Locked Shields, organised annually by NATO, is the world’s largest and most complex live-fire cyber defence exercise.
This year, Nexova’s cyber experts formed part of a joint team from Belgium, Luxembourg and Latvia that placed fourth overall out of 17 teams, thanks to strong collaboration, exceptional skills and formidable team spirit. During the exercise, which required 3 months of preparation for the participants, they tackled multiple threats on different environments such as 5G, industrial control systems (ICS), battle command systems and cloud.
“Train as you fight”
Locked Shields mimics a nation in crisis, providing a realistic, large-scale red team/blue team training platform for cybersecurity professionals. Hosted by NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia, nearly 4,000 experts representing 41 countries took place this year.
Held last week, the 2025 event incorporated elements of critical infrastructures including telecommunications, energy plants and satellites. What makes it particularly valuable for cybersecurity professionals is that participants not only have to deal with cyberattacks but also disinformation plus legal, political and infrastructure issues.
Seventeen blue teams were tasked with protecting a fictitious country against realistic cyberattacks led by the red team. The more a blue team defends the country, the more points it earns. The event also involved neutral green, yellow and white teams who were responsible for developing the scenario and simulating normal network use.
A memorable experience for the Nexova blue team
Nexova’s experts were invited by the Belgian Cyber Command to be part of a 260-strong team, which had 19 sub-teams. Together, they employed automation, best practice hardening and endpoint detection and response (EDR) solutions to deal with the attacks. Through effective intra- and inter-team collaboration and communication, they succeeded in stopping and removing the red team from the network.
Alexandru Militaru, who is Nexova’s Product Owner Cyber-Range, was part of the Windows team. During the exercise, he was responsible for working on automated defence and hardening as well as increasing the availability of our Windows infrastructure.
“It was a great learning opportunity, both for the cybersecurity aspects and for the infrastructure and cyber-range that were deployed for this exercise,” explained Panagiotis Bellonias, Technical Lead of the Scenario Team at Nexova. During the exercise, Panagiotis was protecting the power generator and the power grid, hardening those systems and performing threat hunting on the hosts in scope.
During the ‘hot wash’ – the initial debriefing session held shortly after the exercise finished – the Locked Shield’s Red team gave a shoutout to our team for strong defence on the firewalls and power generator infrastructure.
Well done to our experts, and the rest of the Belgium-Luxembourg-Latvia team, on an excellent result!