Cyberwar: Exercise for more resilience during NATO maneuver Locked Shields
The NATO Locked Shields exercise, in which troops train for cyber security, has been taking place every year since 2010. The Bundeswehr is taking part again.
Defense Minister Pistorius at the NATO exercise Locked Shields 2025
(Image: Bundeswehr/Dagmar Benner)
NATO's Locked Shields joint cyber security exercise, which has been held annually since 2010, is currently taking place again in Tallinn, Estonia. The event has been running for its 15th anniversary since April 21 and ends tomorrow, Thursday, May 9, 2025, where the troops of the participating countries practice fending off cyber attacks and thus ensuring greater resilience in "cyberspace".
A spokesperson for the Bundeswehr explained to heise security that during these "live-fire exercises", the "participants counter interdepartmental and multinational hybrid threats from cyber and information space". Specifically, "real-time attacks on computer networks and critical infrastructure systems (KRITIS) are simulated by an attacking team (Red Team) from Tallinn (Estonia), which must be repelled by a total of 17 Blue Teams."
Locked shields: not only troops active in the exercise
According to the Bundeswehr, one of these Blue Teams, Team 2, consists of members of the Cyber and Information Space (CIR) branch of the armed forces and comprises around 200 exercise participants; they are based in Kalkar. The team is being led "this year by our partners from Singapore", "who are contributing their valuable experience from the Indo-Pacific region to the exercise. The team also includes numerous members from other departments", such as the BMI, the BSI and others, as well as from industry, the Bundeswehr explains further.
Videos by heise
The German soldiers also comment on some of the focal points: "One of them is aimed at defending against cyber attacks on KRITIS in a civilian and military context, such as energy or water supply or radar systems and air defense in a fictitious exercise scenario created by NATO. In this context, in addition to technical skills, methods and cooperation with civilian companies, the handling of incidents in the information environment (such as social media) and the legal assessment of actions are also trained and evaluated by NATO."
Like other democratic countries, Germany is currently "more than ever the focus of state and non-state actors who use hybrid means to destabilize our society. However, the Bundeswehr is professionally equipped to deal with hybrid threats from the cyber and information space and is an important partner for all security actors." The scenarios must be practiced regularly, for which NATO's Locked Shields exercises have provided a framework since 2010, in which 41 nations now participate.
The Bundeswehr spokesperson continues: "With the Locked Shields exercise, the CIR is thus jointly meeting the growing challenges in the cyber security domain and increasing the resilience of society as a whole. After all, national security provision in cyber and information space can only be achieved jointly in an interdepartmental, international approach that explicitly includes civilian partners."
NATO itself writes on LinkedIn, for example, that almost 4,000 IT security experts are taking part in the exercise. "Locked Shields is unique in the scope and depth of collaboration between nations, universities, international organizations and industry partners, who bring to the exercise specialized systems, advanced skills and cutting-edge technologies from around the world, representing the best expertise in their respective industries," the defence alliance says of the exercise.
One of the focal points of the Locked Shields exercise in 2024 was to prevent phishing and "defend containers".
(dmk)
