Cyber-Attacks – How First Responders Train for Real-world Threats

By Robert “Bob” Lally

CTU Cyber Attack Preparedness ExerciseFor homeland security professionals to be successful in their field, it is critical to stay ahead of prevailing tendencies within the industry. CTU recently sponsored a mock exercise, hosted by the Colorado Emergency Preparedness Partnership (CEPP), and attended by personnel from private and public sector institutions to help prepare for a potential cyber-attack.

During the tabletop exercise, an expert panel addressed the propagation and impacts of a cyber-attack from domestic and foreign organizations. This simulated exercise was held as part of a continued series of emergency preparedness events led by CEPP and this event's sponsors - Western Cyber Exchange, Colorado Technical University and the Canadian Consulate.
A cyber-attack scenario began in southern Colorado and spread from local jurisdictions to a national threat, and ultimately a global one. Families, businesses, communities, government services and the critical infrastructure we depend on for our everyday needs suffered the consequences from the cyber-attack. Our expert panel, which consisted of private and public sector members from the City of Colorado Springs; telecommunications and energy sectors; the state, federal and Canadian governments; addressed the evolving scenario. The goal was to handle the scenario while minimizing the damage to our communities, businesses, essential services and even our national security.

Participants receive the background about a Rogue Nation and its recent missile exercises and threats to U.S. interests. Then, it begins … Day 1:

  • Early AM – Unusual cell phone activity monitored in Colorado Springs
  • 10 AM – Retail stores report consumer requests for free merchandise offered through a mobile app offering; unruly crowds form at various locations
  • 11 AM – Tweet sent about failure to reward coupon; 300 Tweets and counting within one hour
  • 11:15 AM – Consumers contact local media to voice concern about fraudulent activity of the retail stores
  • 12 PM – Retail stores request police assistance for crowd control; mayor expresses concern about the safety of a visiting foreign dignitary

The scenario continues through the afternoon of Day 1 and into the early evening of day 2. Along the way, there are breaks in the scenario for the expert panelists and participants to discuss the problems and their potential resolutions.

One thing is immediately evident from this exercise; information technology interdependencies and the vulnerabilities that manifested themselves due to these interconnections are a serious and growing concern to our way of life. This exercise, along with other information sharing avenues, provides an opportunity for the participants to understand how the private and public sectors relate and share information with each other.  Identifying who is responsible and when is very important in being able to fend off the increasing number of cyber-attacks. Additionally, knowing what entities have which capabilities allows all of us to be better prepared.

Nearly 100 first responders attended this event, and they walked away with an insider’s look at the collective risk posed by a real cyber threat, its impact on businesses and their communities, and most importantly, how to respond to the threat.