NATO Cooperative Cyber Defence Centre of Excellence has organised a cyber exercise for a technical Blue-Red Team named Locked Shields (CDx) In the middle of April 2013.
Exercise has fictional war game approach in it's scenario,An international coalition forces in an unstable country called Boolea with blue teams and a religious and well-equipped insurgency offensive movements during deadly epidemic among the local population.
IT systems of international aid organisations are under cyber attacks while their initial response capability is severely limited.Ten support teams task team is to provide help and keeping the systems running at 10 different sites for 2-3 days until crisis response teams of the aid organizations arrive.
are the main training audience. They have to defend a pre-built network which is initially unknown to them and contains vulnerabilities. To provide feedback to the teams and measure the success of different strategies and tactics, Blue Teams will be assigned automatic and manual scores, and there will be a friendly competition between the Blue Teams.
is the second training audience. One or two legal advisors will accompany each Blue Team.
mission is to compromise or degrade the performance of the systems that are protected by the Blue Teams. The technical details of the initial configuration of the Blue Team systems will be available for the Red Team beforehand, along with the opportunity to scan Blue Teams’ systems for vulnerabilities before the execution. Red Team members will not compete with each other and their activities are not scored.
is responsible for the overall organisation of the CDx. They define the training objectives, scenario, develop attack campaign together with the Red Team, write down the rules, etc. During the Execution phase, the White Team acts as the exercise controllers’ cell.
is responsible for preparing the technical infrastructure for the exercise.
selects and configures required tools to collect, analyse and visualise information coming from different sources. Human analysts process and investigate that information and provide periodic situation updates to the exercise controllers. They also provide feedback to the Blue Teams.