The Department of Human Services has laid down the challenge to Canberra’s biggest IT shops to go head-to-head in simulated cyber wargames this September.
The department’s CISO Narelle Devine says this is likely the biggest and first-of-its-kind security training exercise the government has staged.
The Australian Taxation Office, Department of Defence, and Department of Immigration and Border Protection have agreed to field teams of between five-to-ten of their best security professionals to battle it out over two days. A handful of other agencies are still waiting to opt in.
“If you learn how to attack you can defend well. If you can think like the cyber adversary then you’re going to be in a good place,” says Devine, a former Navy commander who joined the department in October last year.
She’s already warned her fellow agencies that she is confident her guys will come out on top.
“We have a huge system that we are trying to protect for real every day. [Our staff] have to be the best,” she told iTnews.
The CISO's team is currently building out the virtual - and physical - battlefields that will host the September wargames.
“Our cyber range ... is a virtual environment that sits here at Human Services, that will represent red infrastructure and blue infrastructure, with grey in the middle representing ISPs and pivot points where assailants can hide,” Devine said.
Some of her team are tinkering with a different kind of hardware: building a miniature city from Lego that will be equipped to physically show all the consequences of a successful hack on the SCADA systems running critical infrastructure.
Behind it, big screens will broadcast the battle between teams as they target a different piece of infrastructure in each round.
“So when our competitors complete a mission they can see the actual train stop or the lights go off in the bank,” Devine said.
At present about 50 people are working on standing up the wargames environment, while other security staff complete a series of internal training exercises to be picked for the DHS wargames team.
Devine hopes the fanfare will help lure new recruits to the department, as it sets out to hire 125 new university graduates into IT roles this year.
DHS plans to make the wargames an annual event, and Devine is already thinking about inviting academics, state and territory governments, and even private sector teams from organisations like the big banks to compete in years to come.
“Once we have proven the concept we want to open it up to more people,” she said.
“I’d like to think the banks are as good as we are - we’re all protecting the same money."