Cyber Guard 16, an annual interagency exercise, is aimed at pushing the limits of those who protect America's critical infrastructure.
(TNS) — SUFFOLK — Rolling blackouts start in the Midwest, rendering much of the Northeast dark and leaving swaths of the South without air conditioning during the blistering summer.
An oil refinery on the Gulf Coast begins experiencing machinery malfunctions and barrels upon barrels of crude start streaming into the waterways around Port Arthur, Texas.
Ports in southern California have problems with the networked system that helps them refuel ships and their security camera networks, halting shipping traffic, causing delays along the supply chain and sending ripples through the American economy.
In the meantime, the Department of Defense is fending off wave after wave of attacks against networks at military bases while trying to address the escalating crisis. The attackers could be anyone from so-called "hacktivists" to the cybersecurity forces of another nation.
That's the day that more than 800 people from more than 100 organizations have spent the last two weeks preparing for at the Department of Defense's Joint Staff Suffolk Complex.
The event — led by U.S. Cyber Command, the Department of Homeland Security and the Federal Bureau of Investigation — is Cyber Guard 16, an annual interagency exercise aimed at pushing the limits of those who protect America's critical infrastructure.
That phrase "critical infrastructure" traditionally conjures images of roads, bridges and waterways but for decades has been expanding to include the digital systems that drive state-owned infrastructure. It includes the networks that run traffic lights or computers that open and shut canal locks, as well as the nation's energy sector, ports, manufacturing, telecom networks and other commercial sectors.
By 2018, the DoD will have 133 operational teams under Cyber Command to protect the interwoven web of critical computer networks. Cyber Guard is where they come to prepare for the fight ahead, said U.S. Coast Guard Rear Adm. Kevin Lunday, the U.S. Cyber Command's director of exercises and training.
"For us, it's not a question of if it will happen, but when. And the more relevant question is, 'Will we as a Department of Defense, will we as a nation, with our allies, be ready for it?'" Lunday said.
As important as technology is, Lunday said, training programs like this are meant to ensure that America always has the upper hand with a coordinated, trained and disciplined human fighting force.
The exercise is like two grandmasters playing chess on 24 different boards at once, with each "blue team" training unit struggling against intrusions from a companion "red team," other CyberCom teams whose job is to emulate hackers the DoD would expect to see in the real world.
But there's also an interconnected aspect, as if each chess board influenced the outcome on the other boards – the effects of intelligence sharing and coordinated response against a broad-reaching attack.
"We recognize that on America's really bad day, the team approach is needed to respond to cyber incidents," said Gregory Touhill, the deputy assistant secretary for the Department of Homeland Security's Office of Cybersecurity and Communications. "We're building towards understanding how best to put together those teams, train them towards the task and make sure that we're not exchanging business cards in a time of crisis, that we understand who's part of that team and what to do."
That team-building now extends far beyond military branches and government agencies working closely when things go sideways.
This year, organizers looped in a handful of large private entities responsible for major aspects of the nation's critical infrastructure, such as Dominion Power and the Port of Los Angeles, to give a real-world environment for those soldiers, sailors, airmen and marines who may someday soon be waging a war from behind their keyboards.
A unit from the California National Guard, for instance, was working in the network of a theoretical port trying to get the security cameras and other equipment back online after an attack that seemed intent on stealing information, getting a foothold in the network and ultimately shutting down the port's operations.
Cyber Guard is a little cushier than a real-world scenario — exercise participants will train during a normal work day, get a good night's sleep and start in again the next day. In the real world, they would work around the clock.
That doesn't mean the two-week program is a cakewalk. In the control room, exercise overseers decide when the invading red teams need to ratchet up the pressure on responding units.
"We put them under pressure to perform to the point of failure because that's where learning's going to occur," Lunday said. "We must press ourselves to failure and learn in this environment where in the real world in this scenario we cannot fail."
One unit working on rooting out attackers in their network suddenly had all of the English text on their systems changed to another language — just to throw them a curveball and see how they would respond.
"They say that the best steel, the strongest steel is forged in the hottest furnace, and that's what we're trying to create here," Lunday said.
©2016 the Daily Press (Newport News, Va.) Distributed by Tribune Content Agency, LLC.
Never miss a story with the daily Govtech Today Newsletter.