CYBERANGE ™ SMART CITY SIMULATOR

OPEN PLATFORM TO TRAIN AND SKILL THE NEXT

GENERATION CYBER SECURITY AND ARTIFICIAL
INTELLIGENCE PROFESSIONALS

Version 5.0

Tactical Cyberange Simulations Pvt Ltd © 2018 1

Table of Contents
Background ...................................................................................................................... 3
About Cyberange .............................................................................................................. 4
Some of the companies who trust us: ............................................................................... 4
Cyberange Smart City Simulator – Focused on Cyber Security and AI ................................ 5
Cyberange Smart City Simulator Editions .......................................................................... 5
Critical Sectors covered in Cyberange Smart City Simulator ............................................... 6
Architecture of Smart City Simulator ................................................................................. 6
Sample Photographs of Cyberange Smart City Simulator .................................................. 7
Pre-built scenarios in the platform (sectors may vary based on edition) ........................... 8
Open Platform Kit ............................................................................................................. 9
HAM Radio set .................................................................................................................. 9
Pre-built mission driven cyber security course on the platform: ....................................... 10
PLC / SCADA Training and Advanced Simulation (Add-on) ................................................ 11
Smart Homes Security Simulation (Add-on) ..................................................................... 12
BreakingPoint Cloud License (on-demand Add-on) ........................................................... 13
Advanced Adversary Emulation Tools .............................................................................. 14
Cypherpath Cloud License (On-demand Add-on) .............................................................. 15
Cyberange Smart City Simulator Mission Dashboard ........................................................ 16
Cyberange Smart City Simulator Student Scoreboard ....................................................... 16
International Certifications on Smart City Simulator ........................................................ 17
Certification Process ........................................................................................................ 17
Recognized by India’s National Security Database (NSD) .................................................. 18
Various levels in National Security Database .................................................................... 18
Cyberange Smart City Simulator in Action – Video ........................................................... 19
Global Conference on Cyber Space (GCCS) ....................................................................... 19
Media Articles ................................................................................................................. 19
Pre-requisites for Enterprise Lab ...................................................................................... 20

Tactical Cyberange Simulations Pvt Ltd © 2018 2

Background
For economies across the globe, finding skilled professionals in Cyber Security remains a
formidable challenge. Professionals who are not only well versed with IT fundamentals but also
have an aptitude for working in this demanding yet highly rewarding field.

The National Association of Software and Services Companies (NASSCOM) estimated that India
will need one million cybersecurity professionals by 2020 to meet the demands of its rapidly
growing economy. Demand for security professionals will increase in all sectors due to the
unprecedented rise in the number of cyberattacks. Despite having the largest information
technology talent pool in the world, India is highly unlikely to produce an adequate number of
professionals to close the cybersecurity skills gap.

An alarming 87 percent of respondents to ISACA’s “2015 Global Cybersecurity Status Report —

India Data” admitted India is facing a severe cybersecurity skills gap, whereas only 41 percent
felt prepared to fend off sophisticated cyberattacks.

The cybersecurity skills gap is ever widening due to the fluid nature of threats, innovative new
cybercrime techniques, a lack of formal training and, most importantly, a lack of awareness
about careers in cybersecurity. This scarcity exposes Indian businesses to cyberattacks and
reduces their ability to quickly respond to complex threats. In the long run, the skills gap may
discourage Indian companies from implementing new technologies or making new
investments.

The shortage of cybersecurity professionals is also pushing up the cost of hiring experienced
cybersecurity staff and forcing Indian businesses to increase their cybersecurity budgets. The
“Global State of Information Security Survey 2016” from PwC reported a 117 percent increase
in cyberattacks in India and a 71 percent increase in budget.

Because several global IT corporations operate in India, the cybersecurity skills gaps also
impacts the global economy at large. The IT sector is one of the major employment generators
in India, employing over 2.5 million people. A major breach could significantly jeopardize
future growth within this critical IT sector.

To address this gap, Cyberange has created the world’s first cyber physical system based on
gamification and virtualization to accelerate professional learning and development in the field
of cyber security.

