Majnoon Cyber Attack & Defense Exercise

Cybersecurity exercises aim to assess an organization's ability to handle a cybersecurity incident through the simulation of actual attacks. The exercise examines the process of responding to cyber incidents by initiating fictional cyberattacks against the company. However, it is important to note that no actual attack takes place during this drill; it only relies on scenario-based simulations.

The first round of Majnoon Cyber Attack & Defense Exercise, which is part of the Risk and Incident Response Plans, has been successfully completed. This exercise involved multiple teams, such as the Cybersecurity Team, System Admin Team, Datacenter Team, Telecom & Network Team, Application Team, and IT Support Team.

During the exercise, the attack team utilized various methods, including phishing, to gain unauthorized access to mailboxes of multiple users. They were able to identify several vulnerabilities. However, the defense teams promptly detected and blocked these intrusion attempts, and all vulnerabilities have now been addressed.

This exercise effectively assessed and tested the company's cybersecurity measures, including protection policies, emergency response capabilities, and cross-departmental collaboration. The results revealed certain weaknesses in the current cybersecurity status, such as insufficient security awareness among some employees and inadequate email security measures. The cybersecurity team will focus on addressing these shortcomings and remain prepared for any real cyber-attack that may occur in the future.