Cyber Wargames

A war game simulates a prolonged and persistent cyber-attack in several multifaceted phases and challenges the various responses, methods, teams, and decision-makers to cope with complex scenarios.

The war game is designed to examine how your organization responds to realistic simulated cyber crises; how it enacts & adapts business continuity plans, how appropriate your contingency plans are, and under which conditions they are more likely to fail.

The war game tests and monitors technology, processes, and procedures, through the phases of identification, defense, response, and recovery to an attack in depth.

War games test resilience, and build capability.

It is increasingly apparent that static security measures provide inadequate defense against sophisticated attacks, and organizations need to build confidence in their ability to recover rapidly, and resume normal operations.

The ability to resist, react, and manage such attacks requires an effective combination of technology processes and managerial procedures. Common failings in response to cyber-attack are found among different staff teams in their situational analysis, decision making, communication, and working practices during a crisis.

It is therefore important to elevate the organization’s knowledge, capabilities, understanding, and awareness by simulating a process that enables learning under real-world conditions that war games provide.

After the event there is a debrief workshop which includes a full analysis of the war game, review of different groups’ performance and self-assessment, reporting on the effectiveness of technology and methodologies, and feedback on:

  • Situation Awareness
  • Crisis Management Practices
  • Decision Making and Decision Taking
  • Employing Deception Tactics and Methods
  • Risk Assessment Methods
  • Communications: Internal & External

The workshop concludes by building consensus around a hierarchy of priorities for security, planning, and lessons learned

Arab Security Cyber Wargames Event's Phases
First Phase

A war game is a 3-phase process, commencing with a Jeopardy phase which is a series of questions (tasks) in range of categories. For example, Physical security, Data security, Regulations and Compliance, Cryptography, Secure programming, Disaster recovery, Social engineering and General security awareness. Team can gain some points for every solved task. More points for more complicated tasks usually. The next task in chain can be opened only after some team solve previous task.

Second Phase

The second phase is real life challenges, where all the teams compete to solve the same live challenges, in which some of the teams will practice real attacks and defenses. These challenges covers the following domains: Application security, Reverse engineering, Cryptography, Malware analysis, Data security, Network security, Mobile security, Steganography, Programming/Scripting, Hash cracking and Social engineering.

Third Phase

The third phase is an attack and defense phase where the teams should protect their own services for defense points and hack opponents for attack points.