BEIRUT – A Qatari cyber research center has selected Leonardo to deploy a cyber range and training system to support security measures, the Italian company announced on February 3rd.
The Qatar Computing Research Institute (QCRI) was founded by the Qatar Foundation for Education, Science and Community Development. The training platform ordered by QCRI can simulate cyber attacks so that users can assess the resilience of the digital infrastructure.
“All of the training is planned to be conducted in Qatar and an approach aimed at training the trainers is expected to provide courses to a significant number of operators involved in the cybersecurity framework,” said Tommaso Profeta, general manager of Leonardo’s Cyber Security Division, told Defense News.
He found that training and exercise scenarios can be customized using a drag-and-drop graphical interface. The platform can also analyze and classify the results of simulated attacks based on data collected during real offensive campaigns. Scenarios can be used for individual training or classroom experiences and provide security operations center practice and incident response activities.
This training tool enables the QCRI to conduct a full cyber training process, from designing the learning path to specific training sessions. Users can practice their skills in simulated attack and defense scenarios using information technology (IT) and operational technology (OT). The training will produce qualified teams of operators who are equipped with the latest knowledge and techniques and are ready to face constantly evolving cyber threats, ”according to a company statement.
“The best cyber training / test environments are theoretically real production systems. In practice, however, institutions, companies and organizations cannot easily experience critical situations in such environments without paying high, sometimes unaffordable prices, ”said Profeta. “Training and testing are therefore the two essential human-controlled processes that can effectively support the entire cyber protection loop, but only if they can deal with real threats and highly realistic systems in very realistic situations.”
Cyber domains provide a controlled environment in which cybersecurity experts can practice their technical and soft skills in emulated complex networks and infrastructures in order to learn how to react to real cyber attacks. In these environments, cyber tools can be emphasized to reveal their limitations and weaknesses before deploying them in cyberspace. Leonardo’s platform challenges such resources and provides twin digital environments for pre-deployment testing.
When asked if other Gulf states have expressed interest in the training system, Profeta said it “has already been introduced to other high-level Middle Eastern stakeholders and significant interest has been registered in the platform”.
Which scenarios are available?
Those who use cyber reach will try to defend themselves against simulated but realistic cyber attacks. According to Profeta, these include:
- Man-in-the-middle attacks.
- Exploitation of client and server weaknesses with sideways movements when searching for sensitive data.
- Distributed denial-of-service attacks (HTTP flooding or Domain Name System Reflection) intended to interrupt connections to a target server.
- Multi-vector ransomware, e.g. B. spear phishing via e-mail or drive-by-downloads, using DNS-based covert channels.
- Data exfiltration of personal data and intellectual property.
While it is difficult to measure the potential effectiveness of this platform for Qatar, the company representative predicted that the system will reduce cyber training costs and improve the user experience.
Leonardo also delivers the NATO Computer Incident Response Capability, a cyber defense product.