Cyber security is one of the most important issues with the technology we have today, if not the most important. Mercyhurst always encourages students to get hands-on experiences before they graduate, and students in the cyber security major have a lot of opportunities ahead of them.  

A large-scale cyber attack simulation was recently sanctioned by the Department of Defense, and Mercyhurst faculty, staff, and students were invited to participate. 

According to the US Army website, “The three-day exercise is intended to build unity of effort and familiarity with the effects of a cyber-attack among all partners of Homeland Defense (HD), All-Hazards, Defense Support of Civil Authorities (DSCA)/Chemical, Biological, Radiological and Nuclear (CBRN) to prepare for disaster response and consequence management.”  

The exercise lasted from March 8-10 and each day had different activities for the attendees to watch.  

The first day had academic presentations and Mercyhurst’s own Cyber Security professor, Christopher Mansour, Ph.D., gave a presentation about Industrial Control System (ICS) threats. Mansour decided on this topic due to the fear of retaliation from Russia and Ukraine in their war; his goal was to educate people on why our critical infrastructure needs to be secured and what we can do to protect it. Mansour explained that most cyberattacks are usually targeting critical infrastructure because it tends to have a larger effect on the country as a whole as opposed to just technology.  

The second day was a Tabletop Training exercise and Red Team Maneuvers. Mercyhurst’s Brian Fuller, director of operations for Ridge College, helped moderate the tabletop exercise and also assisted with Red Team activities.  

The point of the Red Team activities is to find vulnerabilities in security and begin planning how to combat these vulnerabilities.  

Students Ryan MacGurn and Matther Sorensen both attended the event to assist with the tabletop exercises.  

MacGurn said, “the cybersecurity program at Mercyhurst laid out the foundation and theory to go out and do his own research by applying it to the real world.”  

MacGurn’s red team exercise was played from the hacker’s perspective and how to counterattack the hacker’s response in different scenarios. Fuller describes the exercise as a “comprehensive reaction to an event if it were to occur.”

The third day was a Communications Exercise.  

Fuller’s goal is “to increase student participation as this experience puts Mercyhurst at a vanguard of cyber security and intelligence education in the nation.”  

Both cybersecurity and intelligence students collaborated to prepare for this exercise and they impressed their audience. The event planners reached out to Fuller to state how impressed they were with how prepared the students were and how they executed the exercises.  

Another aspect of Fuller’s goal is to have an event here at Mercyhurst that is even more realistic. Fuller has a meeting with John Kelly, port security specialist for U.S. Coast Guard Sector Buffalo, at the end of the month, to discuss bringing an event here so that more students have the opportunity to participate.

Mansour, MacGurn and Fuller all commented on the fact that it was nice to see how people were willing to sacrifice their lives to help others who were victims of an attack.  

Mansour said, “The military police, military, coast guard all have your back and that is what is great about this country.”

Mansour’s favorite part of the exercise was “watching Ryan and Matt conduct their exercise and seeing them excel at it.”  

MacGurn’s favorite part of the exercise was “getting to know faculty on a more personal level and seeing how they care about their students and how they have their backs.”

Fuller said, “This exercise was a foundation for getting everyone thinking of what to do for these scenarios, now they need to build the house upon the foundation to truly think of possible scenarios to mitigate the fallout from an attack.”