Have you come across the concept of cyber-ranges before?
Cyber-ranges have arisen from the growing need to educate people about the way cybercrime works. The name of this new type of training service is derived from shooting ranges - safe places where people go to fire guns at targets - because a cyber-range is a safe environment for practising cybercrime defence.
One of the reasons data breaches and cybercrime attacks can be so destructive to companies is the time-lag that often occurs between the attack taking place and the company’s management realising they have a problem.
Most cyber-attacks start with emails, the ubiquitous communication we all take for granted. Cybercriminals are well aware that the average working person at a desk doesn’t know how to recognise a dangerous email, so if they want to break into a business, emails are the tool they use; sent to ordinary people inside their target company.
Joe or Jenny average-worker gets an email, clicks on a simple link or opens an innocent-looking attachment and in so-doing unwittingly releases a virus or spyware into their company’s computer network.
The virus spreads through the company infecting computers; servers; data storage systems; files and folders. By the time management realise there is a problem it is too late.
How cyber-ranges work
Cyber-ranges are not mainstream - they’re mostly used by government and military agencies - but with the accelerating growth in cyber-attacks they are becoming an increasingly valuable training resource.
A cyber range is a virtual environment that is used for cybersecurity training. They’re controlled virtual environments that allow trainers to simulate different kinds of cyber-attacks so that their students can learn how to manage them.
An organisation decides that they want to improve their team’s cybersecurity skills, so they book into a series of training sessions at a cyber-range. The simulations that their team works on can be customised to suit the sort of threats they are most likely to encounter. The biggest threats for most organisations are data-breaches and malware infections so those kinds of scenarios are a high priority.
Simulated cyber-attack training has the dual benefit of helping team members recognise the symptoms of a cyber-attack, and also practice implementing actions to mitigate the harm an attack might cause. They can learn in a safe space isolated from their real computer systems and have the opportunity to see a cyber-attack play out, observing the different outcomes produced by defensive tactics.
Cyber-ranges aren’t limited to running software based scenarios. A lot of facilities providing these services are using teams of hackers to create a realistic ‘human vs human’ dynamic in the experience, which mirrors the way social engineering works, as a major factor in real life attacks. In these scenarios, the trainers playing the role of cybercriminals will use direct communication strategies like phone calls and emails to try and extract information from students that would facilitate a data-breach.
Preparation is the key to defence
Social engineering is an increasingly common attack vector, especially in CEO fraud attacks (also known as ‘whaling’ attacks) which can yield millions of dollars for fraudsters in a single attack.
Every company needs to take steps to increase their cybersecurity preparedness.
Regulatory changes like the GDPR and the surging cybercrime statistics of recent years have justifiably made cybersecurity a top priority for CEOs.
The better informed your management team is about cybersecurity, the better your chances of not becoming the next data-breach news headline.
If you would like to learn more about the complex cybersecurity challenges facing business today, please download my e-book Surviving the Rise of Cybercrime. It’s a plain English, non-technical guide, explaining the most common threats and providing essential advice on managing risk.
“Cybercrime is a serious and growing business risk. Building an effective cybersecurity culture within an organisation requires directors and executives to lead by example. Surviving the Rise of Cybercrime is a must-read for directors and executives across business and in government and provides strong foundations for leaders determined to address cyber risk.” - Rob Sloan, Cybersecurity Research Director, Wall Street Journal
Download your copy of Surviving the Rise of Cybercrime for free, here.
I’m Craig McDonald, CEO of MailGuard, founder of GlobalGuard and cybersecurity blogger.