Cybersecurity course has trained thousands

Marty Edwards, of the Department of Homeland Security, explains to reporters Friday the training cybersecurity professionals underwent to prevent and mitigate hacks of critical infrastructure such as electricity grids.

The siren fires off and an orange light flickers, warning an information technology professional that a hacker has infiltrated an infrastructure network.

This is only a training exercise. But Marty Edwardssaid the tension can feel real to trainees sitting in the mock-up chemical plant that has been hacked. Edwards is the industrial control systems and cyber emergency response team director for the Department of Homeland Security’s Idaho Falls office. The hands-on training tool is housed at Idaho National Laboratory’s cybersecurity training facility located on Lindsay Boulevard.

INL partnered with Department of Homeland Security to perform the training, and Friday saw its 100th class of Industrial Control Systems Cybersecurity completed.

The course has trained more than 4,000 cybersecurity professionals since its inception in 2007, an INL news release said.

The training has been extended to public and private industry professionals, with people from more than 52 nations receiving the training.

The nationally lauded program offers advanced cybersecurity training in a one-week course aimed at educating cybersecurity professionals on how to prevent or mitigate an attack on critical infrastructure.

A simple phishing email could lead to total control over vital infrastructure such as municipal water or an electric grid. If a phishing email is opened, a bit of malicious code could infect the infrastructure and give a hacker full control over it.

In Friday’s demonstration “hackers” took the controls of a chemical plant.

Edwards said there have been numerous reports of hackers injecting ransomware — a malicious malware that locks a victim’s data and requires payment to unlock it — from this phishing scam. He said the training helps cybersecurity professionals prevent the attacks and combat ransomware once it has infected a network.

The training covers a multitude of known cyber-attack methods.

“This is a weeklong course that covers a multisector, multisegment training on attack methods and all the responsive defense methods that go with that,” Edwards said.

The course concludes with trainees teaming up as either attackers or defenders of a mock chemical plant. Dubbed the Red Team/Blue Team exercise, trainees put their knowledge to the test and implement their training.

Tara O’Brien, a 15-year veteran of information technology, attended the training to learn tools on defending the water sector industry she covers in San Diego County, California.

“The week of training is a culmination of a lifetime of skills developed that they try to share with us over this very small amount of time; it was challenging,” O’Brien said. “No matter what role you play in a company, you have to be cybersecurity aware … It’s not an if it’s going to happen, it’s when.”

Zachary Tudor, INL associate laboratory director for national and homeland security, whose team implements the training, said it helps cybersecurity professionals identify vulnerabilities in their networks and establish stopgaps to prevent hacking.

“Here at the Idaho National Lab we have been a leader at cybersecurity especially for critical infrastructure like electric grids and oil and gas, keeping those safe so people can sleep silently at night and not have to worry about it,” Tudor said. “I think it’s great to know that Idaho is really the center of the cybersecurity education for the world.”

Reporter Tom Holm can be reached at 542-6746