Feeds

NATO proclaimed winner of Locked Shield online wargame

Games without frontiers, war without tears

3 Big data security analytics techniques

NATO has – not surprisingly – been named the winner of the Locked Shield online wargames held last week at the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia.

The 48-hour exercise, which has been held annually for the last five years, simulates a coordinated attack by "Red" forces (a continuing affectation from the days when the Red Flag of the Soviets still flew) on the electronic infrastructure of ten Blue teams, using and and all online means at their disposal.

NATO was up against national teams from Estonia, Finland, Lithuania, Germany, Holland, Italy, Poland, Spain, and Slovakia, so it's hardly surprising that those worthies lost out to the combined might of one of the world's most powerful military organizations. The hosts Estonia placed second, with their scratch team of government and commercial volunteers.

"It is good to see that the Blue Teams have really prepared well for this year's exercise and the opposing team had to work a lot harder to keep the difficulty level high for the defenders," said Jaan Priisalu, director general of the wargame's organizers, the Estonian Information System's Authority (EISA).

"This is a highly positive sign because it shows that the teams take the exercise very seriously and also that they are learning from the best practices and lessons from previous years."

Estonia has possibly the largest practical experience of online warfare in Europe. It's one of the most electronically advanced (and thus dependent) government systems in the region, in part as a reaction to getting temporarily pwned in 2007. While the EISA has no official input into NATO online battle plans, the lessons from the exercise are bound to be noted.

"The exercise has come a long way since the first event in 2008 and the fact that the teams are improving shows that the exercises do what they were developed for, namely train the IT specialists to work together and enhance their skills," noted Colonel Artur Suzik, director of the NATO Cooperative Cyber Defence Centre of Excellence.

Stay alert, chaps

While the results of the wargames are all well and good, El Reg hopes this won't induce a sense of complacency. Wargames are just that – games – and reality is going to be much more unpleasant. As the 19th century Prussian military strategist Helmuth von Moltke the Elder noted, "No human acumen is able to see beyond the first battle."

Barely a decade ago we saw this demonstrated with the Millennial Challenge in 2002 – a simulated land, sea, air and electronic online wargame against a fictional Middle Eastern country (somewhat like Iraq). It was intended to be the first test of the switched-on, network-centric warfare beloved by former US Secretary of Defense Donald Rumsfeld, and in practice it failed miserably.

The Red team, controlled by Marine Lieutenant General Paul Van Riper, refused to play ball – using motorcycle couriers and pre-arranged signals at evening prayers to trigger attacks on the Blue team forces rather than easily-tapped radio or wired signals. By the second day, Van Riper had sunk one aircraft carrier, ten cruisers, and five of six amphibious ships of the attacking force, and the $250m exercise was shut down and reset.

Wargames of the kind carried out last week use only threats that we know about. We'd be far more impressed if the military had sought a scrap with white and grey-hats and won, but it's likely the results would look rather less pleasing to the military eye. ®

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.