The daily war waged between cyber-criminals and security experts will be played out in miniature in Abu Dhabi next month using an accurate model of a real city.
As part of the week-long HITB + Cyber Week security conference taking place at the Emirates Palace October 12–17, The Standoff challenge will pit competing teams against each other in a cyber-fight to gain control over a miniature city’s digital infrastructure.
The simulated cyber-battle will take place in a live-fire environment, allowing players to develop valuable insight into vulnerabilities that could be exploited in a real-life cyber-attack.
The model city has been created to feature technology in use in the critical infrastructure of an actual modern-day metropolis and has its own power plants, freight and passenger trains, banks, and petrochemical facilities.
Red teams representing attackers will attempt to hack into the city’s industrial control systems (ICS) and supervisory control and data acquisition equipment and take control of its traffic systems, electrical plants, and transportation services, while blue teams push back to defend the city’s companies.
Under the competition’s rules, the blue team will not be allowed any time to study the infrastructure, find weak points, pick attack detection tools, or apply fixes. Instead, they will jump straight into protecting vulnerable services that are about to be targeted by red teams.
Web-application firewall (WAF) rules, next-generation firewall (NGFW) policies, basic account management, and the ability to delete malicious payloads are the only tactics allowed in the blue team’s defensive repertoire. Attackers are under no such constraints and can do what they like, provided they don’t disturb the infrastructure needed to run the contest.
Dhillon Kannabhiran, founder and CEO of Hack In The Box (HITB), said: “The Standoff is one of the most challenging attack and defense contests in the world, where teams are competing to find vulnerabilities and attack vectors in real-world critical infrastructure.”
The Standoff’s hackable city was designed by Positive Technologies as a fun way for cyber-professionals to hone the protection and monitoring skills they use when dealing with real-world cybersecurity problems.
Head of cyber-battle business development at Positive Technologies, Gregory Galkin, said: “We’ve been working on The Standoff for almost 10 years now. We started with specialized trainings for information security experts and CTF players, but then understood that bringing our expertise even closer to the realities of life is a must in order to maximize the cyber-battle’s practical value.”
Source: Infosecurity Magazine