DDOS
Scenario: DDoS Attack on CruX Corp
Background:
CruX Corp, a leading technology company, is experiencing a massive DDoS attack that aims to cripple its online services and tarnish its reputation. The company's servers are being flooded with malicious traffic, causing significant disruptions and loss of revenue.
Operation Overload
Objectives:
Mitigate a large-scale DDoS attack to restore online services and protect company reputation.
Setup:
-
Active Realm: Corporate IT Infrastructure
-
Key Assets: Web Servers, Load Balancers, Firewalls
-
Threats: Botnet Operator (Operator), DDoS Attack (Attack Card)
Attack Sequence:
-
The attacker deploys Botnet Operator, launching a large-scale DDoS attack.
-
The DDoS Attack card is played, overwhelming Web Servers and Load Balancers for 5 turns.
-
The defender must mitigate the attack and restore normal operations.
Response Options:
Deploy Web Application Firewall (WAF) to filter malicious traffic.
Use Traffic Analysis Tool to identify and block attack sources.
Activate Incident Response Playbook to coordinate mitigation efforts.
Win Condition:
-
Defenders win if critical online services are restored within 6 turns.
-
Attackers win if CruX Corp's servers remain overwhelmed after 6 turns.
Training Notes:
Encourage strategic thinking and coordination between reconnaissance, attack, detection, and mitigation phases.
Highlight real-world cybersecurity practices and techniques for managing and defending against DDoS attacks.
Conclude with a debrief to discuss the strategies used and the lessons learned, reinforcing the educational aspect of the campaign.