• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Data Privacy   »   Targeted Attack: The Game

Targeted Attack: The Game

  • Posted on:March 25, 2015
  • Posted in:Data Privacy, Security, Web Security, Web Threats
  • Posted by:Rik Ferguson (VP, Security Research)
0

April 2015 sees the release of a project that has been a year in the making for us. Something that we had affectionately been calling “Choose Your Own Adventure” for most of its lifetime as we laid it out, put some meat on the bones and finally stitched it all together (no we weren’t making Frankenstein’s monster).

The project came initially from a conversation in the car on the way home from the office. We were discussing the challenges of changing the “security mind-set;” the difficulty in moving someone who believes that their “method” is successful mostly because they never see any evidence to the contrary.” How do you overcome that greatest friction of all, “it will never happen to me?”

We decided that the only effective way was to build something that gave each user full control, something that allowed you to make all the decisions about securing your organisation, just as you may do in your daily life, and to find out if you are up to the job of thwarting a targeted attack. But how to create such a thing?

Then, inspiration from a misspent youth dawned. As a young teen, I often whiled away the hours thumbing through books with titles like “The Warlock of Firetop Mountain.” Fighting Fantasy books, where at the end of every paragraph or two, I would have to make a decision and turn to the requisite page number to continue my adventure. Every outcome was based on my own decisions and I could measure my alter ego against dragon and warlock alike. Each read-through was a new adventure, many ended in failure but I learned important life-lessons and can say with certainty that I have yet to be bested by a goblin (IRL) and I put that success down to thorough training.

With Targeted Attack: The Game we want to offer you a similar opportunity, but grounded in a world that we hope is more familiar. You play the role of the CIO of a global corporation on the eve of releasing a mobile payment app that integrates biometric authentication (and of course Apple went and launched Apple Pay after we had already shot this). You will steer your organisation through the final days of the launch process, safeguarding intellectual property, and financial data and securing the corporate network against day-to-day threats.

The decisions are in your hands, the security of the company and success of its ground-breaking technology is on your shoulders, and relies on the best efforts of your team. Constrained by budgets you will have to spend wisely, planning for the unexpected, yet meeting the demands of the executive team.

We need to combat the complacency that sometimes prevails in our industry, the way that things have always been done may no longer be the *right* way to do things. Just because your incumbent security architecture tells you everything is rosy, it doesn’t mean you’re clean, as many corporations are already discovering to their cost.

We hope you enjoy this opportunity to combat a simulated attack, at an executive level, rather than having to suffer the consequences of falling victim to one (IRL).

Click to play the game here.

Please add your thoughts in the comments below or follow me on Twitter; @rik_ferguson.

Related posts:

  1. Targeted Attack Landscape: A Continuing Threat
  2. Actionable Intelligence Improves Targeted Attack Investigations
  3. Threat Actors will come up with new Targeted Attack Tactics that Circumvent Current Anti-evasion Solutions
  4. Video Game Day – Best Practices for Attacking Cyber Criminals Trying to Ruin Your Fun

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.