COLOGNE, Germany – NATO’s cybersecurity arm is set to launch a four-day exercise April 9 that simulates the response to hackers sowing chaos in a fictitious country conducting national elections.
The scenario places the country of Berylia in a “deteriorating security situation” as people go to the polls, according to a NATO statement. Hostile actors launch coordinated attacks against the country’s civilian communications infrastructure, causing disruptions in water purification systems, the power grid, 4G public safety networks and other essential services. Civil unrest spreads as the attacks twist the public perception of election results.
The drill, dubbed Locked Shields 2019, is billed as a “live-fire” event, which means all actions by six teams of competing network defenders will have immediate effects in the game-like environment.
More than 1,000 cybersecurity experts are expected to participate in the exercise, coordinated from Tallinn, Estonia, by NATO's Cooperative Cyber Defence Centre of Excellence. The organization has its headquarters in the Estonian capital.
Additional government organizers include the Estonian Defence Forces, the Finnish Defense Forces, U.S. European Command and the National Security Research Institute of the Republic of Korea.
A NATO team built around the alliance’s Communications and Information Agency, NCI, is the defending champion at this year’s Locked Shields event.
Following a series of cyberattacks against Estonia’s financial sector and communications nodes in 2007, the country has become a leading cybersecurity force within the alliance. Estonian officials have blamed the Russian government for the attacks, which Moscow has denied.
Sebastian Sprenger is associate editor for Europe at Defense News, reporting on the state of the defense market in the region, and on U.S.-Europe cooperation and multi-national investments in defense and global security. Previously he served as managing editor for Defense News. He is based in Cologne, Germany.