Simulation of a cyber attack in the form of a classic board game.
HillThe simulation itself consists of three game phases. In the first phase, seemingly everyday incidents are analyzed to determine the extent to which they have a negative impact on our hotel business. The four categories of service, reputation, sales, and cybersecurity must be taken into account.Then, using printed log files, you have to find three anomalies that give an indication of how the hackers broke into our network. In the last part of the game, you have to demonstrate your team’s decision-making skills. Here, the task is to respond clearly to a series of incidents. There is no “either,” “maybe,” or “or” as a course of action. We can only choose between two courses of action.So, everything should be easy going, right? After all, the three of us players have decades of journalistic IT reporting between us, including stories about cyberattacks. The game scenario isn’t new territory for us.
Easy entry, before the cardinal error of procrastination: Our mood was accordingly relaxed at the beginning. The task here was to assess the relevance of incidents such as a failure of the electronic door lock system in the hotel rooms or the Excel table of room bookings no longer being available. To what extent do the events affect our service, sales, our company’s reputation, and our cybersecurity?These are not complete disasters, but annoying incidents that disrupt ongoing operations. We discussed with great enthusiasm whether the respective incident had “no negative impact at all” or “maximum negative impact” on one of the four categories mentioned.This was a mistake that would later come back to haunt us. The time we wasted on trivial matters meant we later missed out on making important decisions about really critical situations. In addition, to prevent the players from becoming too comfortable, the playing time is limited to 30 minutes. This does lead to a certain level of stress at some point, but more on that later.But OK, we had mastered phase one of the game. The next step was to find the hacker who had penetrated our system. A task that can be a solvable challenge today thanks to modern intrusion detection systems and IT forensics.
Find the hacker in the log file:
b2b-contenthub.com/wp-content/uploads/2025/02/Suite2.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2025/02/Suite2.jpg?resize=768%2C432&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/02/Suite2.jpg?resize=1024%2C576&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2025/02/Suite2.jpg?resize=1536%2C864&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2025/02/Suite2.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2025/02/Suite2.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2025/02/Suite2.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2025/02/Suite2.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2025/02/Suite2.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px” />
Focus on the core problem: Even in the third phase of the game, we were not spared from such disruptions, for example in the form of the event “Influencer Pretty Beauty does something stupid in the posh hotel bar and it ends up on TikTok, BBC calls and asks for a statement.”It was clear that as journalists we immediately addressed this problem. In the debriefing we were then told that this was a mistake, because at the height of the crisis it was important to concentrate only on tackling the most urgent core problems.
Making targeted decisions: And the third phase of the game is the catastrophe. It is certain that the IT system has been hacked and a number of incidents occur that require immediate action. The simulator always offers two options for action. All too often, you have to choose between the plague and cholera.The consequences of your own actions are also immediately shown to you with another event card. So that after a wrong decision, a feeling of frustration can certainly set in immediately. But there is no time to deal with frustration for long, especially if, like us, you wasted a lot of time in the first part of the game. Now it’s all about making decisions quickly and rigorously.
Lessons learned: All in all, we can still pat ourselves on the back. Despite mistakes, our team achieved 25 out of 30 possible points. We are also one experience richer, with some hard-earned lessons learned:
Don’t get bogged down in a crisis.Commit to fast, stringent decision-making processes.Limit analysis to brief but well-founded discussions.Weigh up the consequences.Focus on core problems.Refresh basic knowledge.Practice working without supporting technologies (paper, pen).Practice for emergencies.See also:
Tabletop exercises explained: Definition, examples, and objectivesTabletop exercise scenarios: 10 tips, 6 examplesHow to create an effective incident response planPlan now to avoid a communications failure after a cyberattack
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3839258/suite-404-training-the-cyber-gau-in-a-fun-way.html
