NATO’s ‘Cyber Coalition 2020’ (CC20) exercise to defend the allies against cyber attacks, which took place on 16–20 November, embraced a number of firsts for the annual event. These included a wholly new scenario tailored to modern cyber operations, optional storylines based on protecting either military or civil critical infrastructure, and extensive testing and use of deceptive methods to deflect cyber opponents and gather metrics on their tactics. For the first time, CC20 was also conducted wholly in a virtual format due to the Covid-19 pandemic.
“In some ways this was an improvement, by shifting everything to continuous workshops and meetings,” said Rear Admiral René Tas, assistant chief of staff for capabilities at Allied Command Transformation (ACT), Norfolk, Virginia, which led the exercise. Tas and others tele-briefed reporters on 20 November at the close of the five-day exercise, which involved 1,000 participants from the allies and partner countries, various NATO commands and entities, the EU Military Staff, and the EU’s civil Computer Emergency Response Team (CERT).
The logo of the NATO Cyber Range CR14 centre, pictured on 1 October 2020 in Tallinn, Estonia. The CCDCOE helped define CC20’s scenario. (Raigo Pajula/AFP via Getty Images)
According to Tas, “As a result of travel restrictions, there was a wider participation by officials and subject-matter experts, though it’s always better to exercise side-by-side of course.” One of the key players was Estonia’s NATO-affiliated Cooperative Cyber Defence Centre of Excellence (CCDCOE), which had a central role in defining CC20’s scenario, described by NATO as “realistic, with storylines introducing modern cyberspace effects”. The Czech Republic, Portugal, and the United States worked with the CCDCOE to produce the new scenario.