Computer security experts who protect networks that are part of the critical information infrastructure have to deal with increasingly complex problems. This was reflected in the second annual national technical Cyber Czech conference organized by the National Security Authority in the Cybernetic Polygon at Masaryk University in October. This time, the experts were placed into a complex scenario and tasked with protecting the railway network system, including a transport of nuclear waste.
This was the second technical training of this scale organized by the university’s Institute of Computer Science. Drawing lessons from last year’s experience, organizers modified the training to be even more realistic. Their fictional scenario was based on an escalation of public opinion on the migration crisis, leading to violent actions and cyber-attacks. The IT experts had to react to a situation where railway networks systems were the most vulnerable, information about attacks on these systems was coming from other countries, and one incident led to a tragic train crash with many dead.
As Radim Ošťádal from the National Cyber Security Centre, which is part of the National Security Authority, explains, “Participants faced intense and coordinated attacks. All teams were able to defend the infrastructure entrusted to their care until the very end and, based on the first impressions, they found the training useful. They really appreciated the chance to test real attacks in a simulated environment and communicate with actual journalists.”
The involvement of journalists was a new feature of this year’s training. The IT experts are usually divided into defenders of the computer systems and hackers. This year, there were 24 experts from public authorities, private companies, and some law enforcement organizations. They were divided into six teams and besides the attacks, they also had to deal with questions from journalists and address public concerns.
Jan Vykopal, head of the Masaryk University security teams, noted, “This year’s scenario included more facilities and services. The teams had to defend them and at the same time communicate with others and be aware of the legal consequences of their decisions.”
The critical information infrastructure defended during the Cyber Polygon training includes systems of mobile network operators, banks, and power plants as well as traffic networks, which were the focus of this year’s training. The practical test was preceded by strategic training, which took place in June and focused mostly on decision-making processes.
The training in a closed environment, which makes it possible to try out practically anything without putting networks and normal users at risk, attracted visitors from Finland, Estonia, and other countries.