Cyber Defence Exercise Focuses on Responsive Cyber Defence Scenario

Crossed Swords 2017, the technical red teaming cyber defence exercise of the NATO Cooperative Cyber Defence Centre of Excellence, focused on developing the tactical execution skills in a responsive cyber defence scenario. Taking place earlier this month, the exercise included an element of cyber-kinetic engagement for the first time in such setting.

“The scenario was based on a military cyber operation. Penetration testers, digital battlefield professionals and members of Special Forces were tasked with regaining control over a specific military system. This one-of-the kind cyber-kinetic engagement meant that Special Forces were used to retrieve physical evidence, including electronic equipment and data storage devices, as they would in a realistic mission in cooperation with battlefield digital forensics professionals,” explained Aare Reintam, exercise director at the NATO CCD COE.

“Technical cyber defence exercises typically train information system defence. However, this can only be done with a real-time deployment of opposing force played by security specialists and penetration testers. These professionals, usually known as the Red Team, are the focus of Crossed Swords,” said Reintam.

Crossed Swords is the sister exercise of Locked Shields, the world’s largest and most advanced international technical cyber defence exercise. It focuses on training penetration testers, digital forensics professionals, situational awareness experts and monitoring specialists that fill the role of the attacking team at Locked Shields. Crossed Swords 2017 trained evidence gathering and information analysis for technical attribution as well as identifying and stopping malicious activities.

The exercise was organized by the NATO Cooperative Cyber Defence entre of Excellence, a knowledge hub, exercise and training facility in Tallinn. Several NATO CCD COE member nations, US EUCOM, High Tech Crime Institute, Cymmetria, SpectX, BHC Laboratory, Tallinn University of Technology and others contributed expertise and technology.

The NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE) is a community of nations providing a 360-degree look at cyber defence, with expertise in the areas of technology, strategy, operations and law. The Tallinn-based international military organisation focuses on interdisciplinary applied research, consultations, training and exercises in the field of cyber security. The heart of the NATO Cooperative Cyber Defence Centre of Excellence is a diverse group of international experts from military, government and industry backgrounds.

The Centre is staffed and financed by its sponsoring nations and contributing participants. As of October 2016, Belgium, the Czech Republic, Estonia, France, Germany, Greece, Hungary, Italy, Latvia, Lithuania, the Netherlands, Poland, Slovakia, Spain, Turkey, the United Kingdom and the United States are signed on as Sponsoring Nations of the NATO Cooperative Cyber Defence Centre of Excellence. Austria and Finland have become Contributing Participants.