October 7, 2015

The first year of the National technical cyber security exercise Cyber Czech 2015, organized by the National Security Authority (NSA) in collaboration with the Institute of Computer Science at Masaryk University in Brno (ICS), took place between October 6 and October 7, 2015 in the environment of the Cyber polygon on the premises of the ICS. The exercise happened by the form of practical simulation in a special closed computer system, where anything can be tested without any risk for the external network.

The aim of the exercise was to face real cyber-attacks and solve the resulting events and incidents. The specialists examined technical skills and information sharing between teams of trainees. The exercise was based on a prepared scenario reflecting the real incidents and application of the Act no. 181/2014 Sb. about cyber security. However, the scenario and the storyline were entirely fictional.

It was the first technical exercise where participants from key ministries staff and other authorities of the Czech Republic could experience the defence of the significant power plant simulated network against the cyber-attacks. At first there were simple DDoS attacks which gradually became more sophisticated and finally the system of the significant critical information infrastructure company was attacked.

The technical part of the exercise ended on October 7, 2015 at half past three in the afternoon. The participants were divided into five defence teams and for six hours were countering the increasing activity of the offenders to experience what it is like to act under pressure during the real cyber-crisis. Their task was not only to respond to attacks and technical problems, but also to evaluate potential legal and media impacts. The aim was not to specify the winner but to simulate the series of cyber-attacks and to see their possible destructive effects.

The simulated attacks were prepared by the experts from the National Cyber Security Centre (NCSC) in collaboration with the experts from the Cyber polygon. It was the first test of the entire polygon, which is meant to be used not only for the academic research, but also for the public institutions and private companies as a valuable and unique physical and virtual environment.

The preparation of the exercise lasted for nine months and a total of sixty people of NCSC and ICS participated. The trainees have performed quite well considering the evaluation of the others. The head of the attacking team also made a compliment: “You were respectable opponents. Even though it is said that the hackers are always one step ahead, we were not able to apply everything we had planned by far.”

It will be certainly interesting to see the conclusions resulting from the exercise. They should be known after the overall evaluation at the end of October.