NATO Holds Annual Cyber Defense Exercise

← Back to Stories (view on slashdot.org)

NATO Holds Annual Cyber Defense Exercise

Posted by samzenpus on Sunday April 28, 2013 @03:02PM from the how-about-a-nice-game-of-chess? dept.

Bismillah writes about NATO's annual Locked Shields cyber defense exercises. "The Western European and North American mutual defence pact organisation NATO has concluded an annual cyber defence exercise, defending a fictitious network against incoming attacks. Called Locked Shields 2013, the exercise involved 250 people in eleven locations around Europe, under the auspices of the NATO Cooperative Cyber Defence Centre of Excellence (CCD-COE), the Finnish and Estonian Defence Forces and two government IT security organisations in the Baltic country."

21 of 41 comments (clear)

Min score:

Reason:

Sort:

Team members ... by Kittenman · 2013-04-28 15:25 · Score: 2

FTFA ..."For two days the Red Team launched attacks against the Blue Teamsâ(TM) networks and they had to defend, report and keep their systems running. ...NATO's Blue Team were declared the winners of the this year's exercise."

Would have been better to have the 'red team' made up of a bunch of hardened cyber criminals. Crackers, if you like. This sort of thing smacks of testing being done by developers.

--
"The greatest lesson in life is to know that even fools are right sometimes" - Winston Churchill
1. Re:Team members ... by cheater512 · 2013-04-28 16:00 · Score: 5, Interesting
  
  Would have been better if the Red Team was the entire world.
  They could announce the IP block they would be using to the world and anyone could throw anything they wanted at it with no fear of prosecution.
  The Blue Team would then actually have a real challenge on their hands.
2. Re:Team members ... by phantomfive · 2013-04-28 16:02 · Score: 2
  
  Sadly, your quote is about all the article says about what happened.
  
  For all we know, they were sitting there playing Core War all weekend. Which would be interesting, but perhaps not useful.
  
  --
  "First they came for the slanderers and i said nothing."
3. Re:Team members ... by Fluffeh · 2013-04-28 17:07 · Score: 1
  
  Would have been better if the Red Team was the entire world.
  They could announce the IP block they would be using to the world and anyone could throw anything they wanted at it with no fear of prosecution.
  The Blue Team would then actually have a real challenge on their hands.
  And how on earth are the good (Blue Team) guys going to win in this sort of scenario?
  The point of this whole setup is as much to say "Our defences are good. We have nothing to worry about" as it is to test for some abvious intrusion method or problem. If they run this in a test, then get hammered in a months time then they can say (with legitimacy hehe) "The ememy used a SOPHISTICATED! attack method..." which we were totally unprepared for.
  
  --
  Moved to http://soylentnews.org/. You are invited to join us too!
4. Re:Team members ... by cheater512 · 2013-04-28 17:15 · Score: 2
  
  "They bludgeoned us to death with blunt hammers"
  If the test is there to actually learn stuff (and not just to tick a box) then testing whether sensitive networks are safe kinda means you have to plug them in to the internet.
  If it isn't a internet connected network then the headline should be "Breaking News: Completely isolated network deemed inaccessible from the Internet"
5. Re:Team members ... by im_thatoneguy · 2013-04-28 20:04 · Score: 1
  
  I suspect what would happen is that there would be a DDOS attack on day one and the whole exercise would be pointless since the only thing compromised would be the internet gateways to those IPs.
6. Re:Team members ... by cheater512 · 2013-04-29 10:41 · Score: 1
  
  So....they failed.
  We can't have that can we?
Would have been better if... by Anonymous Coward · 2013-04-28 15:36 · Score: 1

Blue teams servers were on a private network not accessible to Red Team, then they'd be network professionals.
If there's no battlefield, there's no battle.
1. Re:Would have been better if... by hlavac · 2013-04-28 22:59 · Score: 4, Insightful
  
  Then some idiot brings a USB key he found on the parking lot :)
joshua by Joe_Dragon · 2013-04-28 16:02 · Score: 1

do you want to play a game?
The best form of defence is a good offence by OhANameWhatName · 2013-04-28 16:21 · Score: 5, Funny

defending a fictitious network against incoming attacks
I bet the network was named:

Computer
Hookup
Imitating
Network
Attacks

:)
1. Re:The best form of defence is a good offence by freezin+fat+guy · 2013-04-29 02:04 · Score: 1
  
  that or
  Intelligence
  Seeking
  Root
  Access
  Extraction
  Line
Cyber Defense Exercises by Anonymous Coward · 2013-04-28 17:05 · Score: 1

1) Ethernet Jacks
2) 50 Yard Dashboard
3) Calves and Quadricores
4) Weights and Load Balancing
5) Integrated Circuit Training
A hackathon? by AtomicSymphonic · 2013-04-28 18:21 · Score: 1

So this is essentially a hackathon? Please, correct me if I am wrong...
1. Re:A hackathon? by hene · 2013-04-28 19:52 · Score: 1
  
  No! It was coordinated exercise. Like NATO newer publicly admitted if red team had won.
Re:Blue teams challenge.... by Gogo0 · 2013-04-28 19:28 · Score: 4, Interesting

these things are usually conducted either from a valid account (lowest-level guest privs) or only physical access to a network asset -both from within the network boundary. there are plenty of outside attempts every day to determine if current boundary defenses are robust enough to keep out those who are trying to get in (not to say it couldnt be better).

the point of these is indeed to test defenses, as there are people with teams (to varying degrees of effectiveness) assigned to every military network solely to defend their network through internal culture, device hardening, regular auditing, and other such preventative measures. the Red Teams are very few in number and most i've encountered have a high level of skill in their particular area and are good at weeding out even small but dangerous deficiencies.

typically a red team exercise is also a secret to the target, so there is no opportunity to unplug the router until various monitoring systems detect something scary enough to make you want to do that. i dont like the idea of it being a known event, i've seen plenty of units "prepare" for a planned network security inspection by hiding things or patching deficiencies enough to hold them until after the inspection team has left. yes, people unplug stuff so the inspection team doesnt see it, its quite possible the same thing happens during this highly-publicized (and thus highly-political) NATO exercise, but that depends on the vigilance of those in charge of the information security program and the quality of their boss and their boss's boss (etc), many of whom would not risk a black eye for something as silly as network security (typically something that only receives focus when there is an exercise such as this).
Re:And the winner is by Errol+backfiring · 2013-04-28 21:09 · Score: 1

ARPAnet?

--
Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
Re:Your tax dollars at waste by Korruptionen · 2013-04-29 00:35 · Score: 1

Dan Dreiberg: What happened to us? What happened to the American Dream?
Edward Blake: "What happened to the American Dream?" It came true! You're lookin' at it...
Re:Your tax dollars at waste by LordNelsonthe2nd · 2013-04-29 01:39 · Score: 1

You mean an average of two "fuck" per sentence, or did the post contain more than that? It seems that word has substantial meaning to the poster ;)
Re:Magic missile. by zlives · 2013-04-29 06:22 · Score: 1

though not related, it did make me laugh, also grey eyes
Blue team wins by manu0601 · 2013-04-29 14:42 · Score: 1

The blue team win. I am surprised that network can be secured against determined state-sponsored attacker. I suspect red team did not try very hard.