The scenario: A hospital is conducting a clinical trial of a new drug. The attacker does not want that drug to go to market. In order to thwart the drug’s success, the attacker must sabotage data being collected from patients in the trial so the FDA will not approve it.
There’s no better way to learn something than by doing. With this in mind, Symantec created CyberWar Games, an innovative approach to understanding the cyber threats our customers face every day by giving employees the opportunity to walk in the shoes of the attacker. CyberWar Games allows employees to better understand an attacker’s motives, tactics, techniques, and goals from the hacker’s point of view. Similarly, when a pilot goes through the process to obtain a pilot’s license, they don’t just read a few books, hop into a cockpit and fly the next red eye off of the runway. Instead, they’re trained in classes and spend hours upon hours in simulations before even touching the controls of a real plane. In the same fashion that pilots are trained, we are training our employees to become stronger experts in cyber security.
Last test was rough for County West General Hospital. Its IT staff noticed almost immediately that the kickoff off round of FDA testing for a new drug from Bromley Weyland Pharmaceuticals appeared to be compromised. Patients in the study saw their monitor readings run the gambit of extremes. Worse, patient data was being changed as the worried IT staff monitored the critical situation. Someone had hacked into the hospital network and early indications were it was an inside job. Fortunately, it was just a simulation at a fictional healthcare facility and the ten teams hacking into the live network were all Symantec employees who had won the right to be a part of the company’s three-day 2015 CyberWar Games held in Mountain View, CA.
Many businesses and government-related organizations enlist ethical hackers, or experts who systematically penetrate a computer system or network on behalf of its owners in order to discover its vulnerabilities.
Employees learn how an attacker can exploit networks, applications, products, and solutions, and why they might be motivated to do so. In this year’s simulation, maybe the attacker was a disgruntled employee of the pharmaceutical company conducting the clinical trial, or an employee of a rival company that would prefer its version of the drug go to market first.
This role-reversal changes the way employees think about emerging threats and cyber-criminal tactics.
“This is helping us provide quicker, more contextual input into attacks for our customers,” said Samir Kapuria, General Manager, Cyber Security Services at Symantec.