By Jane Lo, Singapore Correspondent
Welcome to Ixia Cyber Combat – where corporate cyber defenders across financial, technology, government, and educational sectors test their mettle by attacking enemy networks and defending their own servers under real-world cyber-attack scenarios in a safe simulated environment.
Over the 12-hour event, teams attack enemy servers, expose vulnerabilities and discover Cyblocks (units of Blockchain created by Ixia specifically for the event), while defending their own “fortress” from the other teams. Combining the ideas of video gaming and cybersecurity hackathons, Cyber Combat is a highly charged competition, where points are accumulated in defending protected resources (Blue Team) and breaching enemy defenses (Red Team).
Red team players use network infiltration and data exfiltration techniques such as:
- Discovering, enumerating, and infiltrating Windows and Linux servers defended by a Fortinet NGFW
- Exfiltrating and cracking salted, hashed passwords stored in databases
- Searching penetrated machines for valuable data hidden via steganography
- Combing through metadata for breadcrumbs of valuable information
- Writing custom scripts to unlock data
Blue team players defend their assets to respond to many scenarios crafted by Ixia’s Threat Intelligence, by
- Monitoring SIEM and NGFW logs for ongoing attacks
- Modifying configurations to thwart attackers
- Examining network traffic, and correlating events to discover and stop coordinated attacks
The ability of Red and Blue players within the same team to collaborate under some scenarios also contribute to points accumulated.
Held at the School of Arts on 22nd Nov 2018, the second edition of the Cyber Combat – 2018 Cyber Combat Finals Singapore – saw 20 two-person winning teams from Hong Kong, Thailand, Japan and Singapore and fresh warriors showcase their skills fighting real-world cyber-attack scenarios in a final standoff.
Supported by IXIA, KPMG and Fortinet, the event brought together Ixia BreakingPoint on Ixia PerfectStorm, Ixia ThreatARMOR, Fortinet Next-Generation Firewall (NGFW), Quali Orchestration, and Splunk Security Information Event Management (SIEM).
“This unique format of event, gives an opportunity for the best cyber security experts to compete against peers in the industry in a safe yet challenging environment. The event is intense lasting 12 hours and requires skill and endurance”, said Naveen V. Bhat (Manager Director of Ixia, a Keysight Business for the Asia Pacific region).
Echoing Mr Bhat’s views, Ragul Balaji of the winning team T0X1C V4P0R said Cyber Combat “accurately simulated the challenges of performing both audits as well as defence at scale”, providing a “gruelling experience battling it out with the best in our region”.
One of the cyber security skill gaps challenges is the development of hands-on experience, including the need for security practitioners “to know the enemy, their techniques, and their view of the IT world”. With a realistic production-like multi-vendor environment, Cyber Combat is a practical way to develop and enhance these skills. “This event is a way for players to test their security skills and also prepare for potential cyber incidents as a team”, said Eddie Toh, Head of Forensic Technology Asia Pacific, KPMG.