ASOC @ Locked Shields 2021 – a real-time massive cyber defense exercise
For the first time in Bulgaria, our team of security analysts, cybersecurity and IT experts joined forces with Ministry of Defense, Bulgarian Defense Institute and Technologica for Locked Shields — a sophisticated real-time cyber defense exercise challenging countries’ abilities to protect vital services and critical infrastructure from coordinated and potentially devastating cyber attacks.
Organized by NATO Cooperative Cyber Defense Center of Excellence (CCDCOE) and partner organizations, it immersed us in a fictional, but all too realistic simulation. As one of the 22 Blue teams tasked with defending the island country of Berylia, we had to secure its (more than 5000 virtualized) systems, detect attacks (more than 4000 in total) in real time and mitigate them, all while under pressure, taking strategic decisions and solving a myriad of communication, legal and entirely technological challenges. But we had to also deal with disinformation tactics proficiently executed by the adversary – a Red team taking the form of another fictional island state called Crimsonia.
Telelink’s involvement and ASOC’s in particular was in deploying a cybersecurity monitoring system to detect attacks in real-time and automating response to speed up incident reaction and improve efficiency. On quite a few occasions members of our team applied reverse engineering to analyze the workings of malware used by the Red team and improve defenses.
Looking back to these intense few days, the exercise managed to effectively put all teams’ entire chains of command to test and train them at the same time – to appreciate tight cooperation, members’ unique capabilities and strengths, and embrace efficient collaboration.
“To all of us here at Telelink Business Services, Locked Shields 2021 was an incredible opportunity to put our knowledge, skills and tools against such a massive and incredibly well executed attack simulation. The importance of protecting the services and infrastructure modern societies rely on against modern threats cannot be overstated.” – Alexander Tzokev, Manager, Advanced Security Operations Center (ASOC)