Locked Shields Annual Cyber Defense Exercise

Summary

This annual exercise, organised by CCDCOE since 2010, enables cyber security experts to enhance their skills in defending national IT systems and critical infrastructure under real-time attacks. The focus is on realistic scenarios, cutting-edge technologies and simulating the entire complexity of a massive cyber incident, including strategic decision-making, legal and communication aspects.

It is a Red team vs. Blue Team exercise, where the latter are formed by member nations of CCDCOE. The participating Blue Teams play the role of  national rapid reaction teams that are deployed to assist a fictional country in handling a large-scale cyber incidents and all their multiple implications. In addition to maintaining around 4000 virtualised systems while experiencing more than 2500 attacks, the teams must be effective in reporting incidents, executing strategic decisions and solving forensic, legal and media challenges. To keep up with technology developments, Locked Shields focuses on realistic scenarios and cutting-edge technologies, relevant networks and attack methods.

Since 2019, the exercise has been highlighting the need for improved dialogue between experts and decision-makers.

Details

Locked Shields 2019 was organised by CCDCOE in cooperation with the Estonian Defence Forces, the Finnish Defence Forces, the United States European Command, National Security Research Institute of the Republic of Korea and TalTech. Industry partners in the exercise include Siemens AG, Elisa, Cybernetica, Cisco, Threod Systems, VTT Technical Research Centre of Finland Ltd, Arctic Security, Clarified Security, Iptron, Bittium, STM, Bytelife, BHC Laboratory, and many others.

Locked Shields 2020 was cancelled in response to the COVID-19 pandemic.

Locked Shields 2021 was organised by CCDCOE in cooperation with NATO Communications and Information Agency, the Estonian Ministry of Defence, the Estonian Defence Forces, Siemens, Ericsson, TalTech, CR14, Bittium, Clarified Security, Arctic Security, Cisco, Stamus Networks, SpaceIT, Sentinel, the Financial Service Information Sharing and Analysis Center (FS-ISAC), US Defense Innovation Unit, Microsoft, Atech, Avibras, SUTD iTrust Singapore, The European Centre of Excellence for Countering Hybrid Threats, NATO Strategic Communications Centre of Excellence, European Defence Agency, Space ISAC, the US Federal Bureau of Investigation (FBI), STM, VTT Technical Research Centre of Finland Ltd, NATO M&S COE and PaloAlto networks.