Scenario-Based Exercises

In the 2021 cyberdrill series the planners developed a background scenario of a chained exploit focused on interconnectivity and supply chain risk in the Critical Infrastructure sector. The technical challenges are stemming from real world use cases: technical incident analyses, network and system forensics, botnets, lateral movement, OT challenges and live red teaming. The incidents focus on the knowledge building blocks CIRT/CSIRT teams and relevant stakeholders face during their daily operations: hacker mindset, technical knowledge, think outside the box attitude and collaboration.

The scenario is based on fictious organisations and participants, in the fictious location of “Astristia ” and the participants are members of the national Incident Response team. IR members will face several incidents happening under their duty as the adversaries launch their attack against the providers of essential services with a financial goal on their minds.​