NATO´s Locked Shields Exercise


From April 19 to April 22, 2022, Locked Shields, the biggest international live-fire cyber defence exercise, took place in Tallinn, Estonia.

Since 2010, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) has been organising this annual event, putting the cyber capability of NATO member countries to the test. This exercise took more than six months to prepare to ensure its success. It aims to strengthen the collective digital defence across the Alliance and test the skills of Allies. The participants had a unique opportunity to prove their ability to protect national civilian and military IT systems and critical infrastructure.

The need for digital security and locking shields is increasingly evident given current events like the invasion in Ukraine and the COVID-19 pandemic. As the global community becomes increasingly dependent on technology, malicious cyber actors are growing their efforts to attack both public and private sectors. In response, the Locked Shields exercise uses the latest technologies to train national teams within an exercise environment based on realistic scenarios.

ESET announced in March that it was stopping all new sales to any individuals, businesses and organisations in Russia and Belarus. The company has been providing free upgrades and extending expiring licences to Ukrainian organisations and consumers as well as has been providing financial support to agencies providing humanitarian aid. ESET researchers have also been monitoring and uncovering cyberthreats aimed at Ukraine.

The Locked Shields 2022 exercise subjected around 5,500 virtualized systems to more than 8,000 live-fire attacks. However, the exercise is not as significant in its size as in its complexity. The involved teams had not only to prove their ability to protect entrusted critical infrastructure of an imaginary country, but also their effectiveness in reporting details about the situation on the digital battlefield, executing strategic decisions and solving forensic, legal and information operations challenges. For the first time, in 2022, the technical exercise also included the simulation of reserve management and financial messaging systems of a central bank. The main focus of the exercise was on the interdependencies of international IT systems.

This year, more than 2000 participants from 32 nations were involved. Twenty-four were NATO member nations, including the Slovak Republic who has taken part in the exercise every year and was joined in 2022 by cybersecurity experts from the Czech Republic. Since there was interest from many nations, several nations joined forces to create joint teams like the Slovak-Czech, Lithuanian-Polish, and Estonian-Georgian ones.

The Slovak-Czech team was formed from experts in the armed forces, government organisations, and the private sector, including ESET. Twenty-nine of ESET´s security experts participated in the exercise, helping the SK-CZ team to fifth place overall, and the top position in two subcategories: forensics and reporting.

“Once again, the team from ESET demonstrated its technical expertise at Locked Shields 2022 and helped the Slovak-Czech blue team achieve a very good ranking. ESET’s products had high incident detection efficiency and enabled us to proactively respond to emerging threats in a short period of time. A thank you to everyone involved for their participation and high level of professionalism,” says the Director of the Cyber Defence Centre of the Slovak Republic.