Threat Hunting Exercise

CybExer Organizes a Threat Hunting Exercise in Helsinki

We are happy to share that our team at CybExer Technologies had an opportunity to conduct a Threat Hunting Exercise in Helsinki from the 4th to the 5th of May, 2023. 

This event, Cyber Resilience Helsinki, aimed to bring Estonian and Finnish private and public organizations together to work with large-scale IT systems for exercising a massive cyber incident. 

It was an extremely effective and engaging exercise. The main goal was to give the participants defensive training experience with IT systems under intense cyber-attacks. For the Blue Team, the main mission was to defend & protect their IT infrastructure against real-time attacks from Red Teams and maintain the required IT services availability simultaneously.

The environment was competitive, and participating teams were rivaling each other to come out on top. 

What Did Participants Gain From the Threat Hunting Exercise?

We had an opportunity to talk to a couple of participants from this exercise, asking them about their learnings and takeaways from the training overall. 

Mika Myllynen, the Lead Software Developer at Terveystalo, claimed that this exercise helped their team members get to know each other better in a working environment and improve their skills on an individual level as well:

“Attending the international cyber threat hunting exercise organized by CybExer was an incredible experience. Working collaboratively as a team with other solo attendees from different companies was challenging but ultimately rewarding. Participating in this exercise proved to be a valuable opportunity for me to improve my cybersecurity skills and gain practical knowledge in the field. As such, I wholeheartedly recommend this exercise to IT professionals, irrespective of their previous experience in this area”. 

On the other hand, Madis Lauri, the Software Application Architect, told us about the setup of this threat-hunting exercise:

“The blue vs. red setup was a great way to simulate real-world cyber threats, and it helped us develop our detection and prevention skills. It was also great to see the friendly competition between blue teams and how cooperation initiatives helped us gain bonus points.” 

Lastly, Harry Halman, the Head of IT System Administration, commented on the importance of such exercises for improving skills:

“The threat-hunting exercise was a great way to improve our network and system monitoring skills. We now have a better understanding of how to identify suspicious activity and investigate potential threats quickly and accurately.”

What Were the Objectives of the Threat Hunting Exercise?

It is important to remember that Threat Hunting is a task-driven exercise focusing on response and investigation activities. The whole exercise is designed for teams to practice the response capabilities to a cyber crisis. 

Generally, these kinds of exercises are carried out in a Blue vs. Red team setup where Blue teams have to monitor the environment and detect Red Team attacks. It also has a competition element between Blue Teams as they get scores for solving incidents by providing relevant details about attacks. 

The primary objective of the Threat Hunting Exercise is to help participants improve their skills in the following areas:

  • Detection and prevention of attacks.
  • Network & system monitoring.
  • Situational awareness and control.
  • Handling cyber incidents.
  • Teamwork: delegation, roles division, and leadership.

When it comes to learning objectives, this exercise helps participants with the following:

  • Fostering cooperation between various actors in cyber defense on an organizational level. 
  • Rehearse specific defensive measures in case of an attack against a particular field or combination of fields. 
  • Live reaction, planning of defense, and enhancement of the environment.
  • Monitoring and analysis of attacks. 
  • Generalization and synthesis of information on the attacks.
  • Stress-handling and decision-making under pressure. 

Conclusion

A Threat Hunting Exercise in Helsinki was a massive success. Our team is very happy to collaborate with various international organizations and help them improve their team member’s skills and the organization’s readiness level for potential cyber threats and attacks. 

At CybExer, we have been at the forefront of driving change and shaping the industry since 2016. We are committed to providing global organizations with advanced Cyber Range technology and helping them successfully tackle future cyber challenges. If you’d like to conduct a similar exercise for your team and increase the level of cyber resilience, feel free to schedule a call with our cyber range experts to discuss your organization’s needs.