Feeds

NATO proclaimed winner of Locked Shield online wargame

Games without frontiers, war without tears

Website security in corporate America

NATO has – not surprisingly – been named the winner of the Locked Shield online wargames held last week at the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia.

The 48-hour exercise, which has been held annually for the last five years, simulates a coordinated attack by "Red" forces (a continuing affectation from the days when the Red Flag of the Soviets still flew) on the electronic infrastructure of ten Blue teams, using and and all online means at their disposal.

NATO was up against national teams from Estonia, Finland, Lithuania, Germany, Holland, Italy, Poland, Spain, and Slovakia, so it's hardly surprising that those worthies lost out to the combined might of one of the world's most powerful military organizations. The hosts Estonia placed second, with their scratch team of government and commercial volunteers.

"It is good to see that the Blue Teams have really prepared well for this year's exercise and the opposing team had to work a lot harder to keep the difficulty level high for the defenders," said Jaan Priisalu, director general of the wargame's organizers, the Estonian Information System's Authority (EISA).

"This is a highly positive sign because it shows that the teams take the exercise very seriously and also that they are learning from the best practices and lessons from previous years."

Estonia has possibly the largest practical experience of online warfare in Europe. It's one of the most electronically advanced (and thus dependent) government systems in the region, in part as a reaction to getting temporarily pwned in 2007. While the EISA has no official input into NATO online battle plans, the lessons from the exercise are bound to be noted.

"The exercise has come a long way since the first event in 2008 and the fact that the teams are improving shows that the exercises do what they were developed for, namely train the IT specialists to work together and enhance their skills," noted Colonel Artur Suzik, director of the NATO Cooperative Cyber Defence Centre of Excellence.

Stay alert, chaps

While the results of the wargames are all well and good, El Reg hopes this won't induce a sense of complacency. Wargames are just that – games – and reality is going to be much more unpleasant. As the 19th century Prussian military strategist Helmuth von Moltke the Elder noted, "No human acumen is able to see beyond the first battle."

Barely a decade ago we saw this demonstrated with the Millennial Challenge in 2002 – a simulated land, sea, air and electronic online wargame against a fictional Middle Eastern country (somewhat like Iraq). It was intended to be the first test of the switched-on, network-centric warfare beloved by former US Secretary of Defense Donald Rumsfeld, and in practice it failed miserably.

The Red team, controlled by Marine Lieutenant General Paul Van Riper, refused to play ball – using motorcycle couriers and pre-arranged signals at evening prayers to trigger attacks on the Blue team forces rather than easily-tapped radio or wired signals. By the second day, Van Riper had sunk one aircraft carrier, ten cruisers, and five of six amphibious ships of the attacking force, and the $250m exercise was shut down and reset.

Wargames of the kind carried out last week use only threats that we know about. We'd be far more impressed if the military had sought a scrap with white and grey-hats and won, but it's likely the results would look rather less pleasing to the military eye. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.