Palo Alto Networks was proud to again be part of the Cyber Endeavor for the network defense in this year’s Cyber Range for the annual Pacific Endeavor. Pacific Endeavor is an annual workshop hosted by U.S. Pacific Command (PACOM) and an alternating Asia-Pacific co-host nation – this year, Australia – to simulate communications necessary in the wake of a humanitarian assistance and disaster relief (HADR) scenario. Let’s have a look back at this exercise and why it’s important.
In the event of such a natural disaster, local nations must come together to support the affected nation. The annual Pacific Endeavor gathering ensures “multinational risk reduction and communications interoperability, information sharing, and capacity building” planning. The Cyber Range portion of the workshop, run by partner Cyber Test Systems, facilitates information sharing among military cyber personnel from across 22 nations. These personnel defend their mock networks against myriad threats while maintaining critical applications to communicate in the HADR environment. Cyber Test Systems uses real threats, pulled from their research across the internet, and then regenerates them realistically using their Cyber Test Systems Network Traffic Generator CTS-NTG, acting as Green, Yellow and Red Teams. This Cyber Range gives cyber professionals acting as Blue Teams the opportunity to work together with other nations to thwart each cyberattack scenario. The 2016 Cyber Range consisted of the following cyberattacks scenarios:
- Advanced/Zero-day malware for several different operating systems including ransomware
- Botnet communications between command and control (C&C) and bots
- Server-side vulnerabilities and exploits
- Client-side vulnerabilities and exploits
- Malicious domains
- Malicious websites
- Malicious phishing websites
- Denial of service (DoS)
- Distributed denial of service (DDoS)
- Reflective denial of service (RDoS)
- Distributed reflective denial of service (DRDoS)
The nations appreciate the readiness, and the cyber operators appreciate the hands-on opportunity that simple presentations don’t afford.
Participating nations also have the opportunity to see the Palo Alto Networks Next Generation Security Platform – using next-generation firewall, IPS, network antivirus, URL filtering and zero-day attack detection and mitigation in one platform – in action. Once new malware is detected in the platform using WildFire WF-500, signatures are generated within five minutes and reprogram the next-generation security appliances – pushing URL updates for any new domains associated with the attacks and the freshly generated signatures. (See what participants had to say about the abbreviated Cyber Range at our 2016 Ignite User Conference.)
Many nations who send their operators to such ranges appreciate the readiness so much that they have begun scheduling Cyber Range exercises for their own nations. Yet others – across military, education and even law enforcement – have now begun purchasing the Mobile Cyber Range kits to maintain their readiness and operate ongoing Cyber Range exercises for their cyber staff.