24. 05. 2017

National Cyber Security Centre held another iteration of technical cyber security exercise Cyber Czech 2016 on 23rd and 24th May in Brno. This time, we welcomed representatives of Central European Cyber Security Platform (CECSP) countries – Austria, Czech Republic, Hungary and Slovakia. Czech Republic was represented by two teams, first of which consisted of experts from CZ.NIC, Czech National CSIRT operator. The second one consisted of GovCERT.CZ employees who experienced defending the infrastructure as a blue team for the first time. They were part of the attacking red team in past iterations. Their involvement on the other side will provide exercise organizers with valuable feedback which will be taken into account in the planning process of future exercises.

Exercise was traditionally held in Cybernetic Proving Ground on the premises of Institute of Computer Science (ICS) which is part of Masaryk University. Event was conducted in the form of simulation in closed, specially modified technical environment which enables such techniques and manipulation with content that would pose a serious threat in an open network.

Foreign participants had a unique chance to defend given network against cyber attacks. Players were experts from governmental or national CERT teams of invited countries. Participants, divided into small teams, faced cyber attacks that lasted for six hours and had to handle both basic and more sophisticated incidents and events. Players’ technical skills were tested along with putting emphasis on the importance of information sharing amongst them and with other entities as well. In other words, their goal was not only to respond to attacks and technical problems, but also to deal with media and take impact of their decisions into the account. Thanks to media aspect, they could experience work in increased stress environment, just like in the case of real world cybersecurity crisis.

Exercise was based on a scenario that reflected real world incidents and lessons learned gained through solutions in real world. Both scenario and narrative were fictitious and set into transportation sector. The central railroad signalization control system was the key vulnerable asset within this scenario.