News

The art of technical attribution in cyberspace: Kaspersky launches simulation game training for diplomats and non-techie cyber experts

Kaspersky, with the support of the DiploFoundation (a non-profit educational foundation), has developed an online simulation game to help diplomats and other cyber-professionals without a technical background understanding what’s happening during a cyberattack and developing an effective response to it at the international level.

When ensuring cyber-stability, it is necessary to have a solid understanding of how to prevent, evaluate and effectively respond to risks and threats in cyberspace. Such a knowledge base is also essential for non-technical personnel and diplomats who are actively involved in matters of building peace and stability in the world. Primarily, it is the private sector and technical community who can support governments and international organizations with the technical attribution they need, such as analyzing cyber-incidents or cyber-events from a technical standpoint to aggregate attacks into groups and tie them to possible threat actors.

To support diplomats and all non-techie cyber-professionals in learning of the foundations and complexities of technical attribution, Kaspersky, with the support of DiploFoundation, has developed security training based on the Kaspersky Interactive Protection Simulation (KIPS) game with a specially designed fictional environment imitating cyberattacks against the United Nations. Its primary aim is to collect all necessary pieces of evidence and technical information to respond to as many questions as possible during the training, including what or who is the intended target, what techniques have been applied, how severe an incident is, and who was behind the attack in the simulated environment.

Game participants play diplomats in a fictional world facing an attack on the UN First Committee, which deals with matters of international security and peace, including in cyberspace. During the game, players take decisions with action cards that lead them either to the most accurate technical analysis of the attack, helping to collect pieces of the technical evidence puzzle, or instead to greater uncertainty and cyber-instability if the riddle is not solved.

“The global and diverse community of cyber-professionals who deal with cyber-diplomacy matters, usually do not have a technical background. At the same time, they deal with issues on how to achieve a secure, stable and peaceful information and communication technology (ICT) environment, through enhanced international cooperation and multi-stakeholder engagement. Driven by the same goals, we have united with the DiploFoundation to support diplomats and all cyber-professionals with knowledge on the complexities of technical attribution, presented in an unusual, but highly interactive way through a ‘detective learning exercise’. We’ve piloted the game with real cyber-diplomats, legal and policy experts, and have already received positive feedback, which makes us believe that by joining efforts in cyber-capacity building we can help achieve cyber-stability,” comments Anastasiya Kazakova, Senior Public Affairs Manager at Kaspersky.

Vladimir Radunović, Director of Cybersecurity and E-diplomacy at DiploFoundation said: “The terms ‘cyber’ and ‘digital’ are not the favourite among diplomats. Yet, cyber and digital issues increasingly dominate the international agenda – not least in international peace and security. These are particularly sensitive areas, such as the attribution of cyber-attacks to a party or a state where a miscalculation could easily lead to the escalation of tensions between countries. Cyber-diplomats thus need to understand the technology that underpins our modern society. Moreover, they have to get ready to work with ‘new cyber-diplomats’ – representatives of industry and civil society, who can influence international relations in times of rapid digitalisation and technological development. What better way to achieve this than to immerse cyber-diplomats in a learning-by-gaming exercise that simulates a cyber-incident of international magnitude and explain what’s ‘under the bonnet’?”

Kaspersky Interactive Protection Simulation is a part of the Kaspersky Security Awareness portfolio, and can be requested by organizations here. The game can be played individually or in groups, online or on-site, once the global health situation allows.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button