Europe’s first 5G cybersecurity exercise in Vienna.

The fifth generation of mobile communications offers many opportunities by also posing challenges. With the increasing use of open standards and mainstream digital platforms, the threat to 5G networks is more present than ever. On the one hand, the mobile and cybersecurity industry has responded with high 5G security standards and policies. In addition, training and capacity building are of great importance in order to be prepared for potential attack scenarios in the best possible way. The AIT Cyber Range – Training Center enables testing and training of cyber security teams in real scenarios in the context of different threat scenarios. 

To enable the most effective training as well as to support sustainable training objectives, a modern and highly flexible simulation environment – the AIT Cyber Range – has been developed at AIT, which has already been successfully deployed internationally with critical infrastructure operators. In particular, the flexible creation of training scenarios and the support of trainers for a highly flexible and effective training process characterize the cutting-edge training center at AIT.

The training scenario

With the overall objective to increase the resilience of 5G networks, the exercise addressed participants from Austrian stakeholders in the telecommunication sector as well as public authorities. To provide the training with as much practical relevance as possible, the fictitious mobile operator “Prime Net Mobile” was created as an internationally active company. A group of protagonists attempted to disrupt the company’s business operations through targeted cyberattacks. Since the fictitious operator has branches in various European countries, both national and cross-border coordination, information and coordination processes had to be ensured when dealing with these incidents. The respective teams had to cope with two tasks: On the one hand, they had to cope with technical and communicative tasks within the “AIT Cyber Range”, on the other hand, the participants had to communicate with their respective authorities or contact persons.