KTU have a lot of experience in conducting cyber range exercises in the public and education sectors. We have been conducting a similar type of cyber exercise for four years. Cyber security exercise Cyber range
take place in Lithuania. Over 300representatives of more than 40 Lithuanian state, cyber incident management and investigation, scientific, energy, communications operators, and other agencies, will practice responding to cyber incidents at the exercise.
Roles. Targeted to public and private sectors that manage the country’s information resources or critical infrastructure. Cyber protection, network defence, forensic analysis, tactics, techniques and procedures defence
against cyber-attacks, hackers, or other criminals
The roles of Cyber Range exercise general infrastructure
Blue Team: friendly forces. Real-life system administrators and computer security specialists.
Red Team: hostile forces. Almost no limitations on virtual battlefield.
Green Team: technical infrastructure. Designs, hosts network infrastructure
White Team: game management. Writes game scenario, rules, scoring system. Makes in-game adjustments.
Idea. “First and foremost, the goal of this exercise is to develop a closer cooperation in cyber security among Lithuanian institutions and to train representatives of those institutions so that they could have experience necessary for countering a real-lifecyber threat,” made by some of Our Team members. According to the Lithuanian Minister of National Defence, it is essential to hold exercises like that countrywide because cyber threats and attacks occur increasingly more often and in moresophisticated forms, while their harmful effect may damage operation of national information systems and infrastructure.
The idea of topology for simulation Cyber Range virtual exercise
Representatives of the participating institutions will form 50 teams and will work to protect a virtual information system created for the exercise and to ensure provision of its services. The teams will take part in the exercise from training sites in Kaunas(Lithuania)
which were installed for the exercise with assistance of Kaunas University of Technology developers, who are members of our team.
Prevention, detection and management of cyber incidents during the exercise will be implemented on the basis of the endorsed national cyber security management plan and organisation and technical cyber security requirements.
The next exercise can be organised with Development of the LITNET’s IT services for the education and research institutions (CERT LITNET).
What tools are we using to realise our cyber ranges?
OpenStack can replicate your network infrastructure, offering rich, multi-segment virtual replicas of enterprise IT and OT networks that include application servers, database servers, email
servers, Scada (based on modbus protocol). There are no mobile phones or switches We can help to prototyping training environment to include the exact cybersecurity tools your team uses every day, including SIEM, Firewall, endpoint security, or forensic tools,
to achieve hyper-realistic training in real-life settings.
Based on the KTU Cybersecurity Exercise Framework, we are proposing to build the Pilot of Cyber training & exercise Framework (Ct&eF, D9.4) of the SPARTA project.
By developing Ct&eF, other tools, like Open-Source AWS Cyber Range or Open Cyber Challenge Platform, can be used and / or integrated.
Soon, we will be starting activities focused on practical training and lab federations. Furthermore, we will be working on better hands-on training environments.
At this moment, I’d like to ask you about your experience with cyberrange software tools. Does anyone has any experience? What tools are you using to realise your cyberranges?
Anyone uses open tools, like Open-Source AWS Cyber Range or Open Cyber Challenge Platform?