World’s largest cyber defence exercise takes place in Estonia

Locked Shields 2017, the largest cyber defence exercise in the world, is taking place this week. The event was organised by the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia.

The exercise involves around 800 participants from 25 nations. Participants include security experts who protect national IT systems, policy officers and legal advisors from NATO Allies and Partners.

According to the exercise scenario, experts will have to defend the services and networks of a military air base of a fictitious country, against cyber-attacks targeting the base’s electric power grid system, drones, military command and control systems and other infrastructure.

More than 2500 cyber-attacks will be simulated. While IT experts will train to defend computer networks and handle legal and forensic challenges, policy officers will exercise their decision-making procedures.

The exercise takes place in cooperation with the Estonian Defence Forces, the British Army, the United States European Command, the Finnish Defence Forces, the Swedish Defence University, and Tallinn University of Technology. Industry partners are also closely involved.

In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. The largest part of the attacks were coming from Russia and from official servers of the authorities of Russia.

In the attack, ministries, banks, and media were targeted. This attack on Estonia, a seemingly small Baltic nation, was so effective because of how most of the nation is run online. Estonia has implemented an e-government, where bank services, political elections and taxes are all done online.This attack really hurt Estonia’s economy and the people of Estonia.

At least 150 people were injured on the first day due to riots in the streets.

In the US, General Keith B. Alexander, first head of the recently formed USCYBERCOM, told the Senate Armed Services Committee that computer network warfare is evolving so rapidly that there is a “mismatch between our technical capabilities to conduct operations and the governing laws and policies”.

“Cyber Command is the newest global combatant and its sole mission is cyberspace, outside the traditional battlefields of land, sea, air and space. It will attempt to find and, when necessary, neutralise cyberattacks and to defend military computer networks.”

Alexander sketched out the broad battlefield envisioned for the computer warfare command, listing the kind of targets that his new headquarters could be ordered to attack, including “traditional battlefield prizes – command-and-control systems at military headquarters, air defence networks and weapons systems that require computers to operate.”

One cyber warfare scenario, Cyber ShockWave, which was wargamed on the cabinet level by former American administration officials, raised issues ranging from the US National Guard to the power grid to the limits of statutory authority.

Examples of cyberwarfare driven by political motivations can be found worldwide. In 2008, Russia began a cyber attack on the Georgian government website, which was carried out along with Georgian military operations in South Ossetia. In 2008, Chinese ‘nationalist hackers’ attacked CNN as it reported on Chinese repression on Tibet.

Jobs in cyberwarfare have become increasingly popular in the military. The United States Navy actively recruits for cyber warfare engineers for example.