Tactical Cyberange Simulations Pvt Ltd © 2018 3

About Cyberange
Cyberange has simplified the ways organizations respond to emerging cyber threats. Our
unique SOC products powered by Machine Learning and Geo-Specific Threat Intelligence
makes effective and affordable threat detection attainable to resource-constrained IT teams.
Cyberange is a privately held Indian company and proudly made in India.

With a vast experience in security audits, ISO 27001, compliance, processes and testing, the
company provides advisory and consulting to various sectors such as Banking, Telecom, Power,
Transport etc. in both public and private organizations. Cyberange also partners with
knowledge and Research teams across the world to converge intelligence on threats and
releases advisories and notifications to subscribed clients.

Some of the companies who trust us:

INDIAN AIR FORCE

Tactical Cyberange Simulations Pvt Ltd © 2018 4

Cyberange Smart City Simulator – Focused on Cyber Security and AI
Cyberange Smart City Simulator (SCS) is an open platform based on cyber physical system and
is designed for schools, universities and training companies. Combined with simulation
platform where sector specific scenarios can be recreated to understand the impact of cyber-
attacks in real world organizations, Cyberange allows you to practice latest attack vectors by
using special virtual machines that are intentionally designed with vulnerabilities and technical
challenges reflecting real world deployments.

Using Cyberange, the workforce can be trained on various cyber security subjects such as
Penetration Testing, Reverse Engineering, Web Application Security, Exploitation, Crime
Prevention through Environment Design, Data Analytics, Artificial Intelligence, Machine
learning and Smart Cities Security. The program has Digital forensics and threat intelligence
simulation module for Security Operations Center (SOC) Simulation.

Cyberange Smart City Simulator Editions

The Smart City Simulator comes in three different editions:

School University Enterprise

• 1 pre-built • 1 pre-built • 1 pre-built
paltform platform platform
• 1 open platform • 3 open platforms • 6 open platforms
• Basics of Cyber • Start M.Tech, • Focused on SOC
Security and AI M.Sc, MBA in • 12 sectors
• 2 sectors Cyber Security • For Detect &
• For futuristic and AI Response teams
schools • 6 sectors
• For next gen
universities

Tactical Cyberange Simulations Pvt Ltd © 2018 5

Critical Sectors covered in Cyberange Smart City Simulator

The below table provides brief comparison of Cyberange editions

School University Enterprise
Pre-built Pre-built Pre-built

Defense Sector - - Yes+

Aviation Sector - - Yes+
Shipping Sector - - Yes+
Govt. Facilities Sector - - Yes+
Power / Energy Sector - Yes Yes
Industrial Sector - Yes Yes
Telecom Sector - - Yes
Water Sector - - Yes
Healthcare Sector Yes Yes Yes
Transport Sector Yes Yes Yes
BFSI Sector Yes Yes Yes
Commercial Facilities Sector Yes Yes Yes

+ The sectors are custom designed based on scenario requirements

Architecture of Smart City Simulator

Cyber Defense Operations Center (SOC)

Threat Intelligence Forensics & Investigation

Cyber Security and ioT Stack

Artificial Intelligence Stack

Defense Sector Aviation Sector Shipping Sector Govt. Facilities Sector

Manufacturing Water Systems, Dam

Energy Sector Telecom Sector
Sector Sector

Commercial Facilities
Healthcare Sector Roads and Transport BFSI Sector
Sector

The Cyberange Smart city simulator is an intricate combination of multiple hardware and
software technologies carefully designed to reflect real world cyber security and big data
scenarios for various critical sectors globally.

