Serviciul Roman de Informatii


Cyber Security National Exercise – Cydex, the 4th edition
8 October 2020

Between 6 and 8 October 2020, the fourth edition of the most important cyber security exercise in Romania, CyDEx20, took place. Over 70 representatives of public and private sector and academia participated at the event.

CyDEx20 was hosted by Cyberint National Center (CNC) of SRI, in cooperation with its partners from Ministry of Defense, Ministry of Interior, Ministry of Foreign Affairs, Special Telecommunications Service, Protection and Guard Service, Foreign Intelligence Service, ORNISS - National Registry Office for Classified Information and CERT-RO - National Cyber Security and Incident Response Team, in a joint effort to develop a national mechanism of early warning, alert and response to cyber security threats.

CyDEx is the only hands-on national exercise with a high level of intricacy and realism. Complex simulations took place this year in a cyber security test site, especially created and customized by SRI specialists.

This year edition was held exclusively online for the first time - planning conferences and exercise likewise. For reasons of continuity, CyDEx invited representatives of academia to partake as players and contributors to scenarios, which is a relevant issue given the attempts to strengthen cooperation between public sector, private sector and academia.

Six complex scenarios were simulated at CyDEx20; they were jointly created and proposed by representatives of public sector, private sector and academia: SRI, MoD – Cyber Command and Military Technical Academy, SPP, CERT-RO, ENEVO and TrendMicro.

Under the present circumstances, several scenarios including COVID-19 components were run. Therefore, like in real life, the scenarios took over social engineering and cyber-attack elements that were specific to the most used methods lately – such as work from home due to the pandemic. They developed different scenarios that reflected complex cyberattack methods used by state attackers (Advanced Persistent Threat-type attacks initiated via spearphishing, attacks against industrial control systems).

The scenarios tested the participants’ technical abilities in cyber security, such as pentesting, malware assessment, forensics, networking.