“The world now is generally more aware of cyber threats, we talk about these issues now more than ever before and awareness is the first big step towards preparedness.”
The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), based in Tallinn, Estonia, annually holds the world’s largest global live-fire cyber defence exercise Locked Shields. This year’s event was already 12th in the running, with more than 2000 participants from 32 nations.
It’s a real-time network defence exercise in the format of Red Team versus Blue Team. It’s a unique opportunity for cyber defenders to practise protection of national civilian and military IT systems, and critical infrastructure in a large-scale cyber-attack.
Partners help prepare the exercise
However, a successful exercise on such a scale also requires a trial, and this is known as a Partner Run. The aim of the trial is to prepare the cyber range for the actual exercise, where the scenario is about a fictional island country called Berylia, located in the northern Atlantic Ocean. In the scenario, Berylia was experiencing a deteriorating security situation due to a number of coordinated cyber-attacks, disrupting the operation of government, military networks, communications, water purification systems, and the electric power grid.
To help the complex scenario be a success, a number of partners help the CCDCOE play it through before the main event. Together with the University of Tartu, security engineers from our Cybersecurity Department took part in both, the trial run as well as the main event.
Cybernetica's Cybersecurity Department
Getting ready for the unknown
At Cybernetica for 25 years we have been helping countries around the world build secure digital services to provide user friendly and accessible services to citizens. However, the other side of user-friendliness is, of course, reliance on digitalisation, and such services must be compliant with the highest level of security. Nowadays, even the smallest things have a digitalisation component from power grids to banking to travel, and every country has the responsibility to prepare for the worst when these services should become compromised.
“The crises that the world has been experiencing these past few years have had at least one silver lining, too,” says Sander Valvas, Head of Cybersecurity Department at Cybernetica. “The world now is generally more aware of cyber threats, we talk about these issues now more than ever before and awareness is the first big step towards preparedness,” says Valvas.
Exercises like Locked Shields help practice the protection of a country’s critical infrastructure, from defence systems to power and heating, water purification, and websites like access to news and vital information. They also help develop teamwork, and not only on the technical team level, but working together between NATO member states in emergency situations.
According to our Security Engineer Urmas Kvell, the experience was positively challenging in terms of both, the technical skills as well as leadership and teamwork.
The winners of Locked Shields 2022 were Finland, Lithuania-Poland joint team, and Estonia.