Army simulations tackle threats to critical infrastructure
- By Patrick Marshall
have exposed the vulnerability of the infrastructure that supports
electricity grids, dams, air traffic control and other critical sectors.
If those industries are compromised, it could threaten the country’s
Although federal law prohibits using the military to enforce domestic policies, there's nothing to keep the military from using its cyber assets to protect the civilian digital infrastructure. For the first time, the Army’s annual Cyber X-Games focused
on protecting critical infrastructure and included reconnaissance of the cyber environment, inject detection and
response, and live red/blue teaming.
Hosted by the University of Texas at San Antonio (UTSA) in June, Cyber X-Games 2018 brought together 72 participants from various Army Reserve cyber and network defense units, Air Force cyber and network operations centers, ROTC cadets, and civilian network and cybersecurity professionals from government contractors to respond to attack scenarios on critical civilian networks.
Glenn Dietrich, a professor of information systems and cybersecurity at UTSA and one of the game’s coordinators, said the exercise involved 10 teams responding to approximately 300 scenarios of attacks on civilian infrastructure, including the chemical, energy, electricity, transportation and finance industries.
Participants gave the exercise high marks for driving home the importance of military specialists working with cybersecurity experts from the civilian side. "The biggest thing I learned was communication among the team,” said Army Reservist 1st Lt. Michael Stoner. By working with various military and civilian cybersecurity professionals, participants learned "how to operate and problem-solve in an environment like the one that was presented."
Dietrich said the exercise shone a needed spotlight on the national security implications of vulnerable civilian infrastructure. But he warned that there is a big difference between exercises and real-world threats, and a lot more work needs to be done.
“The scenarios are not the real world,” Dietrich said. “I don’t think any of our infrastructure is safe. There’s nothing that cannot be hacked.”
He added that one of the major takeaways from this year’s Cyber X-Games “is that the Army can respond to these kinds of emergencies.” He predicted that Army and National Guard troops will become the first responders for cyberattacks in many states.
“That’s part of their training, and I think that is a good thing,” he said.