Ixia, a Keysight company, is the global leader in network and applications testing and validation. Ixia’s Cyber Range solution and services provide leading government bodies and enterprises the the most comprehensive cyber defense skills training and development platform and training.
THE IXIA CYBER COMBAT:
FROM CONVENTIONAL WARFARE TO CYBERWARFARE
Just because warfare is moving to the cyber realm, it does not mean that lessons from real battlegrounds have lost their relevance and significance. The main rule from Sun Tzu’s Art of War still applies: if you know the enemy and know yourself, you need not fear the results of a hundred battles. To know the enemy’s warcraft, aspiring cyber warriors can leverage the knowledge of security experts, such as the Ixia Application and Threat Intelligence (ATI) Research Center, that offer exposure to 6,000+ live attacks, 35,000+ malware, 330+ application signature families, distributed denial of service (DDoS) and botnet attack simulations. To know themselves, cyber defense teams need to be tested in real-life conditions in a cyber range environment to practice on a realistic production-like environment integrating a multi-vendor agnostic environment. The best cyber warriors train, train, train. They test their limits at the cyber range. They train for combat with multiple simultaneous scenarios and enemies. They train to the breaking point with scalable real-world traffic and attacks.
real-life conditions - unlimited attack and defense options - and training to the breaking point
The objective of the competition was to present cybersecurity in an exciting and engaging context to potential professionals of the future and enable security professionals to hone their skills in simulated cyber security attack scenarios. Participants came from a range of industry backgrounds, including financial services, technology, government, and education. During the contest, the teams competed to take down enemy servers, expose vulnerabilities, and win flags while defending their home ground against enemy attacks. The participants were exposed to a range of new tools, skills, and situations. Each two-person team was made of an attacker (red team member) and a defender (blue team member). Victory was defined as successfully mastering the combination of infiltrating opponents’ servers while diligently defending their own over a 12-hour timeframe. All teams resided in the same Cyber Range environment on the same network with over 250 flags to capture and defend. More than 40% flags were designed to test the latest security breaches. Red team players had to use the best techniques of network infiltration, data mining, and exfiltration. Red team scenarios were: • Discovering, enumerating, and infiltrating Windows and Linux servers defended by a Fortinet NGFW • Exfiltrating and cracking salted, hashed passwords stored in databases • Searching penetrated machines for valuable data hidden via steganography • Combing through metadata for breadcrumbs of valuable information • Writing custom scripts to unlock data Blue team players had to race the clock in rapidly identifying ongoing attacks, hardening their servers, tuning their security infrastructure, and even rooting out attackers inside the networks they were protecting. Red team scenarios were: • Monitoring SIEM and NGFW logs for ongoing attacks • Modifying configurations to thwart attackers • Examining network traffic, and correlating events to discover and stop coordinated attacks The Ixia Cyber Range platform presented in real-time a dashboard of key performance indicators for teams, individuals, and executives to learn from scenario success rates, red team performance, blue team performance, and individual cyber warrior performance. The entire Ixia Cyber Combat event was executed on the Ixia Cyber Range in a box, called “The Beast”, composed of Ixia BreakingPoint on Ixia PerfectStorm, Ixia Threat Armor, Fortinet Next-Generation Firewall (NGFW), Quali Orchestration, and Splunk Security Information Event Management (SIEM).