The recent security breach of debit card data at Target stores showed how hackers are getting more sophisticated in their abilities to crack the networks of major corporations, said Tony Cooper, spokesman for the Technology Association of Georgia or TAG, which is sponsoring the event.
But what if a logistics company, say a mover of cargo through a local airport or a ground carrier such as UPS, were to experience a simultaneous cyberattack against its computers and a physical attack that included explosives in a package being sent from point A to point B?
That’s the type of scenario that could play out today, with role players carrying out the attacks at the 2014 Cyber Security Simulation.
Cobb County Police Department and Cobb 911 Center will be participating in the event along with state and federal agents, the Georgia National Guard, high-level executives from the corporate world and some of the top security people in the region and around the world, according to organizers with TAG.
The all-day event will run from 8:30 a.m. to 7 p.m., with the media invited to a morning briefing but not the remainder of the day’s events.
Lying your way in
The fictional logistics company, called TLC, will sustain a physical attack, five cyberattacks and what’s called a “social engineering” attack, said Jim Cavanaugh, who will be leading the training exercises for TAG.
An attacker using social engineering tactics might misrepresent himself to get some vital information needed to carry out a cyberattack.
“You might call to say you are a new hire and you lost your password,” Cavanaugh said. “You also have reverse social engineering where a hacker could, say, put out a reward notice and entice someone to come forward and give some compromising information.”
Cavanaugh said about 40 role players will be divided into “defenders” and “attackers.”
“We’ll have a morning briefing, followed by a two-hour period where we do not know what’s going to happen,” Cavanaugh said. “It will be up to the attackers, who have been working on this for six months, to launch their attacks and then the defenders who work for the fictional company will respond. In a real attack, you never know everything that happened, but here, we’re going to peel back the covers a little. We’re giving an inside view of it.”
Cavanaugh said local law enforcement will have representatives present, as will the military, the FBI and the Georgia Bureau of Investigation.
“Say an attack on cyber shuts down your air conditioners or turns your computers off,” Cavanaugh said. “You’ve got to have someone to call. The trick is to have everyone there and maybe they don’t even get called. It’s all up to the role players.”
Local cops train with military
The U.S. Department of Homeland Security will observe the role players’ reactions and issue a report afterward on how well they performed.
This is the second year the event has taken place. Last year, it was at Georgia Tech and focused on a fictitious media company called GNN that came under attack.
Sgt. Dana Pierce, spokesman for Cobb Police, said he could not confirm or deny his agency was participating in the event, but Cobb Police have started participating in joint training programs with the National Guard in recent years.
“We normally do train with the National Guard,” Pierce said, noting most recently the agency joined in a “mass casualties” training event with Army guardsmen.
“Because, in essence, along with law enforcement, they will be your first responders. So we absolutely do train with them,” Pierce said.
Tino Mantella, president and CEO of TAG, the sponsor of the event, said Georgia has more than 300 logistics companies, placing it in the top-five states nationally, and that’s why this form of attack was chosen for the annual training exercise.
Companies such as Manhattan Associates in Cumberland, NCR Corp., Recall Corp. in Norcross and Agilysys Inc. in Alpharetta, are among metro Atlanta companies that could learn from this exercise, he said. He would not say if any of these companies might be making a presence at today’s event, citing “security reasons.”
Problems that come up during an attack are many and varied, he said.
“What do you do with the staff, who do you contact, what information do you give out on the public relations side?” Mantella said. “You’re working to reduce any interruption and protect people’s data. So we want people to leave at the end of a long day knowing how to address a cyberattack.”