The threat of attacks from hackers and cyber criminals has been rapidly growing in recent years. Whether viruses, malware, ransomware or targeted APT attacks, their common goal is to get to sensitive data of institutions, private companies and even hospitals. The European Union being aware of the seriousness of the situation last year issued a directive ordering all member countries to introduce mandatory safety measures.Therefore, The Slovak parliament has been preparing a draft concerning a law on cyber security, ordering some selected companies and institutions to regularly monitor their data protection and to inform about any penetration into their database. The negative trend of low data security, which often results in data being stolen for trading on the virtual black market was the motivator for holding the first event of its kind – Guardians, 2017: to prevent a catastrophe taking place on February 15th in the student dorm Mladosť in Bratislava.
The patron of the event, which aimed to raise awareness about the problem of cyber-crime and its possible impact on the population, was the Slovak company Binary Confidence. The company is operating a centre of continuous data protection and specializes in issues of data protection and security through active monitoring.
“We have been thinking about ways of alerting about the problem of cyber security already for some time, especially if we are talking about sensitive data. However, sometimes not even the companies and institutions owning such data realize how serious the data theft consequences are. The problem is mainly a lack of experience or the administrators’ capacity. In the end we came up with an idea to create a simulated game that meets almost all of the elements of reality. The role of the selected IT students was to protect a virtual thermoelectric power-station against elaborate and permanent attacks of cyber criminals who tried to get through its virtual barrier and penetrate to its core. In case they would fail, the power-station model would gradually start to smoke.” Said Pavol Draxler, IT security manager of the company.
Although it may seem that such a threat can only be “virtual” and is out of touch with reality, the opposite is true. In December 2015, a hacker hacked into the Kyivoblenergo power-station in Ukraine and stayed in there for six months unnoticed. The hacker used this time to get familiar with all the processes and employees’ behaviour, and finally dared an attack that caused a massive power failure.
As Pavol Draxler further warns: “Companies often believe that antivirus and firewall are sufficient for their data protection. This method is sufficient for generic attacks. But the truth is that when the cyber criminals identify a specific target they are constantly working on ways to be at least one step ahead. They possess a quality infrastructure, the attacks are coordinated and carried out by many people from all over the world at once. Therefore it is essential that each layer of the organization is constantly monitored and these attacks detected and prevented in time. Fortunately, such a security system already exists. “
Students, who were qualified, received an introductory training in SIRT team and together with the assistance of IT experts tried to avert the disaster. Although it first seemed, that they would succeed in protecting the power-station, eventually they failed.
Even though work in such protective teams requires intensive training, the students coped very well with the situation and despite it being their first time they revealed 62% of the attacks. All the more interesting was the following post simulation attack analysis between the hackers and the students at the end of the exercise.