Over 200 Participants Tackle Cyber Threats at Critical Infrastructure Defence Exercise 2024; First National Cyber Defence Exercise to Include Cloud Testbed for Cyber Defender Training

Participants from the Critical Infrastructure Defence Exercise (CIDeX) 2024 partaking in exercise-based scenarios to defend their digital infrastructure against live simulated cyberattacks.

The Digital and Intelligence Service (DIS) and the Cyber Security Agency of Singapore (CSA)¹ organised the Critical Infrastructure Defence Exercise (CIDeX) from 12 to 15 November, at the Devan Nair Institute for Employment and Employability. CIDeX 2024 is supported by iTrust SUTD,² and the National Cybersecurity R&D Laboratory (NCL). CIDeX is focused on training and strengthening Whole-Of-Government (WoG) cyber capabilities to detect and manage cyber security threats to Information Technology (IT) and Operational Technology (OT)³ networks that control the operations of critical infrastructure. 

This year’s edition of the cyber defence exercise involved over 200 participants from the DIS, CSA, and 26 other organisations.⁴ CIDeX 2024 featured an expanded digital infrastructure, with seven enterprise IT networks and corresponding testbeds, including two new testbeds, namely, rail system (OT) and Cloud (IT).⁵

CIDeX 2024 is the first national cyber defence exercise to include a Cloud testbed with “live” artificial intelligence (AI) models for cyber defender training. With the prevalence of Cloud-based networks and increasing Cloud adoption, the inclusion of the Cloud testbed helped to train cyber defenders in securing and defending Cloud-based networks. The testbed also facilitated the cyber defenders’ understanding of the vulnerabilities of AI models, and the identification of potential threats that could compromise AI-enabled systems.

Prior to the exercise, participants underwent a six-day hands-on training programme on cyber defence competencies.⁶ During the exercise, participants in the Blue Teams, comprising cyber defenders from participating organisations, defended their digital infrastructure against live simulated cyberattacks launched by composite Red Teams made up of DIS, CSA, DSTA, GovTech, IMDA, and LTA participants. Exercise scenarios involved attacks on the networks and testbeds, that aimed to disrupt operations and impact way of life, such as compromising a 5G network, and disrupting power supply and rail operations. CIDeX 2024 provided participants with the opportunity to hone their cyber defence instincts, sharpen their technical competencies, and share expertise and perspectives across organisations.

On the sidelines of CIDeX 2024, the DIS signed Memorandums of Understanding (MoUs) for cyber collaboration with Nanyang Technological University, Singapore (NTU Singapore) and Dragos, Inc., to expand its partnership with both the academic and tech sectors respectively. The MoU with NTU Singapore is an expansion of the Cyber Work-Learn Scheme, which was introduced in February 2018.⁷ The DIS also conducted a Youth Engagement Programme, where students visited CIDeX 2024 to better understand the importance of cyber defence and the roles of cyber defenders.

Speaking on how CIDeX continued to be a platform for national cyber defender training, Defence Cyber Chief Brigadier-General Edward Chen said, “The conduct of CIDeX as a national platform to hone our cyber defenders’ skillsets, speaks to our close cooperation with CSA and critical infrastructure organisations across the various sectors. This is critical to strengthen our collective ability to protect Singapore’s critical infrastructure systems. The inclusion of new testbeds in this year’s edition highlights how cyber defenders must adapt to the evolving digital terrain and learn to defend against emerging threats in cloud and artificial intelligence systems.”

CSA’s Assistant Chief Executive (National Cyber Resilience) Dan Yock Hau said, “A cyberattack on OT systems and cloud infrastructure may disrupt the delivery of our essential services and cause physical harm or even loss of lives. Large-scale cybersecurity exercises such as CIDeX allow our frontline incident responders to sharpen their incident response and network forensic skillsets; CSA is glad to partner with DIS on this. With the addition of rail and cloud testbeds in CIDeX 2024, participants will get the opportunity to tackle new and evolving cyber threats related to Operational Technology and Cloud infrastructure through realistic training scenarios.”

¹ The DIS and CSA signed a Joint Operations Agreement (JOA) on the sidelines of CIDeX 2022. The CSA-DIS JOA established a framework for cooperation and collaboration in the areas of joint operations and capability development that will contribute towards a secure national cyberspace.

² iTrust is a multidisciplinary research centre located at the Singapore University of Technology and Design (SUTD) that was jointly established by SUTD and the Ministry of Defence (MINDEF) in 2012.

³ OT refers to hardware and software that monitor and control devices, processes, and infrastructure. These include Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA) systems, safety instrumented systems, and Programmable Logic Controllers (PLCs).

⁴ The 26 participating organisations, in addition to the DIS and CSA, are: Changi Airport Group, Civil Aviation Authority Singapore, Energy Management Authority, GovTech, Infocomm Media Development, Jurong Port, Land Transport Authority, M1, Maritime and Port Authority of Singapore, Pavilion Energy, PUB, PSA, SBS Transit, Sembcorp, Senoko Energy, SATS, Singapore Airlines, Singapore LNG Corporation, SingTel, SMRT Corporation, SP Group, SP Tel, Starhub, Temasek Polytechnic, Tuas Power, and YTL PowerSeraya. 

⁵ Apart from rail system and Cloud, the five other testbeds are (i) power; (ii) water; (iii) gas pipeline; (iv) 5G network; and (v) airport.

⁶ This comprised training at the Singapore Armed Forces’ Cyber Defence Test and Evaluation Centre (CyTEC) at Stagmont Camp, and an advanced Security Operations Centre workshop by Splunk, a software development company.

⁷ The DIS also collaborates with NTU Singapore on the Digital Work-Learn Scheme, which was launched in March 2022. The Cyber Work-Learn Scheme and Digital Work-Learn Scheme are two different Work-Learn schemes for cyber specialists and digital specialists respectively.

This year’s edition of CIDeX sees the participation of more than 200 participants from the Digital and Intelligence Service (DIS), the Cyber Security Agency of Singapore and 26 other organisations.

Defence Cyber Chief Brigadier-General (BG) Edward Chen (left) and Vice President (AI & Digital Economy) and Dean, College of Computing and Data Science, Nanyang Technological University, Singapore Professor Luke Ong (right) signing a Memorandum of Understanding (MoU) for cyber collaboration on the sidelines of CIDeX 2024.

BG Chen and Dragos, Inc. Vice President of Intelligence and Services Kurt Gaudette signing an MoU to expand the partnership between the DIS and the tech sector.