Connect with us

Hi, what are you looking for?

Cyber Security

Ukraine hosts large-scale simulation of cyber-attack against energy grid

Cybersecurity professionals from across Ukraine have tackled a large-scale cyber-attack simulation with echoes of the hugely damaging real-world assault against the country’s power grid in 2015.

Comprising 250 participants, 49 teams competed – either virtually or in-person at a venue in Kiev – to accrue points in remediating an attack against a fictional energy provider after it suffered several unexplained system failures.

Across five and a half hours, security professionals from Ukraine’s public and private sectors and higher education institutions sought to ascertain the nature of a malicious network compromise before expelling the intruder and restoring systems to normal operation.

The winning team was Kiev-based Berezha Security Group, while cybersecurity engineer Dmitry Korzhevin was the best-performing competitor participating as an individual.

The competition, which took place on December 2, was the latest Grid NetWars tournament from US infosec training body SANS Institute, with recent tournaments also taking place in Singapore, India, Japan, and Australia.

The event was also organized by Ukraine’s National Security and Defense Council, State Service of Special Communication and Information Protection, and Cybersecurity Critical Infrastructure project for the US Agency for International Development (USAID).

‘Close to reality’

“Every day 560,000 new malicious programs are detected in the world, therefore it is necessary to constantly improve qualifications and ‘pump’ the skills of cybersecurity specialists,” said Ihor Malchenyuk, head of cybersecurity regulatory assistance and institutional development at the USAID Cybersecurity for Critical Infrastructure in Ukraine project.

“Such competitions as Grid NetWars provide an opportunity to practice not only the knowledge and skills of each specialist separately but also train joint interaction,” he added. “After all, the training conditions are as close to reality as possible.”

Tim Conway, technical director of the industrial control systems (ICS) and supervisory control and data acquisition (SCADA) programs at SANS, mentored event participants with the help of two other US-based infosec experts.

‘Practice the way they play’

“Grid NetWars is a product that has existed for a number of years and has been used in country-level exercises since its creation,” Conway told The Daily Swig.

“It has also been leveraged by practitioners around the world who attend critical infrastructure or industrial control system-specific events like the SANS ICS Summit where Grid NetWars competitions are conducted in the evenings after courses.”

The latest, Ukraine-based event had successfully enabled “participants to face real world challenges, develop skillsets, gain exposure to technical tools, and most importantly ‘practice the way they play’ through collaboration, and provided the opportunity to work together in teams just like they would in a real world incident response”, he added.

Conway helped to investigate the 2015 attack on three Ukrainian power distribution centers that left around 225,000 residents without power for up to six hours.

The country’s energy grid was struck again a year later, and Ukraine’s then president Petro Poroshenko said thousands of recent attacks against state institutions were evidence that Russian security services were waging a cyberwar against the country.

Source: https://portswigger.net/daily-swig/ukraine-hosts-large-scale-simulation-of-cyber-attack-against-energy-grid

Advertisement. Scroll to continue reading.
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Cybercriminals are increasingly leveraging extreme weather events to launch attacks on critical infrastructure sectors. Cybersecurity experts say critical infrastructure operators can leverage a set...

Cyber Security

The United States is facing an unsustainable demand for water and lacks the security posture to defend the nation’s water systems from emerging threats,...

Cyber Security

North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe...

Cyber Security

The power grid is experiencing heightened threats from foreign adversaries and domestic extremist groups that can pose devastating consequences for the nation’s supply of...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO