The General Directorate of Information Systems Security organized the fifth edition of its cyber simulation exercise (CyberDrill-2021) on Tuesday, November 30th, and Thursday, December 2nd, 2021, under the theme: 'ACTIVE DIRECTORY SECURITY.' Fifty-five teams from administrations, public agencies, and critical infrastructure participated in this event.

The exercise took place in a virtual environment where teams were tasked with analyzing collected elements, identifying compromise indicators, discovering the most probable attack scenario, and proposing an appropriate response plan. The objective was to highlight the importance of practices and reflexes necessary for dealing with this type of attack, focusing on:

•  Understanding the Tactics, Techniques, and Procedures (TTP) recently used as well as the 'command & control' (C2) and offensive tools widely employed by attackers.
•  Conducting investigations on cybersecurity incidents related to phishing, lateral movement, credential dumping, etc.
•  Identifying indicators to detect and respond to such incidents.

Thanks to the involvement of all participants, the expected objectives were successfully achieved, as the majority of participants were able to solve the problems they faced.