Unlike the fictional world of "The Hunger Games," members of NATO participate in real-life, simulated cyber games. And while a bow and arrow and a side braid won't prevent the next global cyberattack, in time, these cyber defenders may do just that.
The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), a "multinational and interdisciplinary hub of cyber [defense]," created Locked Shield as a unifying cyber game for international cyber defense experts.
Though the annual event is carried out in a military-like manner, the point of Locked Shield is to help enable "participating nations to practice the entire chain of command in the event of a severe cyber incident involving both civilian and military players," said Aare Reintam, project manager of Technical Exercises at CCDCOE, in a statement.
Locked Shields 2018 took place from April 23 to 26 and was marked as the largest international "live-fire cyber [defense] exercise in the world," according to the CCDCOE. Cyber defenders around the world gathered to test their ability to defend critical IT infrastructure from the intensity of a real-time cyberattack.
The games were meant to shed light on an issue plaguing the public and private sector: The lack of transparency and dialogue among cybersecurity experts.
There is a level of privacy and purposeful secrecy to help protect an agency's own security. But that is not a sustainable practice when nation-state actors and soliciting hackers on the black market are gaining ground in malicious activities.
Based in Estonia, the CCDCOE was born in a heightened cyberthreat landscape amid the growing need for its defenses, something previous generations had very little need of. The knowledge cultivated in the CCDCOE, a military organization, is shared among NATO, NATO participants and partners within the cyber defense community.
Part of the organization's creativity is rooted in its ability to conduct cyber games with international participants. Preferred strategies among countries can be shared among allies. There is no ceremony when a team fails in the activity; each event is treated like a simulation — a learning experience. The participating cyber defenders still gain advance knowledge in preparation of another global cyberattack.
Play to win
This year, Locked Shields brought together more than 1,000 cybersecurity experts from 30 countries. There were 22 teams including teams from NATO and the EU, with NATO's team ultimately winning the games. The teams from France and the Czech Republic took second and third place, respectively.
The cyber games used 4,000 virtualized systems and featured over 2,500 cyberattacks. Each team had to address the attacks while maintaining over 150 "complex IT systems," according to the CCDCOE announcement.
But addressing the attacks defensively was not the only part of the exercise. Teams were also tasked with managing the natural aftermath of cyberattacks involving the forensic, legal and media implications.
The line between public and private sector cyber defenses is blurring, and rightfully so. Leaders in the private sector, including Microsoft President Brad Smith, are calling on the private sector to defend those incapable of defending themselves. Speaking at RSA in San Francisco earlier this month, Smith said, "by definition, it's our people who are the first responders."
Locked Shields wants nations to independently sharpen their defense skills but also share them with their cyber allies, resulting in an international, virtual chainmail against lurking threats.