The National Cyber Testing Ground was launched on the order of the Russian Ministry of Digital Development, Communications and Mass Media as part of the Digital Economy program. It is designed to test the processes associated with identifying and reacting to cyber attacks on the level of industries and key organizations. Its main feature is the Cyber World platform, which is a full-fledged technical infrastructure with real industrial equipment that can be used by students to practice solving specific tasks on true-to-life models.
In 2021, the Testing Ground’s support centers were launched in four Russian universities, including ITMO. The center has at its disposal workspaces, servers, and computers. As of today, the support center hosts various cybersecurity events – wargames, inter-university competitions, and workshops organized by either the university or its partner companies like Rostelecom Solar.
According to the center’s director Aleksander Menshikov, participation in cybersecurity wargames is important as it offers students the opportunity to acquaint themselves with the practical aspects of cybersecurity.
When the National Cyber Testing Ground’s support center was only being launched at ITMO, the organizers conducted several demonstrational wargames and invited students who’d already participated in other competitions in information security. Ten to fifteen students participated in various stages of the wargames, each working on their own. Then, the organizers gathered a team of five to represent ITMO at the intercollegiate games.
All of the team members study at the Faculty of Secure Information Technologies and some work in the field of cybersecurity and participate in various competitions. For example, team captain Dmitry Tatarov got third place at 2021’s I am a Professional competition in information security among Master’s students. He also participates in CTF – team competitions in information security where one has to protect their server from cyberattacks and capture another’s. What’s more, he found several vulnerabilities in software and registered their identifiers (CVE).
According to Dmitry, the team studied previous wargames in order to prepare for the intercollegiate games. The task was the same: to understand how an intruder operates, describe their actions, and prevent an attack on a company’s network. The company is always a different one. Still, the ITMO team captain comments that there are certain industries that are easier to work with, as they are more oftenly encountered in the team members’ professional activities and their daily lives. Among such companies are banks and industrial enterprises; working with governmental organisations’ networks is harder, as the students have fewer experience with those.
Teams from eight Russian universities participated in the wargames of the National Cyber Testing Ground: Far Eastern Federal University, HSE Tikhonov Moscow Institute of Electronics and Mathematics, Moscow Technical University of Communications and Informatics, Povolzhskiy State University of Telecommunications and Informatics, MIREA – Russian Technological University, the Bonch-Bruevich Saint Petersburg State University of Telecommunications, Siberian State University of Telecommunications and Informatics, and ITMO University.
“At the company’s wargames, we were offered a scenario in which we had to investigate the hack of a company’s network starting from the moment the intruder scans it till the moment when they gain access to all account data and computers. All this took place in real time and it took us about five hours in order to list all the steps the intruders took. The most difficult task was to string them together, as the information was located in various places. Doing that is an art of its own. If anyone found anything, they called other team members and we figured it out together,” remembers Dmitry Tatarov.
Scoring was used to count the points: the teams’ reports were automatically checked against a model report and the results were tested and approved by lecturers. ITMO University team, which bested the others, got 94 points out of 100.
According to Dmitry, participants have to possess broad-based knowledge in the field of cyber security and vulnerabilities of web applications, company infrastructures, networks, and Windows and Linux directory services to win such competitions.
Aleksander Menshikov adds that practice is also important. His advice to students who are interested in cybersecurity is to regularly participate in the Testing Ground’s workshops and CTF competitions. At these events, they can master and hone various skills, including those of cryptography and reverse engineering.
According to him, there are plans to gather more teams in the future, organize practical training sessions, and give students the opportunity to write their theses using the resources of the National Cyber Testing Ground’s support center. During their practical training, students will not only study real structures of enterprises in various branches of industry, but also train to investigate and repel cyberattacks on a large number of real computers, as opposed to the common practice of doing that on several virtual devices that can emulate a different device or environment.