Locked Shields 2018: won the NATO blue team at the biggest cyberattack exercise on the planet

NATO's cyber blue team won Locked Shields 2018, the largest cyber-attack exercise in the world, in Tallin, Estonia, last week.

Organized by NATO's Center for Excellence in Defense Cooperation (CCD COE), the exercise committed participants to respond to and tackle high-intensity attacks on IT systems and critical infrastructure networks in an imaginary country, Berylia.

Under the leadership of the NATO Communications and Information Agency (NCI), the NATO "Blue Team" composed of 30 cyber specialists defended the Berylia power grid, 4G public safety networks, drone operations and other infrastructure Critics against 4.000 virtualized systems and over 2.500 attacks.

The exercise, which took place from 23 to 27 April, also served to teach commanders the strategic and political implications of the decisions made during a serious IT accident.

"Locked Shields success is not just about defending your networks, but also about working closely with other defense teams," said Ian West, head of computer security at the NCI agency.

Last year's practice of Locked Shields included 800 participants from 25 nations. This year's event hosted over 1.000 attendees from over 30 countries.

Computer exercises like Locked Shields are increasingly important for NATO, as the organization continues to define its role in responding to cyberattacks. Although NATO claimed that a cyberattack could trigger the 5 article, the defense clause, of the organization's constituent charter, it did not explicitly outline how to apply these conditions.

There is some concern across the community that NATO, as a large multinational organization, is not yet prepared to integrate the computing lessons learned in the alliance and move quickly to respond to threats.

As in any large institution, some have argued that there is an intrinsic disconnection between the supreme seat of the allied powers in Europe, CdE CCD and other relevant organizations, although coordination "is something that remains difficult to evaluate", according to Max Smeets, a fellow post-doctoral program at the Stanford University Center for International Security and Cooperation.

At the first USCYBERCOM / NSA symposium this year, Smeets explained that one participant claimed that "in cyberspace, it is not the big one who eats the baby, but the fast that eats the one who is slow. "If this is true, one might ask why NATO is focusing on cyberspace activities".

He added that "NATO" could effectively set up procedures to create a stronger and more collective response to cyberattacks, but if this involves slow funding, it may not be worth it in this area. "

Locked Shields 2018: won the NATO blue team at the biggest cyberattack exercise on the planet