Imagine you woke up one morning to discover that your city had been targeted in a cyber attack affecting critical infrastructure. You grab your phone to check Twitter for the latest news, but your internet access seems to be down. You walk to the metro station to get to work, only to find that the trains are experiencing huge delays. You hear people talking about power outages and scrambled public transportation in other cities throughout the country, but the details are fuzzy. You finally hear on the radio that a large-scale denial-of-service attack targeting Internet of Things (IoT) devices in critical infrastructure has hit several cities throughout the United States and the world. So far, no one knows who is behind the attack, or whether it’s possible to fix the affected systems quickly.
Each team was charged with briefing the National Security Council on how to mobilize a comprehensive domestic and international response to the attack. The students were challenged to think about a range of issues including the coordination of a public-private incident response, timely technical mitigation, and diplomatic efforts to overcome the crisis. At the end of Day 1, team Hoya Hacksa learned they had advanced to the second round, and worked overnight to prepare a new memo and presentation following a new intelligence insert. After advancing to the third and final round, the team had 15 minutes to review a final intelligence insert and prepare an updated presentation for a round of four expert judges.
The team attributes their success to their diverse backgrounds. “We considered all facets of the issues and devised multi stakeholder solutions,” says Katya Sedova, a second year at the Master of Science in Foreign Service (MSFS) program. Jack Lucas, a first year Security Studies Program (SSP) student with a computer science background, helped the team to devise creative, out-of-the box technical solutions that impressed the judges. The team also stayed calm under pressure, as the judges tried to rattle them with tough questions. “We were praised for our ‘D.C. polish,’” says Marc Becker.
Each round was judged by four experts from the cybersecurity field, with experience working at a wide range of institutions, including Google, the Council on Foreign Relations, IBM, Morgan Stanley, the Army Cyber Institute, FlashPoint, JPMorgan Chase, Foreign Affairs, and 21st Century Fox. After each round, the students faced a round of questioning and then received feedback from the judges on the strengths and weaknesses of the team’s policy recommendations.
“All in all, it was a great learning experience,” says Anna Carroll, also a second year MSFS student. “We had to work together quickly and under pretty intense pressure, and we had think on our feet during the Q&A sessions. I’d highly recommend it for any SFS students interested in cyber issues. Plus, it was great orals prep!”
The NYC Cyber 9/12 Student Challenge scenario was designed by the Atlantic Council, which initially developed the Cyber 9/12 Student Challenge program and hosted its inaugural competition in 2013. Team Hoya Hacksa earned an automatic bid to the Atlantic Council’s Cyber 9/12 competition in March 2018. Stay tuned to hear how they do!