Tactical Cyberange Simulations Pvt Ltd © 2018 6

Sample Photographs of Cyberange Smart City Simulator

Tactical Cyberange Simulations Pvt Ltd © 2018 7

Pre-built scenarios in the platform (sectors may vary based on edition)

S/N Sector Scenario Type

1 Power Turbine hack using exploit CPS
2 Power Substation iOT hacking CPS
3 Power Smart Meter API Hack CPS
4 Power IndusDestroyer Malware Sample Analysis VM
5 Power Stealing Nuclear Power Plant designs VM
6 Transport Metro Takeover Replay Attack CPS
7 Transport Metro Signal Switching Attack CPS
8 Transport Metro Systems Hack VM
9 Transport Traffic Lights Hack CPS
10 Transport RFID Cloning Hack CPS
11 Transport RFID Boom Barrier Hack CPS
12 Water Water Treatment Plant Contamination Mix Exploit CPS
13 Water Water Treatment Plant iOT sensor Hack CPS
14 Water Water Treatment Plant Ransomware Attack VM
15 BFSI Credit Debit Card Management Software Hack VM
16 BFSI Online Banking Fund Transfer Vulnerability Exploit VM
17 BFSI ATM Malware Hack CPS
18 Healthcare Fire Alarm / Sensor DDoS attack CPS
19 Healthcare Patient Database Manipulation Hack VM
20 Aviation Baggage Screening Sensor Hack CPS
21 Aviation Passenger Display Billboard Hack CPS
22 Aviation CCTV Camera Hack CPS
23 Industry HVAC Temperature Control Hack CPS
24 Industry Factory Robotic Arm Malware Infection Hack CPS
25 Industry Factory Conveyer Belt Speed Disruption Hack CPS
26 AI/ML iOT Sensors Data Analytics Dashboard Challenge CPS
27 AI/ML Airport Face Recognition – Radical Database Hack CPS
28 Commercial Café WiFi Network Hack CPS
29 Commercial University Results Manipulation (SQL) Print Hack CPS
30 Telecom FakeBTS – Intercepting phone calls (2G) with HackRF CPS
31 Forensics SIEM – Using OSSIM VM
32 Forensics EDR – Detecting anomaly on end-points VM

Tactical Cyberange Simulations Pvt Ltd © 2018 8

Open Platform Kit
The open platform is bare bones layout with basic landscape and is fully flexible, allowing you
to design your own city and scenarios for teaching students.

The following components are given with each open platform:

S/N Component Units

1 SCADA / PLC 1
2 Various Sensors Kit (20+ sensors) 1
3 Arduinos 4
4 Raspberry Pi 2
5 Mini LCD Displays 4
6 Model Villas 6
7 Model Buildings 6
8 Model Streetlights 50
9 Traffic Signals set (4 pieces) 1
10 Model Road Kit 1
11 Street Signs 6
12 Motors 10
13 Landscaping – Trees 30
14 Landscaping – Artificial Grass set 1
15 Landscaping – Model People 10

HAM Radio set

Your Cyberange Simulator comes with a fully featured HAM Radio set!

BJ-218 25W Mobile Radio VHF UHF 136-174 400-470MHz

HAM Radio

• Personalized design operation.

• Dual Display, Dual Standby & Dual Track.
• Mini Size, Power Supply: DC 12V/13.8V(Cigar-plug Cable)
• Frequency Range Manual Programmable.
• Software Password Programmable.
• Voice scrambler encryption.
• Remote Stun
• Group calling function

Amateur Radio (ham radio) is a popular hobby and service that brings people, electronics and
communication together. Every hacker must know how to operate and use a HAM radio!
People use ham radio to talk across town, around the world, or even into space, all without
the Internet or cell phones. It's fun, social, educational, and can be a lifeline during times of
need.

In most countries, an operator will be assigned a call sign with their license. In some countries,
a separate "station license" is required for any station used by an amateur radio operator.
Amateur radio licenses may also be granted to organizations or clubs.
Tactical Cyberange Simulations Pvt Ltd © 2018 9
Pre-built mission driven cyber security course on the platform:
The below missions are just an example of how unique the training is on the Cyberange
Platform. This “Smart City Security” program is one of the many courses that are delivered
using the amazing Cyberange simulation.

