NATO Holds Annual Cyber Defense Exercise 41
Bismillah writes about NATO's annual Locked Shields cyber defense exercises. "The Western European and North American mutual defence pact organisation NATO has concluded an annual cyber defence exercise, defending a fictitious network against incoming attacks.
Called Locked Shields 2013, the exercise involved 250 people in eleven locations around Europe, under the auspices of the NATO Cooperative Cyber Defence Centre of Excellence (CCD-COE), the Finnish and Estonian Defence Forces and two government IT security organisations in the Baltic country."
Re: (Score:2)
Team members ... (Score:3)
Would have been better to have the 'red team' made up of a bunch of hardened cyber criminals. Crackers, if you like. This sort of thing smacks of testing being done by developers.
Would have been better if... (Score:1)
Blue teams servers were on a private network not accessible to Red Team, then they'd be network professionals.
If there's no battlefield, there's no battle.
Re:Would have been better if... (Score:4, Insightful)
Re:Team members ... (Score:5, Interesting)
Would have been better if the Red Team was the entire world.
They could announce the IP block they would be using to the world and anyone could throw anything they wanted at it with no fear of prosecution.
The Blue Team would then actually have a real challenge on their hands.
Re:Blue teams challenge.... (Score:5, Interesting)
the point of these is indeed to test defenses, as there are people with teams (to varying degrees of effectiveness) assigned to every military network solely to defend their network through internal culture, device hardening, regular auditing, and other such preventative measures. the Red Teams are very few in number and most i've encountered have a high level of skill in their particular area and are good at weeding out even small but dangerous deficiencies.
typically a red team exercise is also a secret to the target, so there is no opportunity to unplug the router until various monitoring systems detect something scary enough to make you want to do that. i dont like the idea of it being a known event, i've seen plenty of units "prepare" for a planned network security inspection by hiding things or patching deficiencies enough to hold them until after the inspection team has left. yes, people unplug stuff so the inspection team doesnt see it, its quite possible the same thing happens during this highly-publicized (and thus highly-political) NATO exercise, but that depends on the vigilance of those in charge of the information security program and the quality of their boss and their boss's boss (etc), many of whom would not risk a black eye for something as silly as network security (typically something that only receives focus when there is an exercise such as this).
Re: (Score:2)
Would have been better if the Red Team was the entire world.
They could announce the IP block they would be using to the world and anyone could throw anything they wanted at it with no fear of prosecution.
The Blue Team would then actually have a real challenge on their hands.
And how on earth are the good (Blue Team) guys going to win in this sort of scenario?
The point of this whole setup is as much to say "Our defences are good. We have nothing to worry about" as it is to test for some abvious intrusion method or problem. If they run this in a test, then get hammered in a months time then they can say (with legitimacy hehe) "The ememy used a SOPHISTICATED! attack method..." which we were totally unprepared for.
Re: (Score:3)
"They bludgeoned us to death with blunt hammers"
If the test is there to actually learn stuff (and not just to tick a box) then testing whether sensitive networks are safe kinda means you have to plug them in to the internet.
If it isn't a internet connected network then the headline should be "Breaking News: Completely isolated network deemed inaccessible from the Internet"
Re: (Score:2)
I suspect what would happen is that there would be a DDOS attack on day one and the whole exercise would be pointless since the only thing compromised would be the internet gateways to those IPs.
Re: (Score:2)
So....they failed.
We can't have that can we?
Re: (Score:3)
For all we know, they were sitting there playing Core War all weekend. Which would be interesting, but perhaps not useful.
Re: (Score:2)
though not related, it did make me laugh, also grey eyes
joshua (Score:2)
do you want to play a game?
The best form of defence is a good offence (Score:5, Funny)
defending a fictitious network against incoming attacks
I bet the network was named:
:)
Computer
Hookup
Imitating
Network
Attacks
Re: (Score:1)
that or
Intelligence
Seeking
Root
Access
Extraction
Line
Cyber Defense Exercises (Score:1)
1) Ethernet Jacks
2) 50 Yard Dashboard
3) Calves and Quadricores
4) Weights and Load Balancing
5) Integrated Circuit Training
A hackathon? (Score:1)
So this is essentially a hackathon? Please, correct me if I am wrong...
Re: (Score:1)
Re: (Score:1)
You mean an average of two "fuck" per sentence, or did the post contain more than that? It seems that word has substantial meaning to the poster ;)
Re: (Score:1)
Dan Dreiberg: What happened to us? What happened to the American Dream?
Edward Blake: "What happened to the American Dream?" It came true! You're lookin' at it...
Blue team wins (Score:2)