By Maj. Lisa Beum
Army Cyber Institute Public Affairs
WEST POINT, N.Y.—“When there is a fire, you call the fire department, when you see a crime you call the police department, but when someone is a witness to a cyberattack who do you call for help?” — a question posed by Class of 2021 Cadet Bryan Kim during his recent observation of Jack Voltaic, the Army Cyber Institute’s research project focused on critical infrastructure resiliency against cyberattacks.
“Allowing cadets the opportunity to observe and participate in Jack Voltaic, a real-world cyber incident and emergency response event, helps demonstrate just how important cyber impacts have become with regard to understanding the multi-domain operational environment they will soon enter as new Army officers.” Maj. Erik Korn, Army Cyber Institute researcher, said. “This operational environment has become increasingly contested, and it remains critical that they can quickly understand the threat, make necessary adjustments and still accomplish their operational objectives.”
To prepare cadets for Jack Voltaic, Korn, who teaches the IT460 course, focused a lesson on critical infrastructure to show the interdependencies among different sectors as well as the complexities of an ever-changing environment in the cyber domain. As a part of the ACI’s Critical Infrastructure/Key Resources team, Korn was able to tap into subject matter expertise to give cadets a broader experience. For the critical infrastructure class, Lt. Col. Erica Mitchell, ACI researcher on the CIKR team, guest lectured about Jack Voltaic to give realistic perspectives and lessons learned from previous JV events as well as real-world examples of second- and third-order effects of cyberattacks.
“I have always firmly believed in tying theoretical concerns to practical implications of those concerns,” Mitchell said. “By hearing about critical infrastructure dependency and then watching those who work in various critical infrastructure sectors respond to attacks on their sector or deal with the effects of attacks on other sectors, the cadets were able to understand more clearly the risk of cyberattacks.”
Following the critical infrastructure class, cadets observed Jack Voltaic 3.0, the ACI’s first-ever, completely virtual JV event. The experiment took place Sept. 22-24, through a regionally-focused exercise that included commercial, critical infrastructure supporting military deployment and global logistics operations. This year, Jack Voltaic occurred with the cities of Charleston, South Carolina, and Savannah, Georgia, as they are key locations that support military force projection.
“With Jack Voltaic 3.0 transitioning to a completely distributed event, we were presented with a great opportunity for IT460 cadets to virtually observe a real-time cyber exercise where local, regional and federal public-private sector entities dealt with a cascading cyber incident coupled with real-world emergency response events,” Korn said. “We wanted cadets to understand the significant role that these different entities serve in during such a complex scenario, as well as how vital systems and services can become more stressed as situational complexity increases.”
After observing Jack Voltaic, Kim explained that events like the Jack Voltaic exercise exposed different organizations to the different resources and connections that can be used to handle a cyber incident. He continued to state that Jack Voltaic established the duties and responsibilities of each organization and helped those affected learn about the process of how organizations react to cyber incidents.
According to Class of 2021 Cadet Elijah Parrott, he observed that communication and fostering relationships were key factors in making cities stronger toward building resiliency against a cyberattack.
“Exercises such as Jack Voltaic allow stakeholders to network and communicate with other stakeholders in the community to understand what assets the other stakeholders have available and how to better communicate information between stakeholders,” Parrott said. “The biggest take away I have after observing Jack Voltaic is the importance of communication between not only between federal, state and local government agencies, but also for the private sector.”
By watching a real-world exercise take place in real time, cadets could better comprehend how the DOD remains largely dependent on critical infrastructure that is owned and operated by other entities, and to observe how force projection operations may be impacted by adversaries using cyber as an effective attack vector below the threshold of armed conflict.
“It was fascinating how the different levels of government, the public sector and private sector were able to come together, act as a thinktank and respond to a realistic scenario,” Class of 2021 Cadet Sara Scales. “I don’t think many people recognize the breadth of cyberattacks or cyber-enabled attacks, and this exercise proved, not only to me but many people within the conference, that cooperation and protocols across areas dealing with traffic, hospitals, waterways, education, law enforcement, etc. are essential.”
Prior to the event, Scales read the background on what Jack Voltaic was and watched a few videos but said “the actual exercise was far better than I was expecting.” She continued to say, “the organization of the ‘Turns’ and breakout tables was effective and allowed me to keep up with all of the updates from each of the tables. I enjoyed seeing the pieces of the puzzle come together while new information was given periodically, forcing groups to shuffle and adjust their plans on the spot.”
One of the bigger objectives of the critical infrastructure class and monitoring Jack Voltaic was to give cadets that real-world perspective and a better awareness of the multi-domain environment they will enter upon commissioning into the Army. This class was intended to enable them to become better officers and take what they learned to incorporate into their future careers.
“I learned the structure of U.S. Cyber Command and got the opportunity to read the mission analysis brief of cyber support to counter ISIL,” Kim said. “I never before had an in-depth lesson on how both offensive and defensive U.S. cyber operations are planned and executed.”
“Young officers have been raised in an interconnected world and are more comfortable with technology than their predecessors. However, their comfort with technology must be tempered with the understanding of the implications of the increase in connectivity,” Mitchell said.
Mitchell continued to emphasize the importance of our future leaders needing to recognize the implications of how cyber can affect operations by commenting that “a young officer graduating 20 years ago did not have to worry about whether their platoon’s movements would be affected by a cyber adversary in another country. Today, with the increase in battlefield connectivity, a platoon leader should absolutely be concerned with threats to their trust in the information provided by their connected devices.”
