At 1700hrs on 11th January, a malware payload triggers. It has exploited a series of vulnerabilities in the operating systems of a series of linked IT networks in numerous sectors. This malware, designed to circumvent safety and security features that have been designed into the operating systems, cloud systems, and software of the transportation infrastructure and telecommunication infrastructure, effectively disables and shuts down the systems. In parallel, the malware propagates the core network of the energy infrastructure, penetrating and overriding the safety parameters, and cascading systems which results in overloading and, consequentially, fires breaking out across commercial and residential properties. Some of the immediate impacts of this include the connected and autonomous transportation network grinding to a halt, location services failing, search and rescue efforts being hampered as they struggle to coordinate rescue efforts, as the technologies they traditionally use to identify and locate casualties are rendered redundant, and significant decision inertia is evident in the fusion and operations centres designed to prepare for and respond to such major incidents with frustration and anger growing within communities.
You may be forgiven in thinking that this is the plot to a major disaster movie but it is actually part of a scenario of a significant Network Plus that has been funded by the Engineering and Physical Sciences Research Council and Defence Science and Technology to consider how an extreme security incident may affect UK cities in the future – in this case in the year 2051.
The Resilience Beyond Observed Capabilities (RBOC) Network Plus is designed to create new knowledge, capabilities, and opportunities for collaboration to help the United Kingdom prepare for such security threats in the coming decades. As such, the scenario underpinning the Network Plus is designed to be complex and cover a significant array of challenges, enabling the network to consider the many different aspects that need to be understood by those developing resilient solutions for future UK cities and systems.
The initial scenario that will be used within the RBOC Network Plus is not a prediction of what might happen in the UK in the future. It is also not expected to be the only version or variation of the scenario that will be used throughout the lifecycle of the project. Instead, it will provide the Network Plus with the ability to explore the potential impacts that might arise from such an attack across many sectors, as well as consider the potential threats and vulnerabilities that might enable a hostile state actor to attack the UK in the future. The full range of risks are considered within the scenario.
The potential threats, vulnerabilities and impacts posed by a hybrid cyber attack in the UK in the future needs to be understood from many different sectoral, disciplinary, and systems-based perspectives. The focus of the RBOC Network Plus is on bringing all of these areas together to consider the challenges and opportunities that might exist from an holistic and integrated perspective – as well as bringing new voices to the design, development, simulation and solutions of security-related scenarios. The RBOC Network+ will, therefore, help improve the UK’s understanding of such an attack from a multidisciplinary and systems-based and bring forward new thinking and solutions for enhancing the UK’s resilience.
Our three core objectives relate to developing Insight, Innovation, and Impact for those tasked with preparing for, responding to, and recovering from such challenges in the UK.
Insight: in responding to the scenario, the RBOC Network+ will investigate what capabilities, techniques and vulnerabilities could be exploited by adversaries to mount high-impact attacks against the UK, and what capabilities (technological, organisational, legal and behavioural) could be used by public authorities (central government, local authorities, first responders) to prepare for and respond to such attacks.
Innovation: in order to develop, accelerate and apply these capabilities to prepare for, respond to, and mitigate threats, the RBOC Network+. will lead and facilitate original research using novel combinations of disciplines and methods and build new relationships between researchers and policy makers and practitioners in government and industry.
Impact: RBOC's research and networks will initiate and facilitate the creation of new understandings and capabilities for government and industry to prepare for, respond to, and mitigate the impacts of major attacks from hostile actors, with immediate uptake from government and industry and a legacy of research programmes, academic engagement, cross- sectoral partnerships and technological, organisational, legal and behavioural capabilities.
Over the course of the Network Plus, activities will be based around different challenges areas that will help us consider and answer research questions that will help us become more resilient. These challenge areas and questions include:
Adversary Capabilities: Who or what might want to cause us harm?; How can advances in science and technology enable adversaries to threaten and disrupt the UK?; and what tools, and methods could be used to threaten, attack or exploit our vulnerabilities?
Our Capabilities: What technologies may be available by 2050 and how can they be exploited for protecting the UK?; How could we enhance the efficiency of casualty identification, location, transportation and triaging in the aftermath of the attack?; How can we minimise additional effects through reliable, resilient and self-repairing systems?; How do we ensure we reach casualties if connected and autonomous transportation networks are disrupted?; How do we exploit multi-domain (semi) autonomous systems and what challenges will there be?
Physical Environment: How will cities work/not work in 2050?; How will environmental challenges (including climate change) impact on preparation and response to incidents and how might they augment it?
Societal Challenges: How will whole-of-society resilience activities in 2050 support communities as they prepare for, and respond to, threats?; How can communities and government provide mutual support during the response e.g. from behavioural science, identify impacts/vulnerabilities, combat misinformation?; How do government support communities during recovery?; How can we make Smart Cities more resilient before 2050?
Responding and Decision Making: How will organisations understand, communicate, and mitigate different security risks?; How can they enhance resilience to attack in systems, organisations, people, protocols, processes, and support for recovery, damage assessment and mitigation?; What will future resilience, emergency planning and civil contingency policies look like?; And how can responders coordinate efforts and information to be resilient through technological interoperability and uncertainty?
Data, Information and Communications Infrastructure: How can we detect threats? how can we get information and share it effectively?; How should we communicate to minimise risk?; What will future communication infrastructure likely be in 2050?; What data might be used for preparing and responding to incidents in 2050?; What would the optimal infrastructure look like?; How do we get real time information to responders?; How can we use multi-domain platforms for real time response data and information and longer term recovery and resilience?
For researchers, government and industry wishing to find out more about our the RBOC Network Plus, you can find us at rboc.ac.uk where you can sign up to the network.
We will be publishing blogs over the duration of the project related to the scenario and our challenge areas and coordinating events and activities around these. Please look out for them and we look forward to engaging engaging with you to help us understand the challenges more effectively.
Professor David Mcilhatton
RBOC Network Plus