U.S. Cyber Command is working with the energy sector and the Department of Energy as a way to bolster their relationship in case of a malicious, or catastrophic, cyberattack.
Cyber Command follows a philosophy of persistent engagement — the notion that it has to be in constant contact with adversaries in friendly, neutral and enemy cyberspace — and officials have stressed this includes enabling other partners. It also includes using its unique authorities to operate outside U.S. networks as a way to provide warning for domestic agencies about potential threats.
Now, the Department of Defense and Cyber Command are working on a pathfinder effort with DOE. As part of the initiative, the Pentagon has tasked staffers with better understanding how the energy sector operates.
The exercise, called Grid X, examined a catastrophic power failure, Maj. Gen. Stephen Hager, deputy commander of the Cyber National Mission Force, said during an Oct. 15 panel at the annual Association of U.S. Army conference.
The CNMF’s teams watch specific adversaries and work to target those actors before they reach U.S. cyberspace.
Hager said Cyber Command’s role in the exercise was to determine what kind of help the Defense Department can provide in one of those catastrophic events. This could include offering response teams or taking action against a cyber adversary.
He also said they can conduct what’s called defensive cyber operations-response actions — which are “defensive” operations that take place off the DoD’s networks and are the same actions taken by offensive cyber teams — to make the immediate cyber effect go away.
“A lot of it is just engagement to see how they’re operating because we don’t have the authorities to do anything domestically. We have to have either a [Defense Support to Civil Authorities] request or somebody has to specifically ask us for support,” he said.
Other officials have noted the importance of these pathfinders in helping DoD be better prepared to step in an help if need be.
“Some of these pathfinder activities have been really helpful for us to understand what is actually critical and how would we approach our operations for the different perspective to help them in their defense," then Maj. Gen. Timothy Haugh, the previous commander of the Cyber National Mission Force, said in May. He has since earned his third star and leads 16th Air Force.
Hager explained the importance of this engagement and what it means for his forces.
“My soldiers and airman and Marines are getting trained on somebody’s infrastructure," he said. "And that helps us in the long run be better military folks and then it also helps us build those relationships.”
Much of the energy sector’s infrastructure is different from the internet-based infrastructure cyberwarriors are trained and operate on. The military has made an effort recently to increase training on these industrial control systems (ICS) and supervisory control and data acquisition, known as SCADA, systems for both offensive and defensive purposes given they can be both a vulnerability if targeted, but also useful targets themselves.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.