Author:
Bernhards Blumbergs
Affiliation:
CERT.LV, IMCS University of Latvia, Riga, Latvia Centre for Digital Forensics and Cyber Security, Tallinn University of Technology, Tallinn and Estonia
Keyword(s):
Cyber Red Teaming, Computer Network Operations, Industrial Control Systems, Exploit Development.
Related
Ontology
Subjects/Areas/Topics:
Computer-Supported Education
;
Enterprise Information Systems
;
Information Systems Analysis and Specification
;
Information Technologies Supporting Learning
;
Security
;
Security and Privacy
Abstract:
Cyber red teaming and its techniques, tactics and procedures have to be constantly developed to identify, counter and respond to sophisticated threats targeting critical infrastructures. This paper focuses on cyber red team technical arsenal development within conducted fast paced computer network operation case studies against the critical infrastructure operators. Technical attack details are revealed, attack tool released publicly and countermeasures proposed for the critical vulnerabilities found in the industrial devices and highly used communication protocols throughout the Europe. The exploits are developed in a reference system, verified in real cyber red teaming operations, responsibly disclosed to involved entities, and integrated within international cyber defence exercise adversary campaigns.