5
01/03/2016 1 1 2 Simulations of large-scale cybersecurity incidents and EU-wide cyber crises Advanced technical cybersecurity incidents Business continuity and crisis management situations Exciting scenarios, inspired by real-life events National and international cooperation Flexible learning experience

2016 02-14 - tlp-white ce2016 presentation

Embed Size (px)

Citation preview

Page 1: 2016 02-14 - tlp-white ce2016 presentation

01/03/2016

1

1

2

Simulations of large-scale cybersecurity incidents and EU-wide cyber crises

Advanced technical cybersecurity incidents

Business continuity and crisis management situations

Exciting scenarios, inspired by real-life events

National and international cooperation

Flexible learning experience

Page 2: 2016 02-14 - tlp-white ce2016 presentation

01/03/2016

2

3

5

Each month as from April 2016 and until October, a new piece of the puzzle will be

released

October 2016, for two days. Exact dates to be communicated upon registration.

Incidents will be available until end of exercise, re-opened in 2017 for self-paced

training.

Page 3: 2016 02-14 - tlp-white ce2016 presentation

01/03/2016

3

6

Incidents concerning the IT, telecommunication and cybersecurity industries

Potential impacts in other sectors as well, sub-scenarios can easily be integrated

The technical cybersecurity incidents include:

forensic and malware analysis

mobile devices infection

malvertisement campaigns

open source intelligence

analysis of DDoS, and many more…

7

ID Title

1 Malvertisement Campaign

2 Mobile Malware Generic

3 Mobile Malware Targeted

4 Anti-forensics Malware

5 Corporate Forensics Crime Scene –

Exfiltration (Part A)

6 Corporate Forensics Crime Scene –Exfiltration (Part B)

7 Attack of the Drones – UAV Forensics

8 Linux Server Forensics

9 Linux Malware Analysis

10 Windows Malware Analysis

(Ransomware)

11 Social Engineering Campaign – Spear

Phishing

12 DDOS attacks against clients

13 DDOS attacks on core network

14 Virtualization Escape Attack

15 Compromised Cloud Server – Server

Forensics

Page 4: 2016 02-14 - tlp-white ce2016 presentation

01/03/2016

4

8https://www.youtube.com/watch?v=2wVsB1WCfNg

9

IT security and business continuity/crisis management teams

The scenario requires knowledge in cybersecurity issues

There will be different types of topics, expertise in all of them is not required by a

single team.

Participating organisations will vary by country, for example

• National cybersecurity agencies, CSIRTs, Ministry relevant ICT, relevant public agencies, regulators,

ISPs, mobile services providers, cloud service providers, data centres, cybersecurity service

providers such as antivirus companies, private CSIRTs.

Page 5: 2016 02-14 - tlp-white ce2016 presentation

01/03/2016

5

11

It is a great opportunity to test internal business continuity and IT security policies

IT security teams will have hands-on incident handling opportunities

Can develop working relationships with competent national authorities and private

stakeholders

Find out the actors at national and European level when it comes to cyber crises

Be part of the growing EU community of IT security specialists

Have fun!

12

www.cyber-urope.eu

C3 [@] enisa.europa.eu