Design attack scenarios: a real challenge for the project

Few days ago, in Tallinn, a large cyber-defence exercise has been conducted by NATO under the leadership of the Estonia-based Cooperative Cyber Defense Center of Excellence. The goal of the exercise was to assess the responsiveness of the NATO forces in case of multiple attacks vectors attacks coming from both cyberspace (attack targeting communication, industrial infrastructure such as water treatment plant or electrical plants) and battle field (air attacks by drones, naval attack). This type of military exercises aims to train NATO forces to react to such crisis and especially regarding the unexpected consequences of multiple attack vectors, which could slow down the action of police and military forces.  But this  exercise could also underline the importance of ATENA project to alert authorities regarding the consequence of potential cyber attack before they occur and slow down or paralyse the governmental actions to contain the crisis. Indeed, one of the ATENA project objectives is to model the interdependencies between essential services to avoid cascading effect which could lead to an unexpected increase of the emergency.

However, the reporting of such exercises also shows one of challenging tasks of the project: if it is easy to imagine attack scenarios to valid models, detection systems, risk analysis and prediction tools for one infrastructure, the work becomes harder and harder when you try to assess the efficiency of such tool in a complex scenario involving several infrastructure with different reaction timelines and mitigation strategies, and, however, interconnected and interdepend. The challenge is not to control that tools are working as expected, but the challenge is to build a realistic scenario involving such infrastructure. More precisely, it is easy to build a scenario of electrical grid attack leading to a substation shutdown or temporary blackout. But what does it mean for water treatment plan or gaz distribution station? They can live with except IF.

This is this “IF“, that ATENA consortium has to evaluate or to build to be able to assess the efficiency of the tools: if there is a power outage and if the gaz distribution provider need power to manage its own infrastructure to close a valve and sut down a gas leak… and if not… If in the same time, water could be needed in this area  for the fire department managing the gas incident and water distribution regulator is not able to manage his own network properly due to power outages… In such case, the assessment of interdependencies between infrastructure would be an asset to manage the crisis.

And the challenge is harder as the project also needs to forge the attacks themselves to make this type of scenario alive.



Comments are closed.