NATO Cyber Exercise Proceeds Against Backdrop of Ukraine War
This year’s ‘Locked Shields’ war game has participants fighting off simulated hacks on power grids and financial-messaging systems
A large NATO cyber exercise taking place this week includes simulated attacks on power grids and financial-messaging systems, with Ukrainian experts taking part.
Ukrainian and U.S. cyber defense experts are participating on the same team in this year’s Locked Shields exercise, which began Tuesday and is organized by the North Atlantic Treaty Organization’s Cooperative Cyber Defence Centre of Excellence. Participants from NATO countries, as well as from allies including South Korea, Brazil, Finland and Sweden, are defending systems set up for the exercise against attacks modeled on actual ones.
This year’s Locked Shields exercise doesn’t feature cyberattacks that mimic recent Russian hacking in Ukraine because the scenarios were planned before the Feb. 24 invasion, said Jaak Tarien, director of the Estonia-based NATO center.
Details of the simulations aren’t public, but some scenarios reflect concerns related to the war in Ukraine. For the first time, the exercise includes attacks on a power grid, a previous target of Russian hackers there, he said.
Ukraine has been the object of cyber tactics going back to 2014, Mr. Tarien said. But since Russia invaded its neighbor, “Ukraine is surprising Russia and us, the free world, both in physical warfare and in cyberwarfare in that they’re much better than anyone expected.”
Russia has repeatedly denied any involvement in cyber intrusions in Ukraine or elsewhere.
The Financial Services Information Sharing and Analysis Center, an industry group that aims to mitigate cyber threats in the sector, along with some top global firms, helped plan the financial part of Locked Shields exercises. Participants will have to defend against mock cyber-attacks on their reserve management and financial-messaging systems.
“It’s about the daily financial life of society, which is critical to peaceful, safe life. It’s got a business focus instead of a technical focus,” said Steven Silberstein, chief executive of FS-ISAC.
Just before Russia’s invasion, websites of Ukrainian banks and government institutions went offline after a large distributed denial of service attack that was seen as part of a series of virtual salvos.
The war game contains other elements of recent cyberattacks in Ukraine, said Rain Ottis, a professor of cyber operations at Tallinn University of Technology who helped organize this year’s Locked Shields. Participants will also have to deal with claims of fake news, propaganda and threats to physical security—as they try to neutralize hacks, he said.
Experts are being drilled not only on their ability to defend technical networks, but on other aspects of cyberattack, such as how to deal with legal challenges and disclose incidents to the media, Mr. Ottis said.