The latest edition of the Army’s annual Cyber X-Games exercise is designed to let Reserve and other cyber warriors team up to train in dealing with real-world situations. It is focused on protecting U.S. infrastructure, an area somewhat outside the norm for the exercises, but one that reflects an emerging potential battleground on the cyber landscape.
The Cyber X-Games, held earlier this month at the University of Texas at San Antonio (UTSA), annually bring together cyber and network operations units from the Reserves and the Air Force, along with ROTC cadets and civilians, and this year focused on critical network infrastructures covering finance, public utilities, and health care, according to an Army release. The emphasis of the X-Games is drawn from the focus of the subsequent Cyber Endeavor conference, also held at UTSA, which each year highlights a critical topic facing the nation.
This year’s games come on the heels of a Department of Homeland Security alert issued in March of an ongoing, far-reaching Russian cyber campaign targeting U.S. power grids and other infrastructure, including the water and aviation sectors, critical manufacturing industries including nuclear power plants, and several U.S. government entities. The alert, issued by the FBI and DHS’s U.S. Computer Emergency Readiness Team (US-CERT), renewed talk about the importance of a whole-of-nation approach to cybersecurity, which includes the Department of Defense playing a part in protecting infrastructure.
This year’s games dealt with protecting elements of infrastructure that may have been new to some of the participants, including industrial control systems (ICS) such as supervisory control and data acquisition (SCADA) systems and other hardware-and-software systems widely used in industrial settings. They can run factory machines and operate the doors in prisons, but are widely–and perhaps most significantly–used in power systems and other utilities. They are also used in applications as varied as water treatment, food production, management of telecommunications, and IT systems.
One participant, Air Force Tech. Sgt. Dana Timmons, said that SCADA was not something he expected to see at a Cyber X-Games, but acknowledged that its role in infrastructure operations makes it important, according to the Army release. “SCADA is a big problem set in the cyber forum now, and the fact that it was addressed at the X-Games to bring awareness is significant,” Timmons said.
Putting ICS into a military cyber exercise reflects the reality of evolving threats. “What we as coordinators and collaborators try to [do] is take real world cyber related events and leverage the information from those events into an exercise,” said Lt. Col. Michael Lewis, operations officer for the Army Reserve Cyber Operations Group.
While DoD and every other organization deals daily with the regular onslaught of pings, probes, and intrusions on their networks, officials also have been preparing for the possibility of a major, large-scale attack–what one DoD official called a “terabyte of death”–that could do widespread damage to the country. Infrastructure would be a primary target in such an attack, prompting US-CERT and other organizations to emphasize infrastructure protection. DHS and DoD have discussed plans for a coordinated response to a major attack in a joint paper.
The U.S. Cyber Command, which oversees DoD’s offensive and defensive cyber operations, includes protecting U.S. infrastructure within its mandate, although its primary mission is the support and defense of DoD networks. Reserve and National Guard units are among those that could provide support directly to states in an emergency or other circumstance, including protecting the integrity of elections. The House Armed Services subcommittee earlier this year also floated the idea of having DoD set up cyber components that could assist civilian agencies in the event of a major attack.