The first pilot scenario was about testing and validating an initial version of the Cyber-MAR system in the scope of a cyber-attack scenario on the port authority’s electrical grid, in the Port of Valencia. The scenario was focused on the simulation of a remote access attack on the IT and OT infrastructure, and energy grid of the Port of Valencia. The first objective of this attack was to cut off the power supply to the port, by shutting down the grid management OT system, with the OT manager’s computer as the the original infection point. The second objective was to simulate a Ransomware attack triggered by the Command & Control server, that will cryptolock all workstations within the infrastructure of the port.
During the demo, the Cyber-MAR Cyber Range provided insights of the scenario through different points of view: from an attacker’s perspective and from a defender’s perspective using Intrusion Detection System (IDS) and SIEM.
More information about the first pilot demonstration can be found here.