Over 2000 Cyber Experts from 32 nations at the Locked Shields Exercise

During two days more than 2000 participants from 32 nations practise the protection of national IT systems and critical infrastructure under the pressure of a large-scale cyberattack at the annual live-fire cyber defence exercise Locked Shields. In addition to protecting numerous cyber-physical systems the participating teams practice tactical and strategic decision making, cooperation and the chain of command in a crisis situation where they also have to tackle forensic and legal issues and respond to information operations challenges.

The annual real-time network defence exercise is a unique opportunity for cyber defenders to practise protection of national IT systems and critical infrastructure under the pressure of a severe cyberattack.

Col Jaak Tarien, Director of the NATO-accredited cyber defence hub says that organizing Locked Shields is a huge responsibility to CCDCOE. “Our Centre’s member nations have designated Locked Shields as the premier annual training event for their top-tier national cyber defense teams. Justifiably, the expectation is that each year Locked Shields is on the cutting edge, challenging and superbly run world-class event. If our member nations send us their absolute best for training, we do not intend to disappoint, ” comments Col Tarien.

According to Carry Kangur, Head of Cyber Exercises at CCDCOE, this years’ exercise had the opportunity to be planned mostly on-site and less remote as the COVID-19 situation has eased. Additionally, there were quite a few new partners introduced, which made organising the whole exercise easier.

According to the scenario, a fictional island country located in the northern Atlantic Ocean, Berylia, is experiencing a deteriorating security situation as there have been a number of coordinated cyberattacks against Berylian military and civilian IT systems. These attacks have caused severe disruptions to the operation of government and military networks, communications, water purification systems and the electric power grid and eventually lead to public unrest and protests. For the first time the exercise includes the simulation of a reserve management and financial messaging systems of a central bank. Additionally, a 5G Standalone mobile communication platform is deployed as part of a critical infrastructure to give the first experience to cyber defenders about upcoming technology change.

Exercise Locked Shields is a Red Team (RT) vs. Blue Team (BT) exercise with Teams formed by member nations and partners of CCDCOE. In 2022 there are 24 BTs participating with an average of 50 experts in each team. The teams take on the role of national cyber Rapid Reaction Teams that are deployed to assist a fictional country in handling a large-scale cyber incident with all its implications. The Exercise involves about 5500 virtualised systems that are subject to more than 8000 attacks. In addition to securing complex IT systems, the participating teams must also be effective in reporting incidents and solving forensic, legal, media operations and information warfare challenges.

In total there are more than 2000 participants from 32 nations expected to be involved in Locked Shields 2022. The exercise is organised by CCDCOE in cooperation with NATO, Siemens; TalTech; Clarified Security; Arctic Security; CR14. The Centre also acknowledges the unique elements added to Locked Shields 2022 by Microsoft, the Financial Service Information Sharing and Analysis Center (FS ISAC), SpaceIT, Fortinet.

Additional information: [email protected]