack and defence methods used are from the real life.

So who won? Well according to the official results, the NATO blue team achieved the top spot and won the Locked Shields cyber defence exercise.

“It is good to see that the Blue Teams have really prepared well for this year’s exercise and the opposing team had to work a lot harder to keep the difficulty level high for the defenders,” said Jaan Priisalu, White Team leader and Director General of the Estonian Information Systems’ Authority. “This is a highly positive sign because it shows that the teams take the exercise very seriously and also that they are learning from the best practises and lessons from previous years.”

“The exercise has come a long way since the first event in 2008 and the fact that the teams are improving shows that the exercises do what they were developed for, namely train the IT specialists to work together and enhance their skills,” noted Colonel Artur Suzik, Director of the NATO Cooperative Cyber Defence Centre of Excellence. “I firmly believe that we owe the success of the exercise to our partners without whom this event could not take place and we are hoping to cooperate with all of them again for the Locked Shields 2014.”

Growing Threat?

The threat posed by cyberattacks is very much in the limelight at the moment. Last week, Eugene Kaspersky, chief of the Russian security firm Kaspersky Labs, warned British government officials of the “catastrophic” consequences of a cyber attack on the UK population. He has also previously backed calls for a cyber weapons non-proliferation treaty, akin to the 1970 agreement that sought to stop nations building nuclear arms.

The Kaspersky warning came just after the head of information security at the Ministry of Defence (MoD) Adrian Price said that a cyber attack could lead to the downfall of the UK government. He told TechWeekEurope he was not over-hyping the threat.

The government has been accused in the past of over-hyping the cost and consequences of cyber attacks. For example it sponsored a piece of Detica research which put the cost of cyber crime to the UK at £27 billion a year and continues to cite the figure, even though other sources say the actual cost is far lower.

According to Price, the biggest threats to the UK are other nation states and terrorist groups, while hacktivists are another, lesser danger. Recent reports suggest that China is the biggest source of advanced cyber attacks.

What do you know about Internet security? Find out with our quiz!