S&T Hackathon: Thwarting Emerging Threats to Critical Infrastructure

This year’s hackathon focused on highlighting and solving three specific problem statements that addressed emerging threats to critical infrastructure:

1. What are strategies for detecting if/when an autonomous vehicle has been hijacked or had its system compromised, and how can this hijacking be prevented or dealt with?

2. How can we identify the presence of illegal activity on open-source networks, while simultaneously protecting our critical infrastructure?

3. What actions (whether they be prevention, detection, or response) can be taken to mitigate attacks on digital elements of our nation’s critical infrastructure?

Participants were tasked with working collaboratively to plan, develop, and present viable solutions to each problem statement.

In total, 73 undergraduate and graduate-level students from across the five COEs and their affiliated universities participated in the hackathon. The students formed their own teams – each choosing one problem statement to address over the course of the weekend.

“The collaborative format of this hackathon created an engaging framework that enabled a diverse group of participants to not only work with each other, but to also learn from skill session leaders and mentors from across academia, industry, military, and DHS who were able to help them craft relevant and targeted solutions to their selected problem statements,” explained CINA Workforce Development and Education Lead Deanna Austin. “It also gave participants a unique opportunity to enhance their knowledge about real critical infrastructure issues that are challenging the security of our country.”

At the end of the event, each team presented their unique ideas to a panel of judges, all of whom were SMEs from the COEs, affiliated host universities, and DHS component agencies.

After judging, four of the teams were awarded a total of $10,000 in prize money for their innovative solutions:

·  Team MSC was awarded $3,000 for its winning solution to problem statement #1. Inertial Navigation Systems (INS) and Domain Awareness Communication Protocols to Facilitate Hijack Detection, proposed by two MSC students, would implement a security system to prevent potential bad actors from using “spoofed” (compromised) GPS signals to trick an autonomous vehicle into deviating from a pre-approved route. This system would enable an autonomous vehicle to share its GPS and INS signals (which tracks the vehicle and can’t be influenced by external factors) with relevant authorities. Any discrepancies detected between the two signals could serve as a warning that the vehicle has been compromised, and enable authorities to take appropriate action.

·  Team Fulcrum (representing CAOE) was awarded $3,000 for its winning solution to problem statement #2. Blockchain and Asymmetric Encryption to Agricultural Supply Chains, proposed by five CAOE students, suggested utilizing blockchain technology (a decentralized, distributed ledger that records the origin of an asset) to enable distributors to keep shared records about where food has been shipped from and where it should be going, in order to prevent illegal activity (e.g., food fraud) as it travels through the U.S. supply chain.

·  CINA ‘Team 7’ was awarded $3,000 for its winning solution to problem statement #3. The four CINA students suggested the use of low-budget, easily accessible cybersecurity protocols – specifically honey users (fake user accounts) and canary tokens (fake files that are designed to generate and send reports when they are accessed), that could be monitored for activities indicative of cyberattacks against critical pieces of infrastructure. In the event a cyberattack is detected, proper authorities could be notified and respond appropriately.

·  Team L33TCOD3R5 (also representing MSC) received honorable mention and $1,000 for its solution to problem statement #3. With Asset-focused Security, the team’s six students recommended implementing routine risk assessment reports as a tool to prevent critical infrastructure cyberattacks. They suggested that data from these reports could be used to determine which pieces of critical infrastructure may be the most vulnerable to a cyberattack, so that targeted security measures could be focused and utilized accordingly.

With the success of this year’s hackathon, Maciejewski is already looking forward to the future. “Our hackathon had a tremendously positive impact on the education and workforce development missions of all the participating organizations, and the students who attended,” he said. “As we start planning for next year’s event, my primary goal is to get the rest of the COEs and their educational affiliates involved so that we can boost recruitment and participation among our minority serving institutions and students, and also broaden the variety of SMEs in the DHS space that attend as well.”

CAOE Education and Workforce Director Anthony Kuhn was impressed with the innovation that took place at the hackathon. “Each year, our participating students and SMEs continue to level-up in terms of the information that they share with each other, and the one-of-a-kind solutions that they propose to very real and current issues,” he said. “We look to continue this trend and ensure that our future events continue to be better and better.”