UTSA-led exercise focuses attention on cyber security

(Oct. 2, 2003)--UTSA's Center for Infrastructure Assurance and Security (CIAS) has concluded the final phase of Dark Screen, a cybersecurity exercise.

The third phase of the massive year-long effort, which aimed to improve prevention, detection and response to cyberterrorism, ran Sept. 15–24, 2003. The project brought together more than a dozen city, county, regional and federal agencies, and the Air Force, as well as private industry.

"We learned a number of valuable lessons during the exercise, including the need to improve information sharing about cyber events. Many individuals who would be responsible for responding to this type of attack met and came together to plan what would need to happen in the event of a real cyber attack,” said Jim Jorrie, exercise director and CIAS staff member.

The unique cybersecurity exercise was first proposed in 2002 by Rodriguez, a member of the House Armed Services Committee. He is also responsible for naming the exercise Dark Screen.

At the press conference, Rodriguez hailed the success of the first full-scale cybersecurity exercise since Sept. 11. The congressman thanked key individuals who made the project possible, including Mayor Ed Garza, County Judge Nelson Wolff, UTSA President Ricardo Romo, Maj. Gen. Paul Lebras of the Air Intelligence Agency, and Greg White, Joe Sanchez and Jim Jorrie of CIAS.

"The Dark Screen program has proven itself to be a viable model for other exercises across the country," said Rodriguez. "Since the exercise began last week, 27 computer virus-related threats have been reported. During this exercise, the Dark Screen participants have tested our abilities to detect, deter and respond to cyberattacks. With the knowledge they have gained, about what we know and what we don't know, we are that much safer. We are well on our way to establishing San Antonio as a national center for infrastructure security training and preparedness."

Dark Screen comprised three phases. Phase One (Sept. 13, 2002) was a tabletop exercise in which participants tested their responses to various cyberattack scenarios. Phase Two (October 2002 - May 2003) implemented lessons learned from Phase One and included vulnerability assessments of several participants' networks.

Phase Three was a "live exercise" in which participants were given cyber-attack scenarios that played out at their workplaces over the course of a few hours or a day. CIAS personnel monitored and evaluated the participants' actions. The results of the exercise will be used to improve critical response and the public safety network.

Participants in Phase Three of Dark Screen included Bexar County, Bexar County Emergency Operations Center, Bexar Metro 9-1-1, SBC Communications, the City of San Antonio, City of San Antonio Emergency Operations Center, San Antonio Water System, City Public Service, the State of Texas, Bexar Metropolitan Water District, Federal Bureau of Investigation, the Air Intelligence Agency and more than a dozen other municipalities that make up the greater San Antonio metropolitan area.

"We're also discussing the development of a Dark Screen lessons-learned training curriculum for security and infrastructure personnel in other local agencies. UTSA will no doubt benefit as we mature this process with their current courseware and degree programs for IT security professionals," Jorrie said.

CIAS is designed to leverage San Antonio's infrastructure assurance and security strengths and to bolster research and educational initiatives in the field. The multidisciplinary research center is a partnership between academia, the information technology security industry and the local Air Intelligence Agency and aims to address the technical and policy issues of information assurance and security.

The center supports research at UTSA in the College of Sciences, the College of Engineering and the College of Business.