News
New course helps protect critical UK national infrastructure against cyber attack
February 2015 by Marc Jacob
April will welcome the UK’s first ever hands-on InfoSec course designed specifically for IT professionals charged with securing critical national infrastructure and related industries. The new course from SANS Institute follows an increase in cyber-attacks aimed at delivering kinetic payloads.
SANS SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise will make its European debut in London from April 27th to May 2nd. The 6 day course includes hands on digital representation of a city and commonly found real world systems used across a wide range of computers, networks, programmable logic controllers and underlying protocols that operate most of the physical infrastructure used by key UK utilities, oil and gas, military and industrial automation.
Medin also highlights the challenges for the teams tasked with protecting these systems. “One of the fundamental problems for defenders is that these systems are complex and highly specialised and often in place for several decades. The skill needed to design and implement best practice security in these environments is scarce and even making small changes to live systems is a daunting process. There is an element of risk as the consequences of mistakes can literally turn-the-lights-out.”
The new course includes a 1:87 scale miniaturised physical city that features ICS-controlled electrical power distribution, as well as water, transportation, hospital, bank, retail, and residential infrastructures. The software systems used by these infrastructure models are real and the course is weighted towards hands on exercises to help students understand the processes attackers use to gain control, helping them to better defend these targets.
The course includes modules that focus on network reconnaissance, protocol manipulation, ICS switching and power grid manipulation. However, the course also looks at operator interface terminals and the human elements such as the targeting of key individuals through social networking and intelligence gathering. The course is rounded off by a red-team/blue-team mock cyber battle within the CyberCity to put theory into a practical arena for attack and defence scenarios.
SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise will take part within SANS ICS London 2015. The annual event will also run the foundation ICS410: ICS/SCADA Security Essentials course and two hosted courses on “Assessing and Exploiting Control Systems” and “Critical Infrastructure and Control System Cybersecurity”.
