Power Plant Red vs. Blue Scenario

February 5, 2025

Summary

Inspired by the various cyberattacks in the Russia-Ukraine war, our team has decided to build a thrilling power plant environment. Will you step into the shoes of the attackers and disrupt the power plant’s operation by damaging its turbines?

Or will you help defend it and secure the facility against various threats? Only time will tell… 

The statements in the Red Team mission briefing aren't meant to glorify Russia's attacks on Ukraine, merely to provide the feeling of an immersive wargame.

Briefings

The relentless war rages on between Russia, the merciless aggressor seeking any form of advantage, and Ukraine, the valiant nation fighting fiercely to protect its sovereignty. Over recent years, this conflict has been marked by an unending barrage of cyberattacks, including the notorious Viasat satellite hack and the deployment of the infamous DarkEnergy and CaddyWiper malware. These digital assaults have wreaked havoc on Ukraine’s vital institutions, targeting governmental and financial agencies, and crippling key components of critical infrastructure, such as telecommunications and the energy sector.

Blue Team Briefing

You will assume the role of the valiant defenders, committed to safeguarding the power plant and ensuring its continued operation. Providing electricity is a crucial element of the military effort and is essential for enabling the Ukrainian civilians to endure and persevere, striving to maintain some semblance of normalcy amidst the turmoil. “Slava Ukraini!” [Glory to Ukraine]

Your mission is to secure this power plant by improving your defenses, reducing risk by implementing policies and managing and procuring staff and budget. Much like the Russian attackers, the threat actors are always looking for a way in. Will you implement cybersecurity awareness training policies to prevent incidents like these or use any of the other tools at your disposal? Only time will tell…

You can win the game by doing any of the following:

  • eliminating all vulnerabilities within the assets on the network
  • increasing the threat intelligence score to 100%
  • outlasting the Red Team when the turns expire

Red Team Briefing

You will assume the role of the unwavering attackers, trained to execute orders without question. Your mission is to sabotage the power plant’s operations, fully aware that crippling this facility will undermine the Ukrainian military’s efforts. This act is intended to be one of many incremental victories, paving the way for the Russian advance and the conquest of Ukraine. “Glory to Russia!

Your mission is to execute the entirety of an attack kill chain in other to accomplish your objectives. Will you be able to gain initial access via spear phishing, just like the Russian attackers, and compromise the plant’s critical process or will you choose to install disruptive malware and take the plant’s data for ransom? Only time will tell…

You can win the game by doing any of the following:

  • damaging the Blue Team’s critical process
  • reducing the Blue Team’s profit/loss meter so that it stays in the red zone (below 25%) for 5 consecutive turns

Network Map

And here is the network map that you will be working with as the Blue Team:

Red vs. Blue power plant scenario blue team network map
ThreatGEN Red vs. Blue – power plant scenario blue team network map

Copyright © 2025 by Derezzed Inc. D/B/A ThreatGEN, all rights reserved.

Search Posts

Recent Posts

Categories