South Korea hones cyber defense skills at Locked Shields 2018
A team of cyber security experts from South Korea joined participants from 30 nations in Estonia to simulate a response to a major cyber attack on critical infrastructure.
This year marked the first time that South Korea, also known as the Republic of Korea (ROK), participated in Locked Shields, an annual cyber defense exercise organized by the Cooperative Cyber Defence Centre of Excellence, a NATO-recognized International Military Organization. Locked Shields 2018 was held April 23-27 in Tallinn, Estonia.
Personnel from the ROK’s National Security Research Institute (NSRI) made up the South Korean team, said Cho Sangwoo, director of the NSR’s Cyber Security Training and Exercise Center. “NSRI participated in the event as the Green Team, which took charge of building training infrastructure and operations,” Cho said. “Our basic mission was to apply an infrastructure simulation system, or a wide-use infrastructure training platform, developed by the NSRI.”
The exercise involved a hypothetical cascade of 2,500 virtual cyber attacks on hypothetical targets. Twenty-two blue teams defended against the attacks with technical support from the Green Team. “Locked Shields has a basic scenario in which Berylia, a fictional country, is defended by NATO member nations if it is nationally damaged by cyber attacks,” Cho said. “Unlike wargames which focus on table top exercises, the exercise of Locked Shields is designed to enhance comprehensive response capacity combining various game factors such as media, law and strategies in the process of responding to and solving practical cyber threats.”
NSRI supplied the realistic exercise environment to enable readiness for potential water supply contamination, which could result from a cyber attack on a water purification system, he added. Cho praised the exercise as “the most fundamental and effective means” to boost response capacity to defend against cyber threats. “Through this exercise, participants can perceive their weak points and reinforce them to perform the next exercises, which will ultimately contribute to responding to the national cyber risks,” Cho said.
NSRI also supported visualization modules for the simulated nuclear power plants, electricity substation, water purification system, railway control system and the airport used in the exercise, Cho said.
Cyber security has been a top national priority for South Korea since January 25, 2003, when a computer virus disrupted global networks, hitting particularly hard in the Indo-Pacific. Seoul took “comprehensive and systemic measures from the national level,” Cho said, culminating in the establishment of the National Cyber Security Center in 2004.
The need for such exercises, Cho observed, is more pressing now than ever before. “Recently, cyber attacks are becoming more intelligent worldwide,” Cho said, adding that the amount of damage caused by cyber attacks grows every year.
Felix Kim is a FORUM contributor reporting from Seoul, South Korea.