During the exercise, participants will be provided with guidelines concerning a fictional organisation they are working for. With the available documentation, participants will be able to examine and analyse a cyber attack and seek to mitigate the damages. The short duration of the exercise provides an interesting challenge: one of the key questions is what to expect participants to learn in a complex learning situation in such a short time.
The recent cybersecurity attacks in Finland and abroad have shown that communication is an essential part when coping with a cyber attack. A detected successful cyber attack concerns not only the targeted organisation, but also an organisation’s ecosystem and its stakeholders. They need to receive timely updates and it helps when people speak the same language, so that internal and external communication can be clear and effective. Therefore, the exercise is targeted to people in charge of communications as well.
Jarmo Viinikanoja, the JAMK Exercise Leader, says:
"With the now-piloted exercise, attendees should gain a good understanding of how a team could collaborate and communicate during an incident response."
In the exercise, the fictional organisation’s internal and external communication representatives are alerted. A video setting the scene for Flagship 1 is available at JAMK’s video sharing service.
Online course open for everyone
JAMK has created an online course for the technically oriented attendees of the exercise, and has opened it for anyone interested for a limited time. Jani Päijänen, Project Manager, says:
"We saw an opportunity to share the course in public. There might be people that are interested in the subject, but do not know where to start. Taking the course gives first-hand information from a detected successful cyber-attack and perform basic digital forensic investigation. The course is doable within a weekend. We want learn the need of this kind of courses."
The online course is open to anyone but only until 17 December 2020.
Technology platform behind Flagship 1
The technology behind Flagship 1 is based on Realistic Global Cyber Environment (RGCE), a cyber arena developed in JAMK’s cybersecurity research, development and training centre, JYVSECTEC. The platform development started in 2011 and the first national cyber exercises were held in 2013. Since then, RGCE has been used in various realistic cybersecurity exercises and in cybersecurity masters’ level cybersecurity education at JAMK.
In Flagship 1 an open-source SD-WAN interconnection requirement specification is proven. It is used for interconnecting various cyber range internal and external services and endpoints as show in the picture below. The implementation is based on a requirement specification, documented in Part B of CyberSec4Europe deliverable D7.1.
Online course pages and materials: https://cs4e.pages.labranet.jamk.fi/ooc/
Realistic Global Cyber Environment (RGCE) Whitepaper: https://jyvsectec.fi/cyber-range/overview/
CyberSec4Europe is funded by the European Union under the H2020 Programme Grant Agreement No. 830929
CyberSec4Europe’s main objective is to pilot the consolidation and future projection of the cybersecurity capabilities required to secure and maintain European democracy and the integrity of the Digital Single Market. The CyberSec4Europe consortium consists of 43 partners from 22 Member States of the European Union and associated countries dedicated to research, development, and testing in the field of cybersecurity. Read more here: https://cybersec4europe.eu/