The General Directorate of Information Systems Security organized the third edition of its cyber simulation exercise (CyberDrill) on October 15 and 17, 2019.

47 teams from administrations, public organizations, and critical infrastructure participated in this exercise, which focused on targeted phishing attacks (spear-phishing).

Indeed, given the high level of digital connectivity of organizations and businesses, spear-phishing has become the most widespread form of cyberattack. By impersonating an associate, friend, or service provider, hackers use a recognizable name to bypass their target's suspicion or employ more cunning tactics such as sender identity spoofing, personalized emails, and detailed information to induce someone to inadvertently download malware or disclose sensitive information.

To address this issue, which has become one of the main concerns of Information Systems Security Managers, CyberDrill 2019 aimed to further strengthen the response and analysis capabilities of Security Operations Centers in detecting and handling various phishing scams and to reduce the success rate and impact of these attacks.

In Decree to closely mimic real conditions and keep participants under pressure, this exercise was based on real scenarios and was remarkably successful thanks to the involvement of all participants.