National cyber defence exercise ramps up scale & complexity

Actions /web/wcm/connect/pioneer/86e34fc2-c702-455e-8abe-17b884b4a661/24nov23_news1_photo1.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE.Z18_NG96HO01018QE0Q5VUU2KN0571-86e34fc2-c702-455e-8abe-17b884b4a661-oMexIBA /web/portal/pioneer/article/regular-article-detail/technology/2023-Q4/24nov23_news1
24 Nov 2023 | TECHNOLOGY

National cyber defence exercise ramps up scale & complexity

//Story by Thrina Tham / Photos by Chai Sian Liang

The second edition of defence exercise CIDeX doubles its participation, with over 200 joining from 26 agencies.

This year's CIDeX, now in its second edition, involved over 200 participants from 26 national agencies.

Malicious cyber-attacks can disrupt our water distribution, shut down our gas plant and overload our airport substation – crippling our way of life.

National agencies played out this devastating scenario on a fictional nation at the Critical Infrastructure Defence Exercise (CIDeX).

Held from 22 to 24 Nov at the National University of Singapore School of Computing, CIDeX 2023 saw participants detect and tackle cyber security threats that disrupt critical operations and infrastructures.

The exercise involved over 200 participants – twice that of its inaugural edition last year. It is the largest "hands-on-keyboard" defence exercise in Singapore.

The exercise, organised by DIS and CSA, strengthened inter-agency collaboration in tackling cyber threats to critical infrastructure.

Participants came from 26 agencies including the exercise co-organisers, the Digital and Intelligence Service (DIS) and the Cyber Security Agency of Singapore (CSA). Last year's exercise involved 17 agencies.

Three new operating test beds were also introduced this year, allowing participants to tackle disruptions to the fictional city's gas pipeline, 5G network and airport operations for the first time. The established test beds from last year include the water and power supply.

Participants took up roles in the Red and Blue Teams to carry out attacks on these critical infrastructures and defend them respectively.

(From left) Mr Perumal and ME4 Tan were part of the Red and Blue Team respectively; while ME6 (NS) Ng helped in planning the exercise.

Different agencies working together

The simulated attacks are kept updated and realistic to build the skillset of participants, said Commander of the Cyber Defence Group, Colonel Tan ShengYang.

"We model some of the known Tactics, Techniques and Procedures (TTPs) of real-life, advanced, persistent threat groups. So it's realistic because we mimic the TTPs and apply them within the exercise."

He added that DIS personnel go for regular training and have collaborations with tech partners and educational institutes in order to stay current.

ME6 (NS) Ng said that this year's exercise was bigger in scale and complexity compared to its previous edition.

Second-time participant Military Expert (ME) 6 (NS) Delaney Ng said that the scale and complexity of the exercise was ramped up this year.

As part of the planning team, the Operationally Ready National Serviceman was responsible for organising the exercise to strengthen the cyber defenders' capabilities.

"When a team is finding the scenarios really easy, we tune up the intensity such that they get the most learning value out of the exercise," said the 45-year-old, who is the co-founder and chief executive officer of INTfinity Consulting, a cyber security consulting firm

He added that the value of the exercise was in having different agencies come together.

"Typically, in cyber security, one trains as an individual… By coming together as a team and playing different roles, they can learn from each other, sharpen their skills and contribute. I think this is one of the greatest strengths of CIDeX."

Simulated attacks, such as the disruption of its power supply, were conducted on fictional nation Mystira (shown in model city pictured).

Red Team member Perumal Subramaniam, 38, was involved in planning and executing the disruption of the power supply and shutdown of the gas plant in the fictional city.

"It's my first time participating in CIDeX, so I have to understand the infrastructure behind the test beds. I have to understand the landscape to prepare and develop realistic scenarios accordingly," said the DIS Cyber Defence Specialist on how he focused on making the attacks challenging for the Blue Team.

On the other end, ME4 Yvonne Tan, 29, led the group responsible for protecting the city's water plant.

The Blue Team faced attacks that started with phishing and ransomware, which then progressed to affecting numbers in the water treatment network.

ME4 Tan (far left) worked with cyber-security teammates from CSA and PUB during the exercise.

"We closely monitored the vulnerabilities, what was exposed to external internet-facing systems," said the Security Operations Centre manager at DIS.

"I would say it took pretty fast (for us to remediate the issues) because our monitoring systems were all up… and we could do our threat hunting."

She added that working with participants from CSA and the Public Utilities Board (PUB) during the exercise helped strengthen her skills for her day-to-day job.

"I do daily monitoring and incident response in DIS, so it correlates to this exercise because we work to defend our critical networks together… It was an opportunity to make use of everyone's knowledge," said ME4 Tan.

Mr Heng (second from left) and Dr Janil (far left) visited CIDeX participants at NUS School of Computing on 24 Nov.

Visiting participants at CIDeX, Senior Minister of State for Defence Heng Chee How said that facing cyber-attacks is a fact of life today, and government agencies need to learn to defend against them together.

"You can see so many examples in the world – real wars, real attacks, commercial sector, security-related sectors – (causing) everyday life (to be) disrupted… So, for Singapore, we have to be ready for this," he said.

Senior Minister of State for Communications and Information and Health Dr Janil Puthucheary was also in attendance.

On the sidelines of CIDeX, the DIS signed Memorandums of Understanding (MoUs) for cyber collaboration with Google, ST Engineering Info-Security and Ensign InfoSecurity.

This is in addition to an MoU signed with Microsoft earlier this year, to expand its partnership with the technology sector.

Suggested Reading
I want you in my life
I want you in my life

They got off on the wrong foot when they were assigned as course buddies but soon found that they did not mind being stuck together.

She beat cancer, emerged among top GKS CSC graduands
She beat cancer, emerged among top GKS CSC graduands

Cancer survivor ME5 Alvina Tao recently became the top DIS graduate of her Goh Keng Swee Command and Staff College (GKS CSC) course.

Finding their way into DIS
Finding their way into DIS

One was inspired to become a soldier after attending her former students' Basic Military Training (BMT) graduation parades; the other is carrying on the legacy of his late father, who was a warrant officer in the Singapore Armed Forces (SAF). Military Expert (ME) 4 Evon Khoo and ME4 Kaviraj S/O Anbalagan show that it's never too late to find your calling or chase your passion.

Pioneer batch of DIS specialists graduate Feature
Pioneer batch of DIS specialists graduate

Among the DIS graduands is 3SG Philemon Tei, who had to cope with the loss of a loved one during training but eventually emerged as a Silver Bayonet recipient.

Digital and Intelligence Service takes part in first cyber defence exercise with national agencies
Digital and Intelligence Service takes part in first cyber defence exercise with national agencies

The exercise focused on training and strengthening Whole-of-Government (WoG) cyber capabilities to detect and tackle cyber security threats.

SAF sets up new Digital and Intelligence Service Feature
SAF sets up new Digital and Intelligence Service

This fourth Service will focus on building cyber capabilities and defend Singapore from evolving and increasingly complex threats in the digital domain.

SAF to sharpen capabilities & ramp up training, digitalisation efforts: Dr Ng Feature
SAF to sharpen capabilities & ramp up training, digitalisation efforts: Dr Ng

Defence minister Dr Ng Eng Hen outlines plans for the Singapore Armed Forces (SAF) to stay vigilant against heightened security threats, in his annual SAF Day interview on 30 Jun.

SAF's fourth Service to defend Digital domain
Cover story
SAF's fourth Service to defend Digital domain

The Digital and Intelligence Service will be set up by the last quarter of 2022, to defend against attacks in the cyber domain and help the Singapore Armed Forces fight better as a networked force.