top of page

CyberXCenter CEO Participate in Critical Infrastructure Security Showdown 2022 (CISS)






It is an honor to be a judge again for #CISS Critical Infrastructure Security Showdown 2022.


The Critical Infrastructure Security Showdown 2022 (CISS2022) is iTrust’s sixth international technology assessment cyber exercise. The exercise is held entirely online and is sponsored by the National Research Foundation and the Ministry of Defense.





The sixth run of iTrust’s international technology assessment exercise, the Critical Infrastructure Security Showdown 2022 (CISS 2022), was held from 12 to 19 Sep 2022 at the Singapore University of Technology and Design (SUTD) with the objectives of improving the understanding of composite Tactics, Techniques, and Procedures (TTP) for enhanced operation security, validating and assessing the effectiveness of technologies developed by researchers associated with iTrust 1 , and developing capabilities for defending critical infrastructure against cyber-attacks






The competition was held in two stages, with Stage 1 being a Capture the Flag (CTF) event where 28 Red Teams competed. The top 10 Red Teams from Stage 1 advanced to the final stage, where they were given specific attack objectives to achieve and points were awarded. The Intrusion Detection System (IDS) Teams, composed of iTrust's anomaly detectors, and 6 commercial products, were installed to detect the anomalies resulting from the attacks. The IDS Teams were only present in the final stage of the competition and were tasked with detecting the anomalies






Regarding the evaluation of the IDS Teams, it was observed that commercial products using network traffic were able to detect most of the OT attacks, while detectors using OT process data were able to detect even more. It is also important to consider the explainability feature of an IDS for the benefit of plant operators who must respond to alerts and determine whether a process fault or a cyber-attack has occurred.


The explainability feature facilitates rapid response and recovery in the event of an attack. Overall, the evaluation of both Red Teams and IDS Teams highlights the importance of continuous research and development in the field of ICS security. These evaluations provide valuable insights for improving the performance of both offensive and defensive cybersecurity measures, which are crucial for the protection of critical infrastructure.




The results of the competition showed that using the MITRE ATT&CK® Matrix for ICS2 as a guide, many teams were unable to perform network discovery, which is crucial for identifying devices and services to exploit to achieve attack objectives. Further research and practice in this area would benefit ICS pen-testers and enhance critical infrastructure protection


Really enjoyable to work with esteemed individuals and brilliant minds such as Delaney Ng, Francisco Furtado and Mark Goh.

73 views

Comments


bottom of page