Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
The Military Security

NATO Holds Annual Cyber Defense Exercise 41

Posted by samzenpus from the how-about-a-nice-game-of-chess? dept.
Bismillah writes about NATO's annual Locked Shields cyber defense exercises. "The Western European and North American mutual defence pact organisation NATO has concluded an annual cyber defence exercise, defending a fictitious network against incoming attacks. Called Locked Shields 2013, the exercise involved 250 people in eleven locations around Europe, under the auspices of the NATO Cooperative Cyber Defence Centre of Excellence (CCD-COE), the Finnish and Estonian Defence Forces and two government IT security organisations in the Baltic country."
This discussion has been archived. No new comments can be posted.

NATO Holds Annual Cyber Defense Exercise More

NATO Holds Annual Cyber Defense Exercise

Comments Filter:

  • Re:Team members ... (Score:5, Interesting)

    by cheater512 ( 783349 ) <nick@nickstallman.net> on Monday April 29, 2013 @12:00AM (#43578125) Homepage

    Would have been better if the Red Team was the entire world.

    They could announce the IP block they would be using to the world and anyone could throw anything they wanted at it with no fear of prosecution.
    The Blue Team would then actually have a real challenge on their hands.

  • Re:Blue teams challenge.... (Score:5, Interesting)

    by Gogo0 ( 877020 ) on Monday April 29, 2013 @03:28AM (#43578731)
    these things are usually conducted either from a valid account (lowest-level guest privs) or only physical access to a network asset -both from within the network boundary. there are plenty of outside attempts every day to determine if current boundary defenses are robust enough to keep out those who are trying to get in (not to say it couldnt be better).

    the point of these is indeed to test defenses, as there are people with teams (to varying degrees of effectiveness) assigned to every military network solely to defend their network through internal culture, device hardening, regular auditing, and other such preventative measures. the Red Teams are very few in number and most i've encountered have a high level of skill in their particular area and are good at weeding out even small but dangerous deficiencies.

    typically a red team exercise is also a secret to the target, so there is no opportunity to unplug the router until various monitoring systems detect something scary enough to make you want to do that. i dont like the idea of it being a known event, i've seen plenty of units "prepare" for a planned network security inspection by hiding things or patching deficiencies enough to hold them until after the inspection team has left. yes, people unplug stuff so the inspection team doesnt see it, its quite possible the same thing happens during this highly-publicized (and thus highly-political) NATO exercise, but that depends on the vigilance of those in charge of the information security program and the quality of their boss and their boss's boss (etc), many of whom would not risk a black eye for something as silly as network security (typically something that only receives focus when there is an exercise such as this).

Slashdot Top Deals

Say "twenty-three-skiddoo" to logout.

Close