Kompas AI skal være utviklet for kontinuerlig dyptgående forskning og rapportgenerering, noe som gjør det ideelt når målet er en omfattende analyse, ikke bare et svar (ByteBridge, 2025). At noe er utviklet for å generere forskningsrapporter betyr ikke at det gir gode svar på universitetsoppgaver, så la oss se hva som skjer når dette verktøyet prøver seg på AK1 i ORG5005.
Det er begrensninger på antall ord, så oppgaveteksten måtte kuttes, og fokuset ble på øvingