MACCDC 2014 Scenario Summary
This year’s scenario is built around disaster management.
A major winter storm (more significant than the blizzard of 1993) has caused catastrophic damage across the state of Maryland necessitating delivery of aid to affected residents. The governor of Maryland has declared a state of emergency due to the extent of the natural effects and the compounding effects resulting from the cyber attacks. The president of the United States has declared a national state of emergency in the affected areas of Maryland. The federal incident command system (ICS) has been implemented with a federal incident commander from the National Cybersecurity & Communications Integration Center (NCCIC) within the Department of Homeland Security Office of Cybersecurity and Communications.
The Maryland Emergency Management Agency (MEMA) has established a state incident commander from MEMA who is relying heavily on the Cyber Defense Operations commander for direct interactions with computer network defense (CND) providers within Maryland to mitigate the negative effects on immediate aid distribution arising from cyber attacks.
The eight Blue Teams will be responding as field operations units deployed to specific areas designated as local disaster aid distribution centers. The field operations teams will be responsible for deploying the data systems necessary to support the disaster response activities and delivery of aid to the local site. This part of the mission will involve physical layer components and establishment of connections to a higher-level management center. Once deployed, the units will then maintain their systems to ensure that the necessary data arrive at the MEMA incident command center.
The field units will also be responsible for defending their systems from a transnational terrorist organization with potential nation-state support. This organization is taking advantage of this natural event by conducting cyber operations focused on the state of Maryland. These actions disrupt confidence in the federal, state, and local governments. The terrorists create confusion and disorder by making the explicit statement “the government cannot protect you.” These cyber attacks are attempting to prevent the needed distribution of aid through attacks within the information technology supporting regional aid distribution centers.
Spectators at this year’s competition will play the role of displaced persons and will be providing data that will specify the type and quantity of aid needed.