Cyber war games

This week Emerging Risks digs deep into the cyber threat by talking to Lee Rossey, (right) co-founder and CTO, and Ross Brewer, (left) executive vice president for EMEA/APJ at Simspace.

SimSpace is a cyber risk management specialist with a fascinating history as it was founded by experts from US Cyber Command and the MIT’s Lincoln Laboratory. Worried about a cyber-attack on your broker or insurer? Well, the company’s Cyber Force Platform supports business, governments, and critical national infrastructure organisations, providing high-fidelity cyber security simulations, training, and guaranteed safe live-fire exercises. Tuck in!

You are a US business: why you are over in the UK at the moment?

Ross Brewer, executive vice president EMEA/APJ:

“The intention is to take the Cyber Force Platform to EMEA and beyond. We have just opened offices in London, Prague, Munich, Tokyo, Dubai, Singapore and Sydney to support that global growth. We are stepping up to the plate and we are going hard. The UK is a big focus for us because of what’s happening geopolitically and with its critical national infrastructure, which is also replicated in Germany and other NATO countries.”

Lee Rossey, co-founder and CTO:

“Fundamentally what we offer is a Cyber Range, which is the ability to create a replica of a cyber network, and with that replica you can then ask questions such as ‘how do I support individual team training and readiness?’ as well as testing of tools and all that. 

I’m going to date myself: picture the holodeck in Star Trek – that virtual setting where you can go in and try things out in a safe environment. The key thing is being able to run through all these things, and to make mistakes, in a safe environment so that you are prepared for when something happens in the real world. In other words: ‘how do I rehearse if the Russians are going to attack me?’ or if I’m going to get hit with ransomware or some other critical thing.”

“Building up that muscle memory and quantifying how well the team – and not just the individual – is performing, and getting a bit more aggressive on the types of attacks and how to deal with them in a very timely manner, is what we do. It’s all about organisational readiness: how do I make sure that my organisation is ready to fight the adversary when the time comes?”

What size and type of organisations are you targeting?

“Historically we’ve worked with the US military, and a lot of the Five Eyes- they are all in progress. We are working now with what I’d term ‘partner militaries’ on the NATO side and others, and large financial institutions. Traditionally it’s the very large organisations: mature and well resourced teams that are ready for this.”

I’m guessing that recent history has taught us that these are exactly the types of organisations that are most under threat, as cyber criminals don’t discriminate, do they?

“Well, as usual you go where the money is: you go after the banks, financial institutions and others. Or if you are going to try and have an impact on the national infrastructure then you will go over the power companies, the electrical companies and associated entities- those organisations that help maintain a standard of life and keeping things going.” 

I’ve heard different viewpoints on the Russian cyber threat, with some people suggesting that various organisations are essentially funded by the Kremlin and that the threat is very real, while others suggest that the worst is over with, and that what Ukraine has demonstrates is that our defences are actually very good and we shouldn’t be overly concerned. Where do you stand on this?

“I’d say that all the big nations have notable cyber capabilities and they’ve been working on them for the last twenty+ years, maturing them, testing them out and refining them. I think it’s well known as well that the Russians have been using a lot of their cyber capabilities against Ukraine here and there, and obviously there is kinetic stuff as well.”

“They are aggressive and are trying to do what they can with cyber, because it is cheaper and usually more effective, and it’s also a little bit stealthier and doesn’t escalate. But I think it’s well noted that the US military is in there trying to fend things off with foreign hunt teams, there are a lot of other nations in there as well, and I think it’s been documented that the UK has been in there trying to eradicate, clean-up and actually counter on the cyber side.”

“One thing I think is interesting from talking to our friends at Mandiant is they are also in there helping out, as well as other commercial companies such as Microsoft and others. So yes, Russia is trying to do a lot of stuff, but there is also a lot that is happening behind the scenes.”