Presented by Verizon
During Operation Convergent Response 2019, a simulation illustrates how technology helps cyber teams and first responders mitigate a powerful ransomware attack on critical infrastructure.
Ransomware attacks have been paralyzing state and local governments around the country in recent years, often with devastating consequences. But with the right technologies in place, responders can quickly mitigate even the worst-case scenarios, experts say.
At Operation Convergent Response (OCR) in Perry, Georgia November 19 through 21, Verizon and Nokia presented a realistic simulation of one of those worst-case ransomware attacks, demonstrating how its cyber response team works with first responders to mitigate a major crisis.
In this ransomware scenario, the Verizon cyber response team is deployed locally after cyber attackers take control of city systems and unleash a near-doomsday scenario: Releasing a dam when city officials refuse to hand over a ransom payment.
Tech Tools Aid First Responders and Citizens
The mission: Find, fix and remove the ransomware while keeping citizens safe. Responding to such a crisis scenario isn’t confined to coders and cyber experts. The attack on this critical infrastructure triggers a full-scale coordinated response that requires a suite of sophisticated technology, from cyber mitigation to first responder rescue efforts.
The team’s first task is to assess the damage to the city with flood-prediction technology. A command center has been set up with screens that show the progression of the flooding and how much it will affect the local community. The incident command is also prepared to act in the event the power grid goes offline and has already deployed a response truck to provide high-speed internet and communications to first responders on the peninsula.
As the crisis unfolds, the community is evacuated. However, some residents have decided to stay in their homes that are now under water.
“It's important that with our flood projection tools, we can get to the communities and tell them approximately how much time they have when an event like this happens and be prepared — not reactive,” said Jared Hilzendeger Verizon Response Team official on the scene.
At the safety coordinator tent nearby, Grace Kitzmiller, principal product manager for AWS’ Disaster Response team, is acting as a safety officer, helping to keep first responders in the fieldsafe. Although the cellular network is down, she demonstrates a handful of tools she can make use of without a network to aid those on the ground.
One such tool is Amazon Web Services’ Snowball Edge device. The tool functions as a “cloud in a box,” with up to 100 terabytes of storage and 52 virtual CPUs, providing a significant amount of processing power.
“It can run apps, it can have data stored on it, it can run whether you're in a connected or disconnected environment,” Kitzmiller explained. “It gives you the opportunity to think about what data can I bring with me to be helpful in the field and what software and applications can I bring with me to help with my response activities.”
Meanwhile, solar- and wind-powered lights provide lighting to first responders working in the field as well as the general population, in the case of a widespread power outage. Verizon’s satellite solutions group taps portable power systems and satellite backhaul connectivity to help first responders at the scene remain connected to the network.
Autonomous Vehicles Reach Those in Need — Remotely
Back at the scene of the flooding, first responders employ an arsenal of technology to rescue residents trapped by flood waters. Drones produce a 360-degree picture of the disaster area and obtain coordinates for each specific home affected by flooding. Moreover, drones can deliver medicine to disaster victims. Using the Verizon network, a first responder uploads the coordinates of a resident’s home and sends the drone off to deliver emergency medicine. Once it returns to the incident-response base, the drone is capable of being redeployed in minutes.
By deploying coordinates via a remote connection to the Verizon network, autonomous boats can provide medical supplies, search for survivors and, if necessary, ferry someone to safety.
This scenario emulates real cyber attacks on critical infrastructure. Using intelligence from these past attacks collected by Verizon’s Threat Intelligence Platform and training at events like Operation Convergent Response, first responders and cyber risk response teams can leap into action and more effectively respond to major cyber attacks.
This content is made possible by our sponsor. The editorial staff was not involved in its preparation.