Cyber Range
DART conducted a technical cyber range exercise for a government agency to evaluate the blue team cyber competencies of various critical information infrastructure (CII) sectors.
Background
The personnel from these CIIs hold a variety of certifications, including GCIH, GREM and Splunk, with most of them having a few years of cybersecurity experience. The government agency wanted to evaluate their readiness to respond to real-world cyber incidents.
The DART Solution
DART designed and conducted bespoke cyber ranges that catered to the security stacks used by the respective CIIs. The ranges simulated nation-level attacks to evaluate competencies in incident response and malware analysis, and combined ransomware with network attacks.
While many teams understood in theory how to respond to incidents and analyze malware, they were unable to translate that into practice when required to respond to a real-life scenario. On average, most teams only found 5 out of 28 artefacts and mission exercises.
Through the 3-day exercise, DART was able to test the blue team responses to a nation-level attack spanning multiple CIIs, and reinforce their competencies in preparation for real-life cyber attacks.
The cyber range helped these CIIs to identify areas of weakness and practice their hands-on competencies and be better prepared for an actual attack.
While many teams understood in theory how to respond to incidents and analyze malware, they were unable to translate that into practice when required to respond to a real-life scenario. On average, most teams took an hour to detect and respond to an incident. The insights from the exercise enabled the government agency to identify gaps in their capabilities and prioritize areas for improvement.