25Nov
News
Technological solutions for a smart city model
The best defence against cyber-attacks is understanding how hackers operate
We at ELKARTEK SENDAI - SEgurtasun integrala iNDustria AdImentsura have teamed with another eight actors to investigate how cyber security technologies can be used to mitigate risks from cyber-attacks in the industry and to train professionals using cyber-ranges, using Basque Digital Innovation Hub infrastructures.
A cyber range is a virtual environment that can be used for training/testing, assessment and cyber-attack and defence simulation experiments. Cyber ranges can be used to simulate the behaviour of malware or viruses in network systems, analysing their spread rates and overall effects, and to provide training in how to defend network infrastructures and detect product vulnerabilities.
Operating a cyber range
Cyber range exercises involve three teams: a white team, a blue team and a red team. The white team implements and launches cyber-attack scenarios, defining the goal of the session. They also monitor traffic and analyse the performance of the blue team, in terms of their success or failure in handling incidents and responding to scenarios.
The red and blue teams represent the network attacker and defender, respectively. The red team, as hackers, attempts to compromise the server or network, and the blue team, as network operations centre, applies countermeasures against the attack.
Exercises may involve all attacking teams in a “capture-the-flag” type scenario, all defending teams, or attacking and defending teams. The TECNALIA lab can be used for cyber range activities involving a red team performing a “capture-the-flag” type scenario.
At SENDAI we are currently implementing an exercise that covers both the IT and OT domains and which involves carrying out a controlled attack against the control centre of an electricity substation from the TECNALIA cyber range lab at Áraba Technology Park in Miñano. The substation is located in the TECNALIA'S smart grid cyber security lab at the Bizkaia Science and Technology Park, Building 700 in Derio.
The exercise involves a “capture-the-flag” attack. The best defence against cyber-attacks is understanding how hackers operate. Several red teams compete to complete the task in the shortest time. To do this, the attacker must locate vulnerabilities, penetrate the system, escalate privileges and repeat the procedure, hopping between systems to locate the substation control centre, where it will launch the OT attack part of the exercise.
In an assessment conducted by the Basque Government Development and Infrastructure Department (SPRI), this project obtained the highest score of all Elkartek proposals headed by TECNALIA.
