Slashdot Mirror

← Back to Stories (view on slashdot.org)

NATO Holds Annual Cyber Defense Exercise

Posted by samzenpus on from the how-about-a-nice-game-of-chess? dept.

Bismillah writes about NATO's annual Locked Shields cyber defense exercises. "The Western European and North American mutual defence pact organisation NATO has concluded an annual cyber defence exercise, defending a fictitious network against incoming attacks. Called Locked Shields 2013, the exercise involved 250 people in eleven locations around Europe, under the auspices of the NATO Cooperative Cyber Defence Centre of Excellence (CCD-COE), the Finnish and Estonian Defence Forces and two government IT security organisations in the Baltic country."

7 of 41 comments (clear)

  1. Team members ... by Kittenman · · Score: 2

    FTFA ..."For two days the Red Team launched attacks against the Blue Teamsâ(TM) networks and they had to defend, report and keep their systems running. ...NATO's Blue Team were declared the winners of the this year's exercise."

    Would have been better to have the 'red team' made up of a bunch of hardened cyber criminals. Crackers, if you like. This sort of thing smacks of testing being done by developers.

    --
    "The greatest lesson in life is to know that even fools are right sometimes" - Winston Churchill
    1. Re:Team members ... by cheater512 · · Score: 5, Interesting

      Would have been better if the Red Team was the entire world.

      They could announce the IP block they would be using to the world and anyone could throw anything they wanted at it with no fear of prosecution.
      The Blue Team would then actually have a real challenge on their hands.

    2. Re:Team members ... by phantomfive · · Score: 2

      Sadly, your quote is about all the article says about what happened.

      For all we know, they were sitting there playing Core War all weekend. Which would be interesting, but perhaps not useful.

      --
      "First they came for the slanderers and i said nothing."
    3. Re:Team members ... by cheater512 · · Score: 2

      "They bludgeoned us to death with blunt hammers"

      If the test is there to actually learn stuff (and not just to tick a box) then testing whether sensitive networks are safe kinda means you have to plug them in to the internet.

      If it isn't a internet connected network then the headline should be "Breaking News: Completely isolated network deemed inaccessible from the Internet"

  2. The best form of defence is a good offence by OhANameWhatName · · Score: 5, Funny

    defending a fictitious network against incoming attacks

    I bet the network was named:

    Computer
    Hookup
    Imitating
    Network
    Attacks

    :)

  3. Re:Blue teams challenge.... by Gogo0 · · Score: 4, Interesting

    these things are usually conducted either from a valid account (lowest-level guest privs) or only physical access to a network asset -both from within the network boundary. there are plenty of outside attempts every day to determine if current boundary defenses are robust enough to keep out those who are trying to get in (not to say it couldnt be better).

    the point of these is indeed to test defenses, as there are people with teams (to varying degrees of effectiveness) assigned to every military network solely to defend their network through internal culture, device hardening, regular auditing, and other such preventative measures. the Red Teams are very few in number and most i've encountered have a high level of skill in their particular area and are good at weeding out even small but dangerous deficiencies.

    typically a red team exercise is also a secret to the target, so there is no opportunity to unplug the router until various monitoring systems detect something scary enough to make you want to do that. i dont like the idea of it being a known event, i've seen plenty of units "prepare" for a planned network security inspection by hiding things or patching deficiencies enough to hold them until after the inspection team has left. yes, people unplug stuff so the inspection team doesnt see it, its quite possible the same thing happens during this highly-publicized (and thus highly-political) NATO exercise, but that depends on the vigilance of those in charge of the information security program and the quality of their boss and their boss's boss (etc), many of whom would not risk a black eye for something as silly as network security (typically something that only receives focus when there is an exercise such as this).

  4. Re:Would have been better if... by hlavac · · Score: 4, Insightful

    Then some idiot brings a USB key he found on the parking lot :)