Neither battles nor wars are won by infantry alone, but rather by thoughtfully interconnected formations of diverse unit types, each providing a specific benefit to the force.

Rigorous training, discipline, and a strong sense of unity of troops fighting shoulder to shoulder are the inspiration for Locked Shields, the annual cyber-wargaming event organized by the NATO Cooperative Cyber Defense Centre of Excellence (CCDCOE).

This year, ESET experts comprised almost a third of the 230-member-strong team of Slovakia and Malta that placed fifth among 17 teams from 41 countries. During the exercise, ESET was frequently praised for its solutions stopping malware before it could reach targeted devices and for its threat-hunting capabilities in quickly discovering emerging cyber incidents.

Fighting side by side

At Locked Shields, teams face huge volumes of multi-staged cyberattacks, testing not only their skills but also their ability to effectively work and communicate under pressure.

The exercise operates within a conflict of fictional states that employ both conventional and hybrid means of warfare.

Teams defend a diverse environment with multiple interconnected systems, simulating real cyber warfare. For example, shutting down an internet provider means that communication is crippled, affecting not only IT processes, but also mass media, or even military personnel using the network.

In this simulation, not all the challenges can be solved by cybersecurity teams. Disabled critical infrastructure, such as power plants or water treatment plants, requires legal teams to enable rapid cooperation with other suppliers, while strategic communications teams must take action to explain the situation to the public.

To make things even more difficult, as part of the game, the organizers introduce major disruptive incidents and new systems that need immediate protection, and security vulnerabilities that require the participating teams’ attention on the fly. 

“It’s clear that organizers are aiming to overwhelm the defenders and test their abilities, as well as resilience, by making them face a high volume and variety of attacks in a very short timeframe,” said Ondrej Kubovič, an ESET security awareness specialist who participated in the event.

Takeaways from the exercise

For ESET teams, this was more than just a simulation. Taking part in an exercise such as Locked Shields, which mirrors real-world cyberattacks, is the best way to train for handling dangerous and overwhelming situations in the real world.

Every Locked Shields event is intense in its approach to testing the participants, with lots of curveballs thrown in to challenge the defenders. The Slovak-Maltese team effectively protected many of the critical systems, such as those belonging to the military, water and other government infrastructure, among others.

ESET Inspect, our EDR, was central to these efforts, even mitigating some of the attacks without burdening the team’s time and attention. ESET Inspect proactively prevented a ransomware attack, stopping the adversary’s ability to even proceed to the phase during which they’d be able to deploy it.

Thankfully, the joint team rose to the task at hand, demonstrating the central role of teamwork, continuous hands-on learning, and communication. Simply said, when trouble presents itself, having a network of capable people at hand with the right set of tools can plug hidden gaps, and efficiently and effectively face down both seen and unseen dangers.

The team also had a whole stack of ESET MDR security experts present, taking advantage of the product/expert synergy to quickly analyze malware and thus tailor our defense and response actions. Our whole product portfolio, which we are also offering to our customers, was put to the test.

Prevention as a priority

As states around the world have entered an age that necessitates continuous resilience building, Locked Shields stands as an important litmus test to showcase how our capabilities perform in the face of digitally evolved warfare in a gamified setting.

For ESET, the priority is to provide our customers with best-in-class security, featuring a low performance impact that preserves existing compute resources for other tasks, which in a battle scenario could make a profound difference.

“A great win here is that such rigorous exercises also effectively allow ESET to hone its solutions and fine-tune its capability to better protect complex environments,” said Lubomir Trebula, senior manager of threat defense R&D at ESET.

ESET managed to efficiently integrate its solutions into the complex environment provided by Locked Shields, while also placing further security layers on top as a preventive measure.

Collective security for the win

This year’s Locked Shields exercise reflected modern geopolitical realities, including violations of sovereignty, nation-aligned cyber-attacks, disinformation, legal challenges and much more.

No one can face such broad challenges alone, and Locked Shields demonstrates the power of collective security.

“If I learned one thing from Locked Shields, it’s that communication is one of the most important things in this field. When something happens, you must know who the key players in your team are and find ways to leverage those contacts to keep everyone in the loop and solve the incident as quickly as possible,” said ESET security awareness specialist Ondrej Kubovič after the event.

Read more about last year's event: Locked Shields 2024: Ancient inspiration deployed for today’s complex digital battlegrounds