Re: [SPARTA - network.training-awareness] CyberRange Tools

12. 9. 2019 v 8:35, Algimantas Venckauskas &lt;algimantas.venckauskas(a)ktu.lt&gt;lt>: Dear Jan, KTU have a lot of experience in conducting cyber range exercises in the public and education sectors. We have been conducting a similar type of cyber exercise for four years. Cyber security exercise Cyber range take place in Lithuania. Over 300representatives of more than 40 Lithuanian state, cyber incident management and investigation, scientific, energy, communications operators, and other agencies, will practice responding to cyber incidents at the exercise. Roles. Targeted to public and private sectors that manage the country’s information resources or critical infrastructure. Cyber protection, network defence, forensic analysis, tactics, techniques and procedures defence against cyber-attacks, hackers, or other criminals <image003.jpg> The roles of Cyber Range exercise general infrastructure Blue Team: friendly forces. Real-life system administrators and computer security specialists. Red Team: hostile forces. Almost no limitations on virtual battlefield. Green Team: technical infrastructure. Designs, hosts network infrastructure White Team: game management. Writes game scenario, rules, scoring system. Makes in-game adjustments. Idea. “First and foremost, the goal of this exercise is to develop a closer cooperation in cyber security among Lithuanian institutions and to train representatives of those institutions so that they could have experience necessary for countering a real-lifecyber threat,” made by some of Our Team members. According to the Lithuanian Minister of National Defence, it is essential to hold exercises like that countrywide because cyber threats and attacks occur increasingly more often and in moresophisticated forms, while their harmful effect may damage operation of national information systems and infrastructure. <image004.png> The idea of topology for simulation Cyber Range virtual exercise Representatives of the participating institutions will form 50 teams and will work to protect a virtual information system created for the exercise and to ensure provision of its services. The teams will take part in the exercise from training sites in Kaunas(Lithuania) which were installed for the exercise with assistance of Kaunas University of Technology developers, who are members of our team. Prevention, detection and management of cyber incidents during the exercise will be implemented on the basis of the endorsed national cyber security management plan and organisation and technical cyber security requirements. The next exercise can be organised with Development of the LITNET’s IT services for the education and research institutions (CERT LITNET). What tools are we using to realise our cyber ranges? OpenStack can replicate your network infrastructure, offering rich, multi-segment virtual replicas of enterprise IT and OT networks that include application servers, database servers, email servers, Scada (based on modbus protocol). There are no mobile phones or switches We can help to prototyping training environment to include the exact cybersecurity tools your team uses every day, including SIEM, Firewall, endpoint security, or forensic tools, to achieve hyper-realistic training in real-life settings. Based on the KTU Cybersecurity Exercise Framework, we are proposing to build the Pilot of Cyber training & exercise Framework (Ct&eF, D9.4) of the SPARTA project. By developing Ct&eF, other tools, like Open-Source AWS Cyber Range or Open Cyber Challenge Platform, can be used and / or integrated. Regards, Algimantas Venčkauskas From: network.training-awareness &lt;network.training-awareness-bounces(a)server.sparta.eu&gt; On Behalf Of Jan Hajny Sent: Friday, September 6, 2019 4:43 PM To: SPARTA WP9 ML &lt;network.training-awareness(a)internal.sparta.eu&gt; Subject: [SPARTA - network.training-awareness] CyberRange Tools Dear WP9 Partners, Soon, we will be starting activities focused on practical training and lab federations. Furthermore, we will be working on better hands-on training environments. At this moment, I’d like to ask you about your experience with cyberrange software tools. Does anyone has any experience? What tools are you using to realise your cyberranges? Anyone uses open tools, like Open-Source AWS Cyber Range or Open Cyber Challenge Platform? Thank you, Kind regards, Jan —— doc. Ing. Jan Hajný, Ph.D. Advanced Cybersecurity Brno University of Technology Phone: +420 541 146 961 WWW: http://crypto.utko.feec.vutbr.cz <http://crypto.utko.feec.vutbr.cz/>