Results: NATO’s 2021 Cyber War Game

The team from Sweden ranked highest at the largest and most complex international live-fire cyber defence exercise Locked Shields 2021. Blue Teams from Finland and the Czech Republic took second and third place respectively.

The importance of international collaboration in cyber security has become increasingly evident and the 2021 exercise highlighted the growing need to enhance dialogue between technical experts, civil and military participants and decision-making levels.

The event was organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) based in Tallinn, Estonia. The CCDCOE integrates the technical and strategic game, enabling participating nations to practice the entire chain of command in the event of a severe cyber incident involving both civilian and military players.

 For the first time, the exercise also included satellite mission control systems needed to provide real time situational awareness to facilitate military decision-making. 

Military cyber security specialists play-out the largest cyber war game in the world, that used a fictional NATO member state of Berylia that came under attack. The scenario was based on an attack on the fictional country of Berylia and an adversary called Crimsonia that is creating some artificial islands.

In the exercise, non-NATO member “Crimsonia” attacks vital infrastructure such as water supplies and mobile networks on the island state of “Berylia,” as well as the financial sector.  In addition to maintaining more than 150 complex IT systems per team, the Blue Teams had to be efficient in reporting incidents, executing strategic decisions, solving forensic, legal and media challenges and dealing with hostile information operations. Crimsonia is also engaging in information warfare, persuading the people of Berylia that their government is responsible for a series of accidents through fake news and social media posts.

Understanding the interdependencies of national IT systems is at the heart of protecting a nation under a massive cyber attack.

The exercise tested NATO allies and other states’ abilities to protect vital services and critical infrastructure. Technical and strategic games will facilitate participating nations with whole-command-chain rehearsals in the context of a major cyber incident, affecting both military and civilian systems.

Merle Maigre, head of government relations at CybExer Technologies commented that “The exercise scenario consolidates a number of real-life situations and follows recent threat trends which show that cyber criminals are targeting vital service providers more and more often... Our critical information infrastructure companies will be extremely vulnerable in a situation where long supply chains, unclear procurement mechanisms and, more often than not, saving pennies will result in purchasing security solutions from the countries whose software and developers we never see, know or monitor.”

More than 2000 participants from 30 nations test and train their entire chain of command in the event of a severe cyber incident, ranging from the strategic to the operational and tactical levels and involving both civilian and military capabilities.

Reflecting real world cyber threats, the exercise deals with the protection of vital services and critical infrastructure that are fundamental for modern societies to operate, including critical information infrastructure, power and water supply and national defence systems.

The exercise was taking place alongside a real-world cyber defense conference in Tallinn at which NATO Deputy Secretary-General Mircea Geoana on Thursday 15th April warned that the pandemic has made countries more vulnerable to cyber attacks. “Russia and China have tried to use the COVID-19 crisis to exploit vulnerabilities, including those in cyberspace, with cyber-enabled disinformation campaigns, designed to sow distrust and division in our democratic societies,” he said.

“Congratulations to the teams, whose strategy proved to be the best, however every single participating team is a winner for tackling the unrivaled complex cyber challenges of Locked Shields exercise,” said Carry Kangur, Head of Cyber Exercises at the CCDCOE. “This year the exercise involved in total more than 5000 virtualised systems that had to be defended against over 4000 attacks.

CCDOE:   e-Estonia:     The Defense Post:       European Defence Agency:      Sky:     I-HLS:      

You Might Also Read: 

NATO Live-Fire Cyber Exercise

 

« Trump's Family Get Blocked On Facebook
Maritime Cyber Security Has Missing Parts »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

aizoOn Technology Consulting

aizoOn Technology Consulting

aizoOn is a technology consulting company offering a range of services including IoT & embedded security, mobile security, cybersecurity assessments, risk & compliance, network monitoring and more.

TitanFile

TitanFile

TitanFile is an award-winning, easy and secure way for professionals to communicate without having to worry about security and privacy.

MobileIron

MobileIron

MobileIron provides EMM capabilities to IT organizations that need to secure mobile devices, applications and content.

Xcitium

Xcitium

Xcitium (formerly Comodo) is and industry leading provider of state-of-the-art endpoint protection solutions. Our Zero threat platform isolates and removes all ransomware & malware infectictions.

Fastpath

Fastpath

Fastpath deliver software solutions that enable you to take control of your security, compliance and risk management initiatives.

Digital Hands

Digital Hands

Digital Hands is an award-winning managed security services provider.

SEWORKS

SEWORKS

SEWORKS provides offensive and defensive app security that ensures mobile and web apps are safe from dangerous hacking threats.

SlashNext

SlashNext

The SlashNext Internet Access Protection System (IAPS) provides Zero-Day protection against all internet access threats including Social Engineering & Phishing, Malware, Exploits and Callback Attacks.

Trustlook

Trustlook

Trustlook's SECUREai engine delivers the performance and scalability needed to provide total threat protection against malware and other forms of attack.

Tessian

Tessian

Tessian (formerly CheckRecipient) is a next-generation email security platform that helps enterprises counteract human error and significantly reduce the risk of data loss.

Computer Forensics Consult (CFC)

Computer Forensics Consult (CFC)

Computer Forensics Consult provides disaster recovery, computer forensics, electronic discovery and litigation support services in the growing area of Cyber Security.

H3Secure

H3Secure

H3 Secure focuses on Secure Data Erasure Solutions, Mobile Device Diagnostics and Information Technology Security Consulting.

Socure

Socure

Socure’s identity verification increases auto approval rates, reduces false positives and captures more fraud. In real time.

Agile Underwriting

Agile Underwriting

Agile, an underwriting agency, insurtech and Coverholder at Lloyd's, provides niche insurance products across Aviation, Marine & Cargo, Cyber and Financial Lines.

Spyderbat

Spyderbat

Spyderbat ATI closes the manual investigation gap between detection and response by instantly presenting causally connected threat activity to security analysts at the onset of an investigation.

Information Systems Security Association (ISSA)

Information Systems Security Association (ISSA)

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.