Security Experts:

Connect with us

Hi, what are you looking for?



Over 30 Countries Take Part in NATO’s ‘Locked Shields 2022’ Cyber Exercise

NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) on Tuesday kicked off the thirteenth installment of Locked Shields, its annual live-fire cyber defense exercise.

NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) on Tuesday kicked off the thirteenth installment of Locked Shields, its annual live-fire cyber defense exercise.

Locked Shields takes place in Estonia’s capital Tallinn and it will run until April 22. With more than 2,000 participants from over 32 countries, this complex international cyber exercise is meant to facilitate cooperation and coordination between nations, industries, and public and private organizations in preparing against state-sponsored cyberattacks.

Since 2010, the exercise has been testing the readiness of national, military, and civilian IT systems against attacks targeting vital services and critical infrastructure by simulating a realistic, large-scale assault against an entire nation.

This year’s scenario involves Berylia, a fictional island country in the northern Atlantic Ocean, victim of a series of crippling coordinated cyberattacks that disrupted the operation of government and military networks, communications, electric power grid, and water purification systems.

“For the first time the exercise includes the simulation of a reserve management and financial messaging systems of a central bank. Additionally, a 5G Standalone mobile communication platform is deployed as part of a critical infrastructure to give the first experience to cyber defenders about upcoming technology change,” CCDCOE told SecurityWeek.

[ READ: Over 200 Organizations Take Part in CISA’s Cyber Storm Exercise ]

A Red Team vs. Blue Team exercise, this year’s event will involve roughly 5,500 virtualized systems that will face more than 8,000 cyberattacks.

Locked Shields 2022 has 24 participating Blue Teams – with an average of 50 experts each – that will take the role of national cyber Rapid Reaction Teams, scrambling not only to secure complex IT systems, but also to effectively report incidents and solve forensic, legal, media operations and information warfare challenges.

Last week, CCDCOE announced that Ukraine has applied for membership and that some of the experts participating in this year’s Locked Shields event are from Ukraine. On its road to membership, Ukraine initially “had to be part of a joint team with US,” SecurityWeek was told.

CCDCOE says that Locked Shields 2022 is organized in cooperation with NATO, Arctic Security, Clarified Security, CR14, Siemens, and TalTech, with additional participation from the Financial Service Information Sharing and Analysis Center (FS-ISAC), Fortinet, Microsoft, and SpaceIT.

FS-ISAC – with involvement from member firms such as Mastercard and Santander – will lead the financial services sector scenario in this year’s Locked Shields event.

Related: NATO, Ukraine Sign Deal to ‘Deepen’ Cyber Cooperation

Related: Hacked Ukrainian Military Emails Used in Attacks on European Governments

Related: Finland’s Spy Service Warns of Russian Interference, Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.