How first responders train for real-life cyber threats

For homeland security professionals to be successful in their field, it is critical to stay ahead of prevailing tendencies within the industry. Colorado Technical University recently sponsored a mock exercise, hosted by the Colorado Emergency Preparedness Partnership (CEPP), and attended by personnel from private and public sector institutions to help prepare for a cyber-attack.

During the tabletop exercise, an expert panel addressed propagation and impacts of a cyber-attack from domestic and foreign organizations. This simulated exercise was part of a continued series of emergency preparedness events led by CEPP and this event’s sponsors: Western Cyber Exchange, CTU and the Canadian Consulate.

The cyber-attack scenario began in southern Colorado and spread from local jurisdictions to a national threat, and ultimately a global one. Families, businesses, communities, government services and the critical infrastructure we depend on for our everyday needs suffered the consequences from the simulated attack. Our expert panel, consisting of private and public sector members from the city of Colorado Springs; telecommunications and energy sectors; the state, federal and Canadian governments; addressed the evolving scenario.

The goal was to handle the scenario while minimizing the damage to our communities, businesses, essential services and even our national security.

Participants received the background about a “Rogue Nation” and its recent missile exercises and threats to U.S. interests. Then, it begins … Day 1:

Early morning – Unusual cell phone activity monitored in Colorado Springs.

10 a.m. – Retail stores report consumer requests for free merchandise offered through a mobile app offering; unruly crowds form at various locations.

11 – Tweet sent about failure to reward coupon; 300 tweets within one hour.

11:15 – Consumers contact local media to voice concern about fraudulent activity of retail stores.

Noon – Retail stores request police assistance for crowd control; mayor expresses concern about the safety of a visiting foreign dignitary.

The scenario continues through Day 1 and into the early evening of Day 2. Along the way, the expert panelists and participants to discuss the problems and their potential resolutions.

One thing is immediately evident. Information technology interdependencies and the vulnerabilities that manifested themselves due to these interconnections are a serious, growing concern to our way of life. This exercise, along with other information-sharing avenues, provides an opportunity for participants to understand how the private and public sectors relate and share information with each other.

Identifying who is responsible and when is very important in being able to fend off the increasing number of cyber-attacks. Additionally, knowing what entities have which capabilities allows all of us to be better prepared.

Nearly 100 first responders attended this event and walked away with an insider’s look at the collective risk posed by a real cyber threat, its impact on businesses and their communities, and most importantly, how to respond to the threat.

Bob Lally is dean of Homeland Security at Colorado Technical University, responsible for direction for all programs related to homeland security. A retired Navy captain, Lally holds an M.S. in national security from the National War College and a B.S. in industrial engineering from Georgia Tech. Connect with him on LinkedIn.