Over 130 students in CS 542, Introduction to Software Security, taught by Professor Bart Miller, gathered for several hours in Union South’s Varsity Hall on November 7, 2023, to learn about the real world challenges they will face when implementing secure software and systems.
For the second year, the Cybersecurity and Infrastructure Security Agency (CISA) led an exercise — the only of its kind conducted at a university, and focused on students — simulating a ransomware attack against an electric power utility in Wisconsin. Students took on roles of the various organizations that would respond to a real-world cyber attack, such as electric utility officials, information technology staff, cybersecurity incident responders, law enforcement, investigators, and other federal and state agencies and regulators. Before the event, students researched the responsibilities of the roles.
“Ransomware is rampant and increasing,” UW Madison Computer Science Professor Barton Miller said. “In the real world it’s not a question of if you’re going to be attacked or not. You will.”
Known as a “tabletop exercise” — or TTX for short — the event is designed to provide a structured way to walk through a complex cyber incident from beginning to end. “These students are tomorrow’s professionals who will be creating the next generation of secure systems,” said Miller, Vilas Distinguished Achievement Professor and the Amar & Belinder Sohi Professor in Computer Sciences. “This exercise gives context to the important work they will be doing.” The exercise was led by Patrick Skufca and Rebecca Faustina of CISA’s National Cyber Exercise Program (NCEP).
With the help of Dave Schroeder, National Security Research Strategist at UW–Madison, a team of over 20 subject matter experts was assembled from the Wisconsin National Guard, Wisconsin Emergency Management (WEM), the Department of Energy’s (DOE) Argonne National Laboratory, the Federal Bureau of Investigation (FBI), the Department of Homeland Security (DHS), UW–Madison’s Division of Information Technology and Office of Cybersecurity, and an electric utility operating in Wisconsin.
Miller says he looks forward to hosting CISA and other partners again next year as a part of the course.
“The success of this exercise and just how engaged the students are really shows the value of getting different stakeholders together to guide students through thinking about a real world cybersecurity problem,” says Miller. “This gives them more tools to think about the threats.”