Sweden participates in world's largest Live-Fire Cyber Exercise

Sweden particitgates in the Nato Den 10-11 april genomförs världens största cyberförsvarsövning, Locked Shields, som anordnas av Natos cyberförsvarscentrum i Estland. Totalt deltar runt 1 000 personer i lag från 23 länder samt ett blandat Natolag. Sverige deltar med ett lag med över 50 experter från en handfull svenska myndigheter och företag.

"We have an incredible team lineup this year where we have succeeded in gathering some of the very best in Sweden. I am very pleased that both authorities and companies are setting up with their experts because it is an invaluable opportunity to practice really tough threats to cyber security in a society during controlled, yet very pressing circumstances. It is also a good exercise in collaborating across organizational boundaries", says team leader Erik Biverot, to everyday exercise manager at CERT-SE, which is Sweden's national indicator management organization for IT security (CSIRT) at the Swedish Civil Protection and Emergency Preparedness Authority.

Exercise and competition
Locked Shields has been carried out annually since 2010 and is organized by the Cyber ​​Defense Center Nato Cooperative Cyber ​​Defense Center of Excellence in Estonia. The basic scenario is the same - the fictitious country of Berylia is exposed to massive cyber attacks of various kinds and the competition law constitutes the rapid response force to ensure that Berylia's networks and other services are not paralyzed by the attacks. The exercise is both technical and strategic. The technicians will try to keep the systems running while the strategy part is to manage the situation at a high decision level, follow international law in the area and it can also be about managing issues from journalists.

There is a wide range of challenges you face. It can be anything from attacks against control and control systems, networks and services to managing false rumors in the media. At the same time, it is also important to have a good situation picture and be able to report to the exercise management, says Erik Biverot.

4,000 systems and 2,500 attacks
The Exercise Management controls the scenario from Tallinn and there the antagonists, who are called the Red Team, also sit there. The exercise is going on for two very intensive days. No one knows exactly what challenges are waiting, but the law will have the opportunity to get acquainted with limited parts of the environment for a few days. And at the start of the race you get a half-hour lead in order to familiarize yourself with the basic scenario before the red team - the enemy - starts with full force.

Locked Shields include around 4,000 virtual systems and a total of over 2,500 different kinds of attacks. In addition to keeping complex IT systems running during the attacks, the law is also measured on its ability to report incidents, take strategic decisions and implement advanced troubleshooting, so-called IT-reconciliation. The law therefore consists of a wide range of competences from IT security specialists, network technicians, IT forensics, managers, lawyers and communicators.