The European Network for Cyber Security (ENCS) launched its new Red Team/Blue Team (RTBT) cyber security training, which casts participants as hackers and defenders in a live attack scenario in the energy sector. The training equips anyone working within the energy sector with the knowledge to help prevent, detect and respond to cyber threats.
Unlike traditional training constrained to a set of specific scenarios, ENCS has designed a unique, open-ended training environment, simulating a grid operator. Named Gridnet, the simulated company includes physical utility devices such as a medium voltage circuit breaker, routers, protocol gateways and protection relays. This is supplemented by a virtualised 40-substation network, a simulated grid environment and a SCADA network, to name just a few features.
Michael John, Director Operations, ENCS, said: “For both depth and breadth, this is the most detailed and realistic training available to utilities. The red team can choose multiple different approaches to attack – even to use malware we’ve designed to mimic real-world threats – and the blue team will have to respond.
“Our simulated grid environment really brings the training to life so participants can respond to an actual attack in real-time.”
As these infrastructures transition to a digital world, cyber security has become an increasingly pressing priority for utilities. High profile attacks this year have underlined that effective security is more important than ever. For example, widespread ransomware attack WannaCry highlighted the rise of automated attacks, whilst Industroyer demonstrated the increasing sophistication of targeted malware.
Anjos Nijk, Managing Director, ENCS, said: “As the energy landscape changes, it’s vital companies keep pace with innovations and step up their security measures. Access to the right skills has been a barrier in the past but now is the time to catch up. Our training will equip people with the expertise, knowledge and capabilities needed to protect their critical infrastructure.”
In the first two days of ENCS’ training, experts provide an overview of attack techniques and defensive measures. On day three, participants are divided into two teams. The red team attempts to shut down Gridnet, gaining deep insights into operational technology risks and learning to “think like a hacker”. The blue team acts to defend the grid, working on security monitoring, breach detection and incident response.
Three companies, including both DSOs and TSOs, have signed up for the new training before the end of 2017, with a number of large European utilities signing up in early 2018. [ENCS and ENTSO-E join forces on cybersecurity].
ENCS is a non-profit member organisation that brings together stakeholders and security experts to deploy secure European critical energy grids and infrastructure.
Image credit: 123rf