A 48-Hour “Siege” of the Official Email System During Dong Nai Province Cybersecurity Exercise

Following the opening session and intensive technical training held on December 23, 2025, the live-fire cybersecurity and information security exercise in Dong Nai Province officially entered its core phase from December 24 to 25. This phase marked the moment when participating forces directly confronted attack and defense scenarios designed to closely reflect the real-world operation of government information systems.

Throughout the continuous 48-hour exercise, attack and defense teams were assigned clearly defined roles and operated independently under the close supervision of the Organizing Committee and the Judging Panel. The objective was to assess incident response capabilities under conditions that closely resembled real-life cybersecurity incidents.

Team 14 - Lac Hong University Students in the Role of Live Attackers

Team 14, assigned as one of the attacking teams, consisted of students from the Faculty of Information Technology at Lac Hong University. Under the exercise scenario, the team was tasked with simulating targeted attacks against Dong Nai Province’s official email system at https://email.dongnai.gov.vn, in order to test the detection, alerting, and response capabilities of the defensive team.

The participation of students in this role went beyond an academic exercise. It placed them in a real cybersecurity problem set, operating under time pressure, strict technical requirements, and rigorous coordination procedures similar to those found in actual government environments.

The Official Email System as a Critical Target

During the exercise, Dong Nai Province’s official email system was identified as one of the critical assets requiring protection. This system serves as essential infrastructure for leadership, administrative coordination, and internal communication among government agencies, and therefore poses significant risks if compromised or taken over.

According to the approved scenario, Team 14 conducted assessments to evaluate the system’s security posture and identify potential vulnerabilities that could be exploited. All activities were carried out strictly within the scope of the exercise, under authorization and control by the Organizing Committee, ensuring no disruption to the system’s real-world operations.

Simulating Common Real-World Attack Techniques

In their role as the attacking team, Lac Hong University students were permitted to simulate several commonly observed cyberattack techniques seen in real-world security incidents. These techniques were selected to accurately reflect the threats faced by government information systems, while enabling the defensive team to test its detection and response capabilities.

The simulated activities focused on evaluating user awareness in the face of online phishing attempts, testing the robustness of account authentication mechanisms, and identifying potential vulnerabilities in web applications. Through this approach, the exercise assessed not only technical defenses but also human factors and operational processes in information security.

Forty-Eight Hours of Pressure in a Simulated Cyberattack

Unlike classroom-based laboratory exercises, the 48-hour live-fire drill placed students in a continuous operational mode, requiring them to monitor system responses and defensive countermeasures in real time. Each simulated attack action could trigger a corresponding defensive reaction, forcing the attacking team to adjust tactics and approaches dynamically.

The pressure extended beyond technical challenges to include strict compliance with exercise discipline, reporting procedures, and coordination requirements with the Organizing Committee. This distinction highlighted the fundamental difference between live-fire cybersecurity exercises and conventional academic simulations.

Educational Value of a Realistic Cybersecurity Scenario

Direct participation in an attack scenario targeting an official government email system enabled Lac Hong University students to gain deeper insights into the nature of cybersecurity incidents occurring daily within the public sector. Through each scenario, students applied technical knowledge while also developing a stronger sense of professional responsibility and ethical awareness in the field of information security.

From an educational perspective, the 48-hour exercise functioned as a “special classroom”, where students learned under real pressure, using real systems and real procedures. It also demonstrated the university’s practice-oriented training model, which emphasizes exposing students to authentic cybersecurity challenges at the local level.

From Exercise to Long-Term Response Capability

The outcomes of the exercise extended beyond evaluating system defense capabilities. They provided valuable data for authorities to refine procedures, upgrade infrastructure, and enhance workforce training. Within this broader context, the participation of Lac Hong University students as an attacking team helped illuminate existing challenges and highlighted the potential of young cybersecurity talent.

The 48-hour “siege” of the official email system was not merely a component of the exercise scenario, but a clear demonstration that university students can meaningfully contribute to high-level, technically demanding missions when trained effectively and placed in appropriate real-world environments.