- Imagine a company named Globexos Inc., a giant multinational organization dealing in technology solutions. They have a strong online presence, with thousands of customers making transactions every day through their gateway and countless worldwide footprints across remote locations. We have Dave Anderson, leading the cybersecurity department, entrusted with securing their vast, interconnected web.
- He is aware that sophisticated cyber threats, advanced pernicious malware, or a simple misconfiguration could jeopardize the safety of their dealings. An unfortunate security incident involving its competitor has bolstered the urgency. Therefore Dave decides to implement a Cyber Range exercise concentrating on Secure Internet Gateway Configuration under Rodger Ellis’s guidance, an expert cybersecurity consultant.
- Dave and Rodger intend to do so by simulating a real-world scenario inside their cyber lab, replicating the exact specifications of the company network. They aim to enhance the defenselessness of the organization’s web gateway, making it resilient to unauthorized intrusions. They are confident that such a drill will expose potential weaknesses and provide a greater understanding of their system response during an attack.
Playbook Objectives:
-
- To recognize and mitigate vulnerabilities in the company’s Internet Gateway.
- To test the company’s infrastructure against realistically simulated cyberattacks.
- To upgrade the company’s Incident Response capability and improve the skills of the cybersecurity team.
Difficulty Level:
- Advanced
Scenario:
-
- A notorious cyber threat group has breached into a prominent tech company’s (similar to Globexos Inc.) system. Their primary method was exploiting misconfigurations in the Internet Gateway, the organization’s first line of defense. To prevent such incidents, Globexos Inc. is performing a Cyber Range exercise revealing potential susceptibilities in their Internet Gateway.
Category:
- Internet Gateway Security
Exercise Attack Steps:
-
- Step 1: Replicate Globexos Inc.’s existing network structure within the cyber lab, ensuring to reflect the specifications of the Internet Gateway.
- Step 2: Rodger, playing the role of an external attacker, plans and executes different cyber attacks targeting the Internet Gateway.
- Step 3: Dave’s team will monitor live attack reports to identify patterns, breach points, and vulnerabilities.
- Step 4: Globexos Inc.’s cybersecurity team will use these insights to implement an improved and secure Internet Gateway configuration.
- Step 5: Re-run the attack simulation to validate the effectiveness of the new secure configuration.
- Step 6: After successful validation, implement the secure configuration in the company’s real network environment.
- Step 7: Document the improved setup and process in the playbook for future reference and practice.