Friday, May 14, 2010

Baltic Cyber Shield 2010

I spent the first two days of this week engaged in a multinational distributed cyber defence exercise - Baltic Cyber Shield. It was a tech-centric exercise organized by CCD COE and various Swedish defence organizations, particularly the Swedish National Defence College and the Swedish Defence Research Agency. The Estonian Cyber Defence League, a volunteer cyber defence organization, also provided invaluable support. All in all, about 100 people from about 10 countries took part in the exercise.

According to the scenario, six blue teams (3 Swedish, a Latvian, a Lithuanian and a NATO team) of up to ten experts were deployed to take over compromised and poorly set up networks targeted by an extremist environmental group's "cyber warfare division" (multi-national red team). The exercise was distributed, so the participants performed the defence and attack missions remotely.

I must say it was a lot of fun. As expected, there were all kinds of issues, but in the end, everything went quite well. The attackers were able to maintain a steady push, compromising well over a hundred systems over the two days, while the defenders tried different strategies to maintain their services while locking the attackers out of their networks.

As a member of the referee team, I got another good experience, and learned some things that can contribute to my PhD research (the attackers were, after all, supposedly a non-government volunteer group who engaged in politically motivated cyber attacks). Congratulations are in order to the members of Blue 5, a Swedish expert team, who won the exercise.

Next week I will be at the SMi's Cyber Defence Conference in Tallinn.

No comments:

Post a Comment