Winners of the FinCSIRT Cyber War Games 2018
With the participation of 36 banks and finance companies, Sri Lanka’s Financial Sector Computer Security Incident Response Team (FINCSIRT), in collaboration with the Sri Lanka Computer Emergency Response Team | Coordination Centre (CERT | CC), successfully conducted the Sri Lanka Financial Sector Cyber War Games 2018 for the 2nd consecutive year, at JAIC Hilton recently. The objective of the event was to ensure information security resilience in the financial sector, leading to enhancing the stability of the entire sector.
Cyber War Games is an event that simulates real world information security breach situations in a financial institution, where the participating teams work towards identifying, analysing, containing, eradicating and recovering from such incidents in real time. Two players from each of the 36 banks and financial institutions took part at the event, and they were randomly put into teams to simulate the security incidence response team of a bank. The aim of this team exercise was to collectively identify their strengths and weaknesses in handling real-life security incidents.
The simulated environment was created for each team (Blue Team) with a separate environment, while the attacks at this year’s event were carried out by the backend team who were acting as attackers (Red Team), based on the responses/actions taken by each Blue team. In the back end, there were two teams which acted as the bank CIO and the IT Team who were replying to the teams, which simulated a real organisational situation and the attacking teams who were separately working to create real-life attacks.
This event was targeted at developing the participants’ ability to identify attacks and narrow down the root causes more efficiently and effectively, ensure better response, how to conduct effective analysis and contain incidents and, finally, how to recover from an incident with minimum impact on the business process. Further, as all the team members were working with different colleagues from the industry, it helped to develop blind trust between themselves, and quickly identify their strengths and weaknesses to come up with swift decisions.
Members of the winning team of this year’s Cyber War Games consisted of: Kushlan Edirisooriya of The Hongkong and Shanghai Banking Corporation Limited; Sammani Rambukwella of Singer Finance; Janaka Daivananda of Commercial Bank; Chamira Priyanga Walisinghe of SANASA Development Bank PLC; Mahesh Chathuranga of Siyapatha Finance PLC; Sumudu Kumarasinghe of Habib Bank Limited; and Mithila Perera of HNB Grameen Finance Limited.
Having such real-life scenarios/drills are of paramount importance to maintain a healthy and a secure environment within the financial sector. Even though there are multiple entities who conduct such activities worldwide (i.e. NATO etc.), however, Sri Lankan Cyber War Games is a pioneering event in the region. Thus, FINCSIRT is spearheading the effort to conduct critical events of this nature, to enhance sector-wide security readiness with the objectives of improving information security resilience in each financial institution, which will lead to creating long-term financial sector stability.
Finance Sector Computer Security Incident Response Team (FINCSIRT) is a specialised service unit that is responsible for receiving, reviewing, processing and responding to computer security alerts and incidents affecting banks and other licensed financial institutions in the country. Established as a centralised body (not-for-profit organisation) to coordinate security efforts within the financial sector, FINCSIRT is a joint initiative of the Central Bank of Sri Lanka, the Sri Lanka Computer Emergency Response Team (Sri Lanka CERT) and Sri Lankan Bankers Association, and is hosted under LankaClear, the national payment infrastructure provider.