Welcome to our newest environment, Zapp Public Power. This industrial control system (ICS) themed environment brings to life an electrical substation at a power utility. The challenges within this environment allow players to experience on-demand cybersecurity work roles, performing some of their core tasks within an ICS context.
Creating this environment has taken months of research, designing, planning, and engineering. We collaborated with the Cybersecurity and Infrastructure Security Agency (CISA) and subject matter experts from multiple US national labs in order to craft a virtualized, realistic substation and create cybersecurity challenges based on issues both dire and common to ICS in the real world.
Zapp Public Power is a fictional power utility that operates the power grid for various stakeholders, including residential customers and critical infrastructure (e.g., manufacturing, hospitals, schools, etc.). This environment specifically actualizes one of Zapp Public Power's primary electrical substations. To bring this substation to life, we created a simulation that could emulate the ICS sensors and equipment typically found in a substation, as well as two custom applications that allow one to directly view and alter the state of the ICS sensors and equipment. To further the depth of realism, we designed the ICS sensors and equipment simulation to mimic a programmable logic controller (PLC), enabling the substation to be monitored and interacted with via standard ICS applications (e.g., openHistorian) and protocols (e.g., Modbus).
Players will receive tasks and information from fictional characters representing various roles within the industry, such as electrical engineers, management staff, and cybersecurity professionals, when attempting challenges in this environment.
At present, the Zapp Public Power environment offers six different challenges. And while we highly recommend that you check out all six of them on the Webportal (a Curator account is required), we have highlighted two of the challenges below to give you an idea of what to expect in this new environment.
An anonymous report, concerning public exposure of a Zapp Power substation's camera feed and controls, has confirmed two Zapp Power electrical engineers' eerie feelings that they were being watched while performing on-site maintenance at Zapp Substation 434. The player is tasked with reviewing and reporting anything, camera included, that is publicly exposed at Zapp Power Substation 434, so the exposures can be corrected by Zapp Power HQ staff.
A recent security breach at a credit union used by many Zapp Power employees has allowed an unknown attacker to perform a successful credential-stuffing attack against Zapp Substation 434's VPN. Once inside, the attacker accessed the substation's Human Machine Interface (HMI) and shut down the outgoing power from the substation, plunging customer neighborhoods into darkness. The player is tasked with discovering the compromised VPN account, updating the compromised password, and bringing the power back online.
This environment and challenges were created through a partnership with and funding provided by CISA.