Mercyhurst University cybersecurity team plays the bad guy at international event

Whether the challenge comes from a rogue nation or a hacker working alone, cyberwarfare is being waged around the globe.

Students at the Ridge College of Intelligence Studies at Mercyhurst University are groomed to be the good guys, trained to detect and stop attacks.

But Mercyhurst has been asked this week to take on another role in Buffalo when the U.S. Department of Defense and Army Task Force 46 host Cyber Impact 2022, an event — that will include the FBI and the federal Emergency Management Agency — designed to improve the effectiveness of a joint response to a cyberattack.

During this three-day event that begins Tuesday, faculty and students from Mercyhurst will play the role of the bad guys as members of the Red Team

Related coverage: New Mercyhurst president aims for 'bolder and a little audacious'

According to Mercyhurst, "A Red Team serves as the attacker in a cybersecurity exercise that simulates a real attack, using the same techniques and tools of hackers to evade detection and test the defense readiness of the internal security team."

Related coverage: Erie's Federal Resources announces sponsorship of cyber labs at Mercyhurst University

The Red Team, including Mercyhurst faculty and a couple of students, will be pressed into service on the second day of the conference at Key Bank Center.

Brian Fuller, director of operations for the Ridge College of Intelligence Studies, said Mercyhurst "didn't set out to be the Red Team. But it's a great opportunity for our students and a great opportunity for our program."

The Mercyhurst-led team will participate in a series of what are called tabletop exercises.

Participants, led by a moderator, will work their way through a series of possible attacks and how they might react to them.

More: Mercyhurst University teams with PricewaterhouseCoopers for cyber-autism program

Scenario: Shut down Buffalo's electrical grid

The Red Team, which is responsible for devising the series of hypothetical challenges, "will walk around and ask 'If you do this, have you thought about this?' " Fuller said. "It helps to make sure we are getting the scenario developed."

One of those scenarios was developed by Mercyhurst senior Jacob Maynard, who is working on a master's degree in data science and bachelor's degrees in intelligence studies and political science.

Maynard was challenged to create a scenario depicting the worst possible cyber incident that could take place in Buffalo. He created a cyberattack that shuts down New York's electrical grid.

“The number one goal is to prevent the attacks,” Maynard said in a statement provided by Mercyhurst. "Beyond that, the second goal would be to determine how to respond. And the third goal would be to find out who did it.”

Visitors gather outside Mercyhurst University's Cyber Education Center on Aug. 2, 2018, for the dedication of the $2 million space. Mercyhurst students and faculty will participate this coming week in an international cybersecurity exercise in Buffalo.
Visitors gather outside Mercyhurst University's Cyber Education Center on Aug. 2, 2018, for the dedication of the $2 million space. Mercyhurst students and faculty will participate this coming week in an international cybersecurity exercise in Buffalo.

Between 150 and 200 participants, including the military, law enforcement and universities, are expected to participate in the exercise.

“This is an extraordinary opportunity for Mercyhurst, the Ridge College, and most importantly our students, Fuller said.

Christopher Mansour, a cybersecurity professor from Mercyhurst, is among those who will be speaking. His presentation will focus on threats to industrial control systems.

Just a game?

But is this exercise just a game? Does it make any of us safer?

Army Col. David Hayes, assistant chief of staff, communications, 46th Military Police Command, based in Lansing, Michigan, believes that it does.

“We are in the digital age … as we look at the attacks that are occurring, we are one click away from affecting a power grid or a banking institution, and this is only going to get more prevalent,” Hayes said.

Hayes, who invited Mercyhurst to participate, said it is the responsibility of the task force to make sure responsible parties are well trained and ready if an attack takes place.

"We have bad actors doing cyberattacks more and more," Hayes said.

Fuller, who served for 24 years in Army Intelligence, said Russia's attack on Ukraine is a reminder of the dangers we face.

"Russia did that prior to moving into Ukraine," Hayes said. "They shut down key infrastructure and they shut off communications."

Writing in Friday's edition of the New York Times, Glenn S. Gerstell, former general counsel of the National Security Agency, analyzes that growing threat.

He writes: "Destructive malware has flooded hundreds of Ukrainian websites and computers since Vladimir Putin announced his invasion. It would be a mistake to assume such attacks will remain limited to Ukrainian targets."

Fuller said he's happy to see Mercyhurst play a role in combating that threat, even if it means taking on the role of the troublemaker.

In this scenario, he said, "I am the bad guy who is doing good things."

Tips for cyber safety

Here are a few simple steps that you can take to minimize cyber risks and protect yourself from hackers:

  • Create strong passwords and change them periodically. Use different passwords for the services you use. Consider employing a password manager.

  • Use multifactor authentication (MFA) to ensure the security of your account beyond username and password.

  • Limit the information you share online. Provide only data in required fields and use caution when providing optional information on online forms.

  • Keep your devices up to date. Manufacturers regularly release software updates, which block newly discovered vulnerabilities.

  • Avoid clicking on suspicious links in emails and email attachments.

  • When using public Wi-Fi utilize a virtual private network (VPN).

  • Review your credit card statements for unrecognized charges that could signal fraud.

  • Credit reports can be useful in identifying unexpected inquiries or accounts. Regularly reviewing them is important to protecting your identity.

Source: Mercyhurst University Cybersecurity Professor Christopher Mansour

Contact Jim Martin at 814-870-1668 or jmartin@timesnews.com. Follow him on Twitter @ETNMartin.

This article originally appeared on Erie Times-News: Mercyhurst cybersecurity team takes on bad guy role at big event