Chironex tutorial 23-1

(To Marina Militare)
03/05/23

CHIRONEX 2023-1 is the first cybernetic exercise for the Navy conducted in collaboration with a private company according to a model already used by the Air Force in the context of Cyber ​​Eagle in partnership with the company DEAS (Defense and Analysis Systems) SpA.

The name is borrowed from the scientific term of the Australian jellyfish, Chironex fleckeri (better known as sea wasp or box jellyfish), the most venomous jellyfish in the world. The danger of the venom cells enclosed in the tentacles is comparable to the danger of the cyber threat in the digital world. The external beauty of the marine animal is comparable to the majesty of the global network which, like the jellyfish in its tentacles, hides sneaky elements of danger in its digital filaments.

The exercise stems from the need to satisfy the requirement to increase awareness and sensitivity in users of the Navy's unclassified network to the immanent cyber threat, as well as to verify the skills of the personnel of the specialized cyber component to face and counter an attack if the latter was successful.

The DEAS company has played a fundamental role by significantly increasing the level of realism of the simulated cyber threat by building the attack vectors according to the classic cyber kill chain paradigm and ensuring the entire intrusion process according to a spear phishing. It also ensured the necessary support in applying the most effective active defensive tactics and good cyber resilience practices.

The exercise was divided into four phases of increasing difficulty:

  • two separate massive campaigns of Phishing, i.e. the use of a fake email that refers to a malicious site through a further link;
  • two specific activities aimed at a small number of structures (spear phishing) divided into two sub-phases:
  • a attachment for the inoculation of a Malware (created ad hoc, dormant and can be activated on order)
  • one of IT incident management, to which a subsequent kinetic action by the Special Forces on a presumed platform identified as the origin of the threat is linked.

The attack scenario saw in its implementation phase the opposition of the actions of a Red Team (attack team) and a Blue Team (Defense team).

CHIRONEX 2023-1 opens a cycle of exercises that will test the evolutionary path in the field of cyber security launched by the Armed Forces which will include the use of Artificial Intelligence solutions for the timely search for potential cyber threats and the analysis and classification of Malware. Furthermore, space will also be given to research paths and the study of dual operational scenarios of attack and defense.