The company Binary Confidence in collaboration with the National Unit SK-CERT of the National Security Authority have prepared the third year of their annual Guardians competition, in which university students can try their skills at defending a political party from hacker attacks in a realistic environment.
“Win the election and anything is possible” is the name of the third annual Guardians competition for young IT specialists. Before an upcoming head of state election, the competition will simulate attacks on a candidate’s staff, show how they can be defended against and demonstrate the consequences of a failed defense against cyber criminals.
The ongoing Slovak presidential campaign has been running for several weeks and will most likely continue for another two, until the second round of the elections. The internet has a great deal of information, much of which got out through legitimate means. There is some, however, which may have been obtained by a candidate’s opponents in using less legitimate methods. Until it becomes publicly known, a candidate is unlikely to admit they faced a hacker attack.
Despite this, hacks can happen. For example, in the latest USA presidential election when the attack by Russian hackers on Hillary Clinton was revealed to the public only after the creation of the website DCLeaks.com, the Facebook profile and the Twitter account where hackers revealed the compromising information they had obtained.
Win the election and anything is possible
“We know from recent history that hacker attacks are a very effective instrument for influencing elections. Since Slovakia are electing a new head of state, we decided to dedicate the third year to the current theme of potential attacks on an election campaign”, explains competition organizer Pavol Draxler, cybersecurity manager at Binary Confidence.
“With the choice of name, we are trying to emphasize that it is not just about somebody losing information, but that a well-executed attack can give a hacker the power to impact an entire country” adds Pavol Draxler.
Important communication within the team
This realistic simulated battle of two defending teams, the so-called “Guardians”, against a team of hackers occurred the day before the Slovak presidential election. Two teams, made up of five students each, defended their candidate’s data from a group of hackers made up of experts from Binary Confidence and SK-CERT(NSA).
During the wargame, which lasted several hours, they had to defend their environments from real attacks. They could see how successful they were on a scoring board which showed what systems were compromised, as well as the points their team got for defending against attacks.
Before the main event, there was a qualifying round which was run as a CTF (Capture the Flag) competition. A total of 127 contestants registered, 45 of whom actively participated in the competition. The 13 tasks ranged in difficulty from beginner to somewhat advanced; the contestants could attempt tasks in various fields of cybersecurity, including reversing, steganography, forensic analysis and exploiting applications. Finalists then underwent training, where they learned to work as a team.
Rastislav Janota, the manager of the National SK-CERT Unit describes the competition as good preparation for a job as a cybersecurity analyst, a role which is still very much in demand in Slovakia.
A lack of good defenders
Although we do have very good security administrators in Slovakia, the role of a defensive team covers situations where sophisticated attackers run a targeted campaign aimed at breaking into specific systems. “Under active attacks, the experience of one universal individual is often insufficient; the work of a specialized team is required. You can have six excellent security administrators, all of whom are very skilled individually, but as soon as you connect them, they won’t know the processes and they won’t be successful in their defense. This is what the Guardians competition is all about”, explains Pavol Draxler.
In previous years, students tried to protect a power station and a hospital and, although the Guardians couldn’t withstand the attack in the end, Pavol Draxler was impressed with their attempts. “Their skills and knowledge pleasantly surprised me. As individuals, they are good admins and they could have defended against one isolated attack. Their problems were more to do with teamworking during a massive attack against which one person could not defend single-handedly, where communication was required”, said Draxler.
The European Union is also addressing the growing number of hacker attacks around the world. The NIS Directive with measures to ensure a mutually high level of network and information system security is in effect from the 9th May. In Slovakia, the NIS Directive was incorporated into the Act on Cybersecurity which came into effect on the 1st April 2018.
Antivirus is not enough – a comprehensive defense is required
System security cannot be left up to one antivirus program, not even one that uses the newest technology. “Any one isolated product will not secure a system against all types of attack. A whole set of measures need to be accepted“, explains Ján Andraško of Binary Confidence.
All channels where data passes must be protected. This ranges from physical security through to people, processes, networks, workstations and servers where data is stored.
For timely detection, a qualified team based in a Security Operations Centre – SOC has to evaluate what is happening on networks and devices.