Saturday 12 December 2015

Using cybX exercising to test cybercrime capability in the UK and Europe

Last week I was helping a scenario based cyber exercise at the Cabinet Office Emergency Planning College in Yorkshire. We were using the CYBX suite. It involved  8 countries managing a range of cyber challenges.

Below is the release from CYBX about the exercise and it's forerunner Silver Pilot involving many Regional and National UK cybercrime assets. cybX is managed by Serco who run the Emergency Planning College for the Cabinet Office.

Testing and exercising cybercrime units across the UK and Europe is an essential aspect of planning and preparing ourselves for the future of criminality and risk in cyberspace.



Serco has taken part in a ground-breaking exercise run by the UK’s National Crime Agency (NCA) to test the international response to serious cyber crime. 

Specialists from across Europe were put through their paces using Serco’s unique and realistic cyber exercising capability - cybX - which prepares private and public sector organisations to test their ability to prepare and respond to serious cyber attacks.


Exercise ‘Silver Shadow’ - a multinational exercise run by the NCA’s National Cyber Crime Unit (NCCU), funded by the Foreign and Commonwealth Office and supported by the Home Office -  saw officers from eight different countries come together to assess their collective response to a simulated cyber attack on a fictitious international petroleum company.


The aim was to test how investigators and prosecutors would work together in the event of a complex criminal incident spanning several different legal jurisdictions, to ensure an effective response to future cyber crime attacks.


The week-long exercise began on Monday 30 November and took place at the Cabinet Office’s Emergency Planning College (EPC) in North Yorkshire, which is run by Serco.


The countries involved in the exercise were Bulgaria, Georgia, Lithuania, Moldova, Romania, Ukraine, the UK, represented by the NCA’s NCCU, and the US, represented by the FBI. A representative from Europol’s Joint Cyber Action Taskforce (J-CAT) also took part.


cybX compliments the wider civil resilience training Serco provides at the EPC, enabling organisations to test and improve their cyber resilience in a safe, realistic and secure environment.Management and IT staff are tested through a variety of simulated scenarios on their ability to identify and end a cyber-attack, and manage their organisation’s response. 


The training gives participants a greater understanding of their organisation’s risks, strengths and areas for improvement, as well as a better understanding of the communications and relationships they need with their supply chain, customers and other stakeholders, including law enforcement.


Richard Preece, Serco's Director of cybX, commented: “It’s been a privilege to support members of the UK and international law enforcement community. Every day we hear about another cyber-attack and our training has helped the NCA to improve their capability to tackle cyber crime.


“It’s one thing to invest in the best technology, but organisations must also invest in developing their people and test their capabilities. Serco’s training puts employees from the board room to server room through their paces, enabling organisations to be more resilient to the inevitable cyber-attack.”


Further details on the NCA website

Sunday 6 December 2015

Urgent Cumbria Flood Appeal

URGENT   Cumbria 2015 Flood Appeal

An appeal launched to raise funds to support the individuals and communities devastated by the December flooding and storms in Cumbria.

Friday 4 December 2015

Wetherspoons Hack

The company Wethersoons seems to have been hit by the next in a long series of hacks.
See for a good update

Some simple issues

1. In a breach, even if full financial data is released the data can be used to "con" victims into releasing other data. Using "Social Engineering" offenders may be able to act as if they are your bank or credit card company and illicit data that could compromise your personal financial security. Have a look at the UK primary site for cyber security
2. If you are a CEO or Chair of a company, anticipate that you will be in the front line in the event of a breach. In all cases, the top of the organisation has to become the voice of the business. Do you as a company think about how you would cope in the event of an attack, do you exercise or test your processes. for large organisations see for a very sophisticated approach
3. At board level, do you understand what your IT staff do, have you seen a Firewall in action, do you know the parameters and policy for managing your data? Have your managers and supervisors engaged in creating a common understanding of your technological needs? Do you have access to effective and available technical staff when it goes wrong?

Wetherspoons CEO John Hutson has apologised quickly and rectified as well as identified that the breach could not occur again. The ICO no doubt will have further questions as will the media and shareholders, time spent preventing will ofen far outweigh the costs and time of investigating.

Who's next?

Popular Posts in last 7 Days