Ransomware attacks and water bottles: behind the scenes at the CDT summer school: Oliver Bock-Brown

 10:07am, 28 June. Alphaland Health Services is hit by a major ransomware attack, taking down key computer systems throughout the country’s health services, and potentially impacting a critical vaccine manufacturer. Teams representing a range of organisations, from the President’s Office down to ISPs and threat intelligence firms, scramble to work out what is going on, and how to respond to this threat. In a rapidly changing environment, the teams frantically communicate with each other in a desperate attempt to identify the perpetrators and stop further attacks from happening. But when indications point to the militaristic neighbouring state of Bravoland, how will they respond? Will the teams feel they have enough reliable information to launch a counterattack? Or will the doubts from some groups be enough to prevent all-out war?

That was the situation facing attendees on the first morning of this year’s joint CDT summer school, a three-day event predominantly run by a team of CDT students from the five institutions involved (RHUL, Bath, Bristol, UCL and Oxford). The opening crisis simulation, orchestrated by Royal Holloway’s own Neil Ashdown, placed ten teams into this fictional scenario, and asked them to respond under increasing pressure as confusing, and sometimes misleading, updates were fed to them throughout the morning. Those of us running the morning’s activities watched as the teams fired off messages on the Discord server and reacted to the scenario injects that we gave them. It was fascinating to see how the scenario developed a life of its own, as decisions were made by the teams in the heat of the moment. In the end, we drew to a close just as the teams launched a major cyberattack against Bravoland, plunging their capital city into darkness, and prompting outcry from the Bravoland ambassador.

Despite the amusing moments, simulations like this have a serious side. They bring together large groups of people, often from a variety of disciplines and backgrounds, and ask them what they would do if they were faced with a complex situation like a ransomware attack. It’s one thing to think theoretically about a multifaceted sociotechnical issue like this, yet quite another to experience a simulated, real-time attack. Combine this with the need to work with other groups of people to come up with a coherent response – some of whom may have very different sets of priorities – and you’ve got a potentially highly illuminating learning experience. This sort of exercise can, therefore, be very useful in thinking through possible futures, in a variety of arenas. It allows people to experience a plausible future in a much more immersive way than a dry report could possibly achieve, and in the process, it can shape thinking, and help people picture futures that they want to work towards, or avoid. Indeed, scaled up, these exercises can also potentially help reveal those ‘unknown unknowns’ that Donald Rumsfeld so famously highlighted following 9/11, as they help to generate insight into novel situations.

Following this opening crisis simulation, the summer school provided many further opportunities for interdisciplinary collaboration and learning for the PhD students attending. This is arguably more important than ever when most people are still working remotely, and perhaps finding it difficult to connect with people outside of their immediate circles and disciplines. To that end, we had a range of events and activities on offer throughout the three days, under the theme of ‘Resilience: Systems, Societies and Threats’, including keynotes from Bruce Schneier, Jason Healey, and Ciaran Martin, and skills sessions from Lizzie Coles-Kemp and Rikke Bjerg Jensen. And on day two, the CDTs organised a data visualisation challenge that, I think it’s fair to say, gave what abilities we had a strong workout. The judges were very generous in their feedback, however, with the challenge proving an illuminating insight into what can be achieved with data science.

Behind the scenes, a lot more work went into organising this event than I had initially imagined. The student organising committee first convened months before the event itself, with big aspirations and a feeling of ample time. This quickly morphed into disbelief at the speed with which the event was approaching. We worked frantically to organise speakers, schedule events, and bring together the programme before we hit our deadline. The original student committee ended up branching as subcommittees were formed, focused on things like the crisis simulation and the delegate packs. At one point we even ended up with a subcommittee within a subcommittee, as we tried to get the graphic design sorted for printing (picture it as the bureaucratic equivalent of ‘Inception’…). If there’s one lesson to be drawn here, it’s that getting custom t-shirts and water bottles printed is surprisingly hard work.

Ultimately, the committee managed to bring everything together for a fun three days at the end of June, which included delegate packs being sent to participants’ homes, complete with a most excellent branded metal water bottle. For those of us on the committee, it was a valuable chance to get to know, and work with, people from the other cybersecurity CDTs – an opportunity to be valued even more given the physical disconnect of the past eighteen months. And I hope the range of events, from the crisis simulation to the skills sessions, proved useful and enjoyable for the fifty or so attendees, too. Perhaps they even stimulated an idea or two. Indeed, to quote Inception, “an idea is like a virus. Resilient. Highly contagious. And even the smallest seed of an idea can grow. It can grow to define or destroy you.” If just a few seeds of ideas were planted, then I think we can count the event a success.



Comments

Popular posts from this blog

Remote working and Cyber Security: Georgia Crossland and Amy Ertan

New Publication: Remote Working and (In)Security?: Amy Ertan

The Artificial Intelligence Monster: Nicola Bates