WASHINGTON — The Army Cyber Institute is building a portable, tailorable platform for cities to practice responding to cyberattacks targeting critical infrastructure.
“For a long time we assumed uncontested homeland, and now that’s not necessarily as good of an assumption as it used to be,” said Lt. Col. Erica Mitchell, research lead for the critical infrastructure/key resources team at the Army Cyber Institute.
The idea stems from the series of exercises created by the institute, the Army’s cyber think tank at West Point, to investigate how cyberattacks affect critical infrastructure at the local level — for systems such as telecommunications or water service, for example. In some cases, the exercises examined how a serious cyber assault could impact military forces stateside from deploying overseas.
Given these exercises take 18-24 months to plan, leaders wanted cities and other municipalities to be able to run similar events more frequently.
“One of the challenges we have is that a municipality’s goal needs to align with the DoD’s goals or the Army’s goals and what we’re doing with these tools is basically opening it up where anyone can use them,” Mitchell told C4ISRNET before a virtual demonstration of the platform March 31.
The Army would like military installations to work on the exercises with civilian counterparts in their region, she said.
“It also allows for increased frequency. I can conduct one of these, let’s say it’s six months from now. Then I know what I need to work on, I see what works, what doesn’t work … Six months later I can do another one. Have I improved, what do I still need to improve? I can track that progress and actually see where I started, how it’s going and where I want to be.”
Currently in its beta form and not publicly available, the open-source platform consists in three components, including a writer application for developing scenarios and a planning application for developing a playbook for the exercise. Both of those feed into the last component, a platform that participants log into to perform the tabletop exercise.
Each are separate, web-based tools that do not require software downloads.
Beyond the tabletop exercise, Mitchell said there are plans to incorporate a cyber range where participants can conduct “live fires” in a simulated cyberspace. This live environment is about two years off and requires more funding.
The plan is to secure more funding for testing and development and begin to roll out the beta version for test exercises, with the first likely in the fall. The cyber institute plans to make full operational capability available in fourth quarter of fiscal 2023.
The bigger picture idea is for this platform to contribute to a greater sense of cybersecurity across society.
“Our goal as the Army Cyber Institute is to make this available to anyone regardless of their city budget,” Mitchell said. “Because to us, the whole of community approach being done across the nation is going to better protect our critical infrastructure than anything else.”
The platform is also of use to the military to provide a database for certain decisions.
Organizations such as the Army’s Surface Deployment and Distribution Command, which provides logistics assistance in moving assets, can use data from exercises on the platform to challenge assumptions about using ports or other points to move capabilities.
Moreover, military installations rely upon the critical infrastructure, such as power supplies. Being able to work with municipalities to better understand how to protect these assets improves the strength of the collective community, Mitchell said.
The more cities that use the platform, the more beneficial it will be because once a scenario is created, others can use it or tweak it to fit their specific needs.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.