The CSIRT team coordinator has received an information about the data breach and immediately issued instructions for the monitoring team to identify where the attack was coming from. Subsequently, the FW team blocked the communication channels through which the attacker was stealing the data. However, it was not possible to avert the attack … Fortunately, it is all just a game we prepared.
The world in which we live and work is exposed to an increasing number of hacker attacks that can not only disrupt the system and take control of it but also endanger human lives. Based on the experience gained from real hacker attacks we designed the second game of Guardians 2018, which goal was, again, the defense of a hospital.
One of the many possible ways of preventing hacker attacks is through educational activities for students of IT departments. In a simulated and controlled situation, they can try to defend an IT environment directly under a hacker attack (by white hat hackers). This is the sort of training we provide to our clients, where our team adapts a simulated environment to the realistic image of our client’s IT infrastructure.
For the Guardians 2018, we have prepared a simulated hospital environment in which six students could test their abilities and experience proper hacker attacks.
Hackers were interested in accessing patients’ health records and internal communication between doctors, cracking hospital’s ordering systems and websites and gaining control over smart technology used in the building.
Guardians 2018 consisted of complex attacks without a possibility of direct detection and of so-called “brute-force” attacks. The students’ role was to block these attacks, analyze them and reveal the source and other details, including weaknesses and vulnerabilities.
These have been six hours of various attacks and incursions in the unknown environment under high levels of stress and pressure, with the team coordination being taken to its limits and the ‘guardians’ being defeated. Ultimately, Guardians 2018 was an authentic simulation and intense learning exercise, with students rating it as an excellent experience.
“One really sweats it out,” said Michal, who became the coordinator for the guardians’ team. Each of the students had a role – they were all responsible for hospital network facilities, file analysis, attack monitoring and detection, and two of the students also served as system administrators. “I was able to reveal some of my shortcomings, what I should improve, but also reaffirm what I am good at. I think everyone in the game used all their skills and knowledge,” added Michal.
A student and a member of the team, Jana, said: “I became interested in ethical hacking and I would like to continue with it. The boys were smart and I think we all had a good connection with each other and were able to create a team. It was challenging because we did not know each other before. During Wargame, however, we had to make a quick move and act.”
The simulation of the hospital attack was designed in such a way as to be able to show real conditions as faithfully as possible. “We designe the game environment based on the real conditions of our clients,” said Pavol Draxler, the director of the company.
After the success of Guardians 2018, foreign partners expressed an interest in collaboration for the next year, which means that the next game of Guardians could be held with several teams and internationally. If you are interested to join the game next year or have the training prepared for your company, please contact us.