The increasing incidence of cyber attacks against NATO computer systems (500 in 2016 60% more compared to the 2015 figures, and 380 in the first half of 2017) and the varying tactics and targeting personal and networks connected with NATO systems; NATO Networks are guarded by 200 experts , while the defence of individual member nations’ networks is a national responsibility.
The Exercise Cyber Coalition 17 (of the series organised as an annual activity in view of the speed of growth of threats, responses and the development of the technology used by both sides), was conducted from 27 November – 1 December 2017 and engaging over 700 military and civilian experts from 26 NATO member nations, four countries as observers and the staff of several NATO and the EU institutions. Organised by the ACT, the Exercise took place at ten locations within the member nations from 27 November – 1 December 2017. It was managed from NATO Cyber Range in Tartu, Estonia (the home to NATO Cooperative Cyber Defence Centre of Excellence), and the participants were conducting it from their workplaces and exchanging information, experiences and cyber defence solutions with their colleagues across Europe to simulate realistically the actual situation.
The Exercise objectives (categorised as NATO objectives, the member countries’ objectives and the common objectives respectively) involved the practice of target NATO units to handle the operation and strategic-level cyber threats and cyber incidents impacts, NATO Computer Incident Response Capability and NATO CISG capabilities; the national bodies practice in the planning phase as well as the execution and co-ordination of cyber defence at tactical level in national networks and infrastructure, and the testing of co-ordination between the member nations and NATO bodies when responding to common cyber threats and incidents, in compliance with the national and international legislations.
The Exercise main scenario comprised five versions (all five accepted by the Croatian component), involving a number of tasks for all participants and a wide range of procedures (e.g- data encryption and exfiltration , air defence system compromitation, suspect UAV, phone compromitation, analysis of operational systems and malware, computer and network forensics etc.) in response to the incidents assigned directly from the Cyber Range in Estonia
The Republic of Croatia has taken part since 2009. The main coordinating authority was the CIS Division of the General Staff of the Croatian Armed Forces, which engaged experts of the Ministry of Defence and of the Croatian Armed Forces, alongside the staff of the National CERT, the Information Systems Security Bureau,the Security and Intelligence Agency, Croatian Regulatory Authority for Network Industries and the Croatian Academic and Research Network as the main exercise group. The Croatian component was supported by the Faculty Electrical Engineering and Computing and the companies Diverto and Span, thus exemplifying the cyber defence strategy effectiveness prerequisite of engaging diverse segments of society.
The Distinguished Visitor Day, staged in the Croatian Defence Academy “Dr Franjo Tuđman“ on 29 November 2017, was attended by the Head of the MoD’s CIS Sector Colonel Bruno Bešker as Envoy of the Deputy Prime Minister and Defence Minister, alongside the Director of the General Staff of the Croatian Armed Forces, Rear Admiral Robert Hranj, the Chief of the Operations Directorate of the General Staff Brigadier General Senad Fejzić, the Deputy Commander of the Croatian Defence Academy Brigadier General Zdravko Klanac and the Head of the CIS Directorate of the General Staff, Colonel Ante Tolić, as well as by the CIS personnel and representatives of relevant national bodies and of the academic community.