Cyber Range training preps your business for real-life problems
Posted onWe’re wired to the core. Digital networks connect everything from our office computers and bank accounts to baby monitors or even pacemakers. In a world where data privacy is compromised for convenience, more and more cases of stolen information are being leaked.
Most people are unaware of how much online information they share. Cybercriminals can buy access to personal data for just $20 to learn about your interests, where you work, which car you’ve got parked in your garage, even what kind of childhood trauma you discuss with your therapist.
Data is the new currency of today. It’s not just online privacy that you’re selling but also your personal life. But, unfortunately, the way we approach cyber security and data protection is out-of-date. A more coordinated effort is needed from both public and private enterprises to protect our information from hackers.
What would you pay for your online safety?
Most of us are unaware of how much data we share voluntarily. We are even less aware of how much data gets syphoned from us involuntarily.
The Technology Policy Institute — a tech policy think tank — did a study. They asked respondents in Argentina, Brazil, Colombia, Germany, Mexico, and the United States what payment would be sufficient to disclose their data on finances, biometrics, location, networks, communications, or web browsing.
While the answers varied according to the type of precise data in question, and while American respondents would relinquish their data cheaper than the Germans, the average price to gain access was staggeringly affordable: only 10$ a month.
Cybercriminals are costly
In 2021, cybercrime is estimated to inflict global damages of up to $6 trillion. This number is a staggering 400% more than in 2019. By 2025, the costs are estimated to increase up to $10.5 trillion. While the typical price for cybercrime in 2021 was, on average, $170,404, of those recorded, the highest ransom in 2021 was a gasp-inducing $3.2 million. The sad part is that even with dishing out all this extra money, only 8% of the companies reportedly get their data back.
We have to remember that the costs do not stop at ransom payments. There are all the remediating costs: for the damage and destruction of data, stolen money, lost productivity, theft of intellectual property, loss of personal and financial data, embezzlement, fraud; not to mention the post-attack disruption to business, forensic investigations, restoration and deletion of hacked data and systems, as well as reputational harm. Let’s face it – sorting yourself out after being attack is a right hassle!
As insurance claims are up, capacity is down, and underwriting profitability is under pressure at best, understandably, cyber insurance premiums are ratcheting up, too.
In a world where digital threats are increasing, preparedness is vital. Governments and companies need to design a future of cascading cyber attacks more than ever while also managing their online presence with care.
Realising what real-life attacks could do
Gen Xers remember well the American Cold War science fiction techno-thriller film called the WarGames, where a teenage hacker unwittingly accesses a United States military supercomputer and stages a massive Soviet first strike. So naturally, NORAD thinks the strike is actual and prepares for retaliation.
Then American president Ronald Reagan, a former actor himself, watched the WarGames at Camp David on the weekend it was released. It freaked him out. Regan asked at a White House meeting if something like that could happen in real life? Could someone hack into our most sensitive computers? “Mr President, the problem is much worse than you think,” came back the answer.
The film influenced Reagan’s view on cyber safety and led to a significant revamp of how the US Defence Department handled computer security. It also impacted future legislation.
Now, many decades after WarGames, the vulnerability of networks and digital systems is better understood and accepted. As a result, it’s considered a must for companies, industry leaders, nonprofits, NGOs, universities, and government organisations to test their systems rigorously and then test them and test them some more.
Cyber ranges take your testing to task
Testing is essential, but it is not enough. It’d be like bringing a knife to a gunfight. You’ll want to ensure that all the testing and iteration you’ve done also carries over to real life. And how do you do this? By practising! After all, they say practice makes perfect.
But where do you find a place to practice? Where can you find an organisation willing to expose its infrastructure just so that you can go ahead and blast it with anything and everything to demolish it, steal data from it, make it infectious or work to surrender it completely useless?
The answer is Cyber Range. It is increasingly necessary for any serious player, public or private, to either build or join a cyber range, where practising every situation imaginable is possible.
A cyber range is an online space for hacking. It is a virtual world where white hats can train to be the best defence against hackers. Cyber ranges include the worst fruits where you have your own catacombs and dungeons from where you can repel your enemies again and again until you have perfected your craft.
The only way you can stay on top of your game is by practising every situation imaginable. The best part? Participating in a cyber range doesn’t require much time commitment outside your day job. Moreover, representing yourself against opposing forces will prepare you for any future challenges with conviction.
A realistic environment makes for effective training
We know how important it is for security teams to test their responses and to assess if there’s anything in need of improvement before being faced with a cyber attack. This is why we developed Rude and Ruge.
Rude allows you to train operational processes and communications in problem situations, such as broken trunk cables, power outages, or broken critical network devices. It helps you emulate challenging network conditions like bandwidth limitations, line breaks, broken packets and bursty traffic. With the Rude network emulator, you can combine microsecond accuracy with up to 25 Gbps line rate.
With Ruge, you can generate real-like attacks. With it, you can create a simulation by mimicking attack traffic with millions of sources. You can craft any attack scenario based on your needs. For example, you can design a hawkish bombardment based on what you know about your system’s vulnerabilities. Because you can combine the simulated attack traffic with your typical load, Ruge will offer you as close a feel of an actual cyber attack that you can get without actually getting damaged.
Together Rude and Ruge give you an in-depth look at what can happen in real-time and allow your team to prepare accordingly.
We offer tailored cyber range solutions for different scenarios — even for those in the early stages of development. Ask for a demo!
See also A case study on revealing the real-life DDoS protection.