Europe, Canada, USA, Australia, and others are now running training exercises to prepare for the outbreak of cyberwar. Locked Shields is the largest simulation and we take you inside.
Berylia is under attack. Again. The island nation, located somewhere in the cold waters of the Atlantic Ocean, relies on its state-of-the-art drone industry for a large part of its income. But recently its drone research labs have come under cyber attack from unknown assailants, forcing Berylia to deploy rapid-reaction teams of security experts to its labs, under orders to find out what’s happening, and to stop the attacks as quickly as possible.
Over two hectic days, the teams will have to battle against mounting attacks on their systems, hijacking of their drones, and questions from a sometimes hostile press.
And it’s not the first time Berylia has come under attack: strangely these cyber onslaughts happen every year at around the same time. And these incursions won’t be the last time the country comes under attack either, because the fictional drone-building country is the setting for the NATO annual cyber defence wargame, Locked Shields.
The exercise is run from Estonia by NATO’s cyberwarfare think tank, the Cooperative Cyber Defence Centre of Excellence (CCD COE). The annual event, which has been running since 2010, aims to train the security experts who protect national IT systems on a daily basis. While the exact scenario changes every year, the setting—the embattled Berylia—remains the same, and arch-rival Crimsonia often makes an appearance too.
Berylia might be a fictional state, but Estonia itself has first hand experience of these sort of digital attacks: back in 2007 its banks and government systems suffered weeks of disruption from hackers after Estonian authorities proposed moving a Soviet war memorial. Russia denied any involvement in the attacks, but the incident accelerated plans for the formation of the NATO’s cyber think tank, located in the Estonian capital, Tallinn.
This year Locked Shields saw more than 1,700 attack carried out against 1,500 virtualised systems being protected by 20 teams, which separately had to defend online services and industrial control systems against real malware and digital attacks.