FINDING TARGETS AND GATHERING INFORMATION

• Mission 01: Finding the IP address of the city's Municipal Corporation office.
• Mission 02: Finding the SCADA master control device controlling Billboards.
• Mission 03: Finding the NOC center for traffic light and accident relief system
• Mission 04: Finding the City's Central Fire Alarm Management System
• Mission 05: Finding the SCADA PLC master control of the Factory
NETWORK, PORT RECON AND CCTV HACKING
• Mission 06: Scanning the network for IP Cams.
• Mission 07: Gain access to the city’s central surveillance system
• Mission 08: Remove camera focus away from specific buildings
TRAFFIC CONTROLLER LIGHTS AND MANIPULATING SYSTEMS
• Mission 09: Establish connection to Traffic Controller System
• Mission 10: Gain access to Modbus Relay Switching Program
• Mission 11: Manipulate the program to gain access from external network
NETWORK EXPLOITATION AND BANKING SYSTEM
• Mission 12: Find the gateway to central bank system
• Mission 13: Gain access to the bank’s security system
• Mission 14: Infect the ATM with malware
SCADA SWITCHING, HACKING RAILWAY NETWORKS
• Mission 15: Find the Northern Railway Networks system
• Mission 16: Obtain access to NRN Network
• Mission 17: Gain access to switching system
• Mission 18: Switching tracks - controlling Modbus Relay
AUTOMOBILE, WIFI AND HOSPITAL HACKING
• Mission 19: DDOS’ing alarm systems
• Mission 20: Manipulate RFID for bypassing the toll plaza
• Mission 21: Taking over Wi-Fi network at the local coffee shop
• Mission 22: Manipulating medical records of patients admitted in hospital
SECURE POWER GRID AND DEFEND NETWORKS
• Mission 23: Writing Firewall Rules for city’s Power Grid
• Mission 24: Snort Configuration for detecting attacks
• Mission 25: SCADA Security for city’s power grid
• Mission 26: Setting Up Honeypots for defending networks
• Mission 27: Policy Management to minimize risk
FORENSIC OPERATIONS OF SYSTEM AND NETWORK
• Mission 28: GSM interception and handling PCAP Files
• Mission 29: Handling file system images
• Mission 30: Log analysis of attack on a telecom system

The open platform allows your staff and students to design their own custom scenarios with
the starter DIY Kit!

Tactical Cyberange Simulations Pvt Ltd © 2018 10

PLC / SCADA Training and Advanced Simulation (Add-on)
Simulators for top SCADA / PLC devices including:

Allen-Bradley PLC Siemens PLC Interface Boards, SDK and drivers

Create a virtual factory using a palette of industrial parts, including sensors, conveyors,
elevators, stations, and many others. Work with most common Industrial applications and
automation technologies including Modbus, OPC and other top PLCs.

• With 20+ ready-to-use scenarios inspired by typical industrial applications to practice

real world control tasks.
• Practice real world troubleshooting routines by easily injecting Always On and Always
Off failures in sensors and actuators
• Learn SCADA / iOT Security with strong foundation on PLCs based on real world
deployments
• Cyberange Lab includes real SCADA / PLC for your students to experience hands-on
training!

Tactical Cyberange Simulations Pvt Ltd © 2018 11

Smart Homes Security Simulation (Add-on)
Designed to cover a wide range of curriculum targets within Science, Technology, Engineering
and Math (STEM), the smart home security simulation has everything you need to create and
monitor a real-time smart home simulation. With a built-in home console, you can monitor,
control and secure a virtual home by creating smart home scenarios. Connect a wide range of
external automation technologies: PLC, SoftPLC, Modbus, OPC, microcontrollers to test security
designs.

Advanced simulation includes:

• 174 Interactive Devices - Interaction with lighting, heating and other smart home
devices using more than 400 I/O points.
• Built-in Smart Home Console - Integrate with a wide range of external automation
technologies (e.g. PLC, Modbus, microcontrollers and others).
• Thermostats - Real-time simulation of thermal behavior takes into account weather
conditions, location and properties of the building.
• Digital and Analog I/O - Turn lights on and off using digital values or measure
brightness with analog values.
• Energy / Power Consumption - The Power Panel tracks real-time data of power
consumption and accounts the hourly, daily, weekly and monthly energy consumption
and cost.
• Program using Scratch2: Can be used together with Scratch 2 through scratch
extensions!

