Austria hosts Red Team/ Blue Team cybersecurity training


The European Network for Cyber Security (ENCS) has joined Oesterreichs Energie to deliver its cybersecurity training programme for utilities.

ENCS is helping Oesterreichs Energie, an association of the Austrian electricity industry, to implement the Red Team/ Blue Team training programme.

The programme is a three day initiative designed to boost cyber security skills and awareness for energy utilities.

The motive behind the creation of the Red Team/Blue Team initiative is to promote research, development and adoption of cybersecurity technologies to protect Europe’s power grids from cyber attacks.

Smart grid deployment is leaving utilities grid networks vulnerable to attacks compared to traditional energy networks.

Integration of distributed energy resources such as electric vehicles and renewables with smart technologies including smart meters requires appropriate security solutions and methods, requiring new skills and practices, hence the launch of the ENCS Red Team/ Blue Team programme in November 2017.

Austria is making use of the Red Team/ Blue Team initiative due to increased use of smart meters, leading to greater fear of attacks. Almost 90% of electricity supplied throughout Austria is delivered via a smart meter.

Michael John, Director, Operations at ENCS comments: “Oesterreichs Energie has shown real leadership for the Austrian electricity sector on cyber security and we’re very pleased to be part of that.

“To successfully protect our power grids, we need to share expertise and collaborate: across Europe, across companies and across teams. The power of Red Team/ Blue Team is it gets people from different teams working together – IT professionals and engineers – to protect the grid in a joined-up way.”

The Red Team/ Blue Team initiative uses physical grid infrastructure of grid operator GridNet to offer cyber security training.

The grid infrastructure includes medium voltage circuit breaker, a SCADA network, virtualised 40-substation network routers, protocol gateways and protection relays.

The programme includes two days of classroom learning followed by a day-long live exercise where participants are split into attackers (Red Team) and defenders (Blue Team) to put their new knowledge into practice and see if they can infiltrate or defend Gridnet.