Locked Shields is a unique international cyber defence exercise offering the most complex technical live-fire challenge in the world
This annual exercise, organised by CCDCOE since 2010, enables cyber security experts to enhance their skills in defending national IT systems and critical infrastructure under real-time attacks. The focus is on realistic scenarios, cutting-edge technologies and simulating the entire complexity of a massive cyber incident, including strategic decision-making, legal and communication aspects.
It is a Red team vs. Blue Team exercise, where the latter are formed by member nations of CCDCOE. The participating Blue Teams play the role of national rapid reaction teams that are deployed to assist a fictional country in handling a large-scale cyber incidents and all their multiple implications. In addition to maintaining around 4000 virtualised systems while experiencing more than 2500 attacks, the teams must be effective in reporting incidents, executing strategic decisions and solving forensic, legal and media challenges. To keep up with technology developments, Locked Shields focuses on realistic scenarios and cutting-edge technologies, relevant networks and attack methods.
New Challenges in 2019
This year, Locked Shields introduced new challenges, technologies and specialised systems. In 2019 the exercise was highlighting the need for improved dialogue between experts and decision-makers. For that purpose, the CCDCOE integrated the technical and strategic game, enabling participating nations to practise the entire chain of command in the event of a severe cyber incident, from strategic to operational level and involving both civilian and military capabilities. Reflecting real world cyber threats, the exercise addressed the protection of vital services and critical infrastructure. Many of the business IT-systems and military relevant systems used in the exercise were taken to a new level of complexity as compared to last year, for example the power distribution system had this year also power generation component.
According to the scenario, a fictional country, Berylia, was experiencing a deteriorating security situation, where a number of hostile events coincide with coordinated cyber attacks against a major civilian internet service provider and maritime surveillance system. The attacks caused severe disruptions in the power generation and distribution, 4G communication systems, maritime surveillance, water purification plant and other critical infrastructure components. While the aim of the tech game was to maintain the operation of various systems under intense pressure, the strategic part addresses the capability to understand the impact of decisions made at the strategic and policy level.
More than 1200 experts from nearly 30 nations took part in Locked Shields 2019. While the organisers of the exercise gathered in Tallinn, Estonia, the participating Blue Teams set up secure online access from their nations. The French team emerged as the winner of Locked Shields 2019.