Exercise for Training Offensive Cyber Operations Kicks Off!

The technical red teaming exercise Crossed Swords, focusing on experimentation with integrating kinetics and offensive cyber operations in the context of a modern battlefield, is executed for the 10th time today by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn.

Colonel Jaak Tarien, the director of the CCDCOE, stated that Crossed Swords provides a unique full-spectrum training session in the areas of cyber red teaming, penetration testing, digital forensics, and situational awareness.

“The goal is to build resilient defence by knowing the most current offensive tools and techniques,” Col Tarien said. He added that Crossed Swords tests the capabilities and practises the skills that participants would need when planning and executing a full-spectrum cyber operation, together with elements from other domains.

“To be as practical as possible, the exercise is more comprehensive than ever – for example including Cyber Command training in addition to technical direction,” said Col Tarien.

The exercise brings together around 100 participants from more than 21 countries, including NATO and non-NATO member states. The exercise is conducted from the exercise and training centre CR14.

Head of cyber exercises at the CCDCOE, Carry Kangur, said that the exercise uses realistic technologies and attack methods, and the scenario is inspired by events that have been seen in a range of situations.

“Together these constitute realistic threats to national security in the current environment and are exercised within the context of a fictional scenario,” Kangur added.

According to Kangur, another important change is that starting from this year the scenarios of Locked Shields – the biggest live-fire cyber exercise in the world run by the CCDCOE – and Crossed Swords will converge to provide more integrated and immersive training.

The exercise is organised by the CCDCOE in partnership with the Estonian Defence Forces, CR14, CERT.LV, Clarified Security, Stamus Networks, French Cyber Command, NCIS Cyber Division, NSHQ, TalTech and others.

The foundation CR14 was established early this year and is based on more than ten years of cyber range experience with cyberspace training, exercises, testing, validation and experimentation.

The CCDCOE is a NATO-accredited knowledge hub, research institution, and training and exercise facility. The Tallinn-based international military organisation focuses on interdisciplinary applied research, as well as consultations, training and exercises in the field of cyber security.

What does the scenario for this year’s Crossed Swords entail?

The scenario for this year entails regaining control of an internal security situation by means of policing and offensive cyber operations in Berylia. The exercise is based in the fictional state of Berylia, an island nation in the Atlantic Ocean roughly the size of Spain. Berylia is a parliamentary democracy, an associate member of the EU progressing towards full membership status and has ratified the Council of Europe Convention on Cybercrime. Approximately 300 km to the south of Berylia is the island of Crimsonia. It is roughly the size of the UK and has a similar climate to Berylia. Crimsonia is a weak parliamentary democracy with a very strong political oligarchy and is not well regarded by the international community.

Additional information: [email protected]