Participated in a cyber range exercise

This is Sashihara from the System Solutions Department

on June 20thNi Cyber ​​Security Co., Ltd.hosted bya cyber range exerciseparticipated in

I personally learned a lot from this, so I will give a brief summary

What is a Cyber ​​Range?

In simple terms

What to do if you are hit by a cyber attack?

What to do after a cyber attack?

This is an exercise where you can learn the following in a practical format

 

Exercise content

We will respond to any incidents that arise during the exercise

The process involves determining the priority and response policy for each incident and then responding to it

The work is generally done in a team setting, with each member assigned to one of three roles

The roles are roughly as follows:

• Alert Analyst

Monitor incidents and see what happened, when and where

• Incident Responder

Actual response when an incident occurs

• Commander

Manage and report incidents and the movements of each employee

 

The first time, I was an incident responder, which is what I do on a regular basis

The second time, I worked as an alert analyst

Impressions of the exercise

It was difficult because they launched a full-scale attack

We were able to determine to some extent how to respond, but because there were so many of them, it happened that while we were checking, another server would be attacked

I realized how important it is to share information, as some members were looking at the same server and some were left feeling bored

This was a very educational experience for me, as attacks like this can actually occur during operations

If you have the opportunity, please try to participate!