Tactical Cyberange Simulations Pvt Ltd © 2018 12

BreakingPoint Cloud License (on-demand Add-on)

The Cyberange Smart City Simulator comes with IXIA BreakingPoint over cloud, an all-in-one
applications and network security testing platform. By simulating real-world legitimate traffic,
distributed denial of service (DDoS), exploits, malware, and fuzzing, BreakingPoint validates an
organization’s security infrastructure, reduces the risk of network degradation by almost 80%,
and increases attack readiness by nearly 70%.

How might a specific configuration or security setup withstand a cyber-attack?

BreakingPoint addresses that by simulating both good and bad traffic to validate and optimize
networks under the most realistic conditions. Security infrastructures can also be verified at
high-scale, ensuring ease of use, greater agility, and speedy network testing.

KEY FEATURES

• Simulates more than 300 real-world application protocols

• Allows for customization and manipulation of any protocol, including raw data
• Generates a mix of protocols at high speed with realistic protocol weight
• Supports more than 37,000 attacks and malwares
• Delivers all Real-World Traffic™ simultaneously from a single port, including legitimate
traffic, DDoS, and malware
• Bi-monthly Application and Threat Intelligence (ATI) subscription updates ensure
you are current with the latest applications and threats
• Provides a cyber range environment for hands-on cyber security skills development

The BreakingPoint cloud license for training students is included in Cyberange certification fees
and is on-demand delivered via cloud during training. This add-on license can be separately
purchased!

Tactical Cyberange Simulations Pvt Ltd © 2018 13

Advanced Adversary Emulation Tools
The Cyberange Lab includes over 10 Open Source Adversary Emulation solutions based on
MITREs “Adversarial Tactics, Techniques, and Common Knowledge” (ATT&CK™), which is a
curated knowledge base and model for cyber adversary behavior, reflecting the various phases
of an adversary’s life-cycle and the platforms they are known to target.

Red Team Automation Program

RTA is composed of python scripts that generate evidence of over 50 different ATT&CK tactics,
as well as a compiled binary application that performs activities such as file time-stopping,
process injections, and beacon simulation as needed.

Where possible, RTA attempts to perform the actual malicious activity described. In other cases,
the RTAs will emulate all or parts of the activity.

For example, some lateral movement will by default target local host (though with parameters
typically allow for multi-host testing). In other cases, executables such as cmd.exe or
python.exe will be renamed to make it appears as if a Windows binary is doing non-standard
activities.

Other tools include: Caldera, Metta, APT Simulator, Invoke-adversary, Infection Monkey, BT3,
DumpsterFire, Apfell, NSA Unfetter and more!

Tactical Cyberange Simulations Pvt Ltd © 2018 14

Cypherpath Cloud License (On-demand Add-on)

RAPIDLY BUILD, OPERATE, AND DEPLOY CYBER WORKLOADS ANYWHERE.

Train, Test, Exercise, Assess, and Respond

Cypherpath SDI OS natively brings together compute, virtualization, networking, and storage
into an integrated scale-out stack for deploying private, hybrid and public software defined
infrastructures on bare metal hardware. Infrastructures completely under the control of
software allow IT teams to focus on the applications and services that propel business.

Rapidly deploy Public / Hybrid / Private Clouds – Top Features

1. 100% Software Solution

2. Support testing, training, exercising, and play through scenarios.
3. Copy, clone, import, export, share, and reset entire SDIs.
4. Keep SDIs protected and running with checkpoints.
5. Observe attack and defense scenarios in an isolated environment.
6. Mitigate risk and ensure continuity with self-contained SDIs.
7. Safely conduct forensics and malware analysis.
8. Install to commodity hardware and run a SDIs in under 10 min.
9. One system for delivering repeatable and standardized infrastructure at scale
composed of any workloads.
10. Agility to meet any infrastructure requirements on-demand.
11. Built-in support for existing machine and disk images formats.
12. Launch entire SDIs with the push of a button.
13. Provide greater security and simplify infrastructure management.
14. Focus on apps and services instead of infrastructure.
15. On-demand infrastructure to develop new solutions.

This add-on is separately available for purchase and requires special hardware for training in
University environment.

Tactical Cyberange Simulations Pvt Ltd © 2018 15

Cyberange Smart City Simulator Mission Dashboard

Cyberange Smart City Simulator Student Scoreboard

Scoreboard shows the progress achieved by students, teams in various missions.

Tactical Cyberange Simulations Pvt Ltd © 2018 16
International Certifications on Smart City Simulator
The following certifications are supported on the simulator:

Cert Certification Name Course Simulator Category

Code Code Compliant
CCIO Cyberange Certified Intervention Officer DEF700 No Defense
CCSA Cyberange Certified SOC Analyst DEF701 Yes Defense
CCDE Cyberange Certified Data Center Security Expert DEF702 Yes Defense
CCIS Cyberange Certified IOT Security Professional ICS700 Yes Industry
CCDP Cyberange Certified Drone Security Professional ICS701 No Industry
CCPE Cyberange Certified Power Security Expert ICS702 Yes Industry
CCBE Cyberange Certified Banking Security Expert ICS703 Yes Industry
CCSC Cyberange Certified Smart City Security Expert ICS704 Yes Industry
CCFI Cyberange Certified Forensics Investigator IRF700 Yes Forensics
CCMA Cyberange Certified Malware Analyst IRF701 No Forensics
CCRE Cyberange Certified Reverse Engineer IRF702 No Forensics
CCTH Cyberange Certified Threat Hunter IRF703 Yes Forensics
CCPT Cyberange Certified Penetration Tester OFS701 Yes Offensive
CCWT Cyberange Certified Web App Penetration Tester OFS702 Yes Offensive
CCXD Cyberange Certified Exploit Developer OFS703 No Offensive
CCMP Cyberange Certified Mobile App Pentester OFS704 No Offensive

Certification Process
The Certification process is stringent and fully driven by hands-on assessment

Psychometric
Online Exam
Test
• Online • 8 Hours lab
• Cyber exam
Security • 2 Hours • Submit thesis • On request
Oriented • Highly • Earns NSD of potential
Technical Falcon Level employers
• Earns NSD • Detailed
Cadet Level psychology
Aptitude Test analysis
Lab Exam

Tactical Cyberange Simulations Pvt Ltd © 2018 17

Recognized by India’s National Security Database (NSD)

The Cyberange certifications are recognized by

Information Sharing and Analysis Center (ISAC) under
its prestigious National Security Database (NSD)
program.

National Security Database (NSD) certification is

awarded to credible & trustworthy Information security
experts with proven skills to protect the National Critical
Infrastructure & economy of the country.

The recognition from NSD provides numerous benefits including assured job interviews and
support for career advancement.

Various levels in National Security Database

The National Security Database has three levels of recognition as below:

Cadet FalCon Guardian

• The first level of NSD • The highest technical • The highest senior
recognition, the award from NSD, management award
Cadet level is Falcon level is from NSD, Guarded
awarded to awarded to level is awarded to
professionals who professsionals who professionals with
clear domain specific clear the eight hours proven cyber security
two hour theory lab exam experience of five or
exam (online) more years in a
specific Industry

Cyberange certifications are fully recognized by National Security Database (NSD).

Tactical Cyberange Simulations Pvt Ltd © 2018 18

Cyberange Smart City Simulator in Action – Video
Watch short videos on Cyberange Lab to learn more about the platform!

Cyberange Lab Demo NCIIPC GCCS 2017 Aaj Tak Video on

Cyberange

Video 1 Video 2 Video 3

http://bit.ly/aboutcyberange http://bit.ly/NCIIPCGCCS http://bit.ly/AajTakCyberange

Global Conference on Cyber Space (GCCS)

India hosted the world’s largest “Global conference on Cyber Space” (GCCS) in 2017, under the
Ministry of Electronics and IT, with Cyberange hosting the official Hackathon for the conference
where delegates from over 120 countries participated in the challenge.

The winners felicitated by Shri Narendra Modi, Prime Minster of India on 23rd November
2017.

Media Articles

https://dailym.ai/2w2KDNZ http://bit.ly/AajTakCR http://bit.ly/IT-CR http://bit.ly/TG-CR

Tactical Cyberange Simulations Pvt Ltd © 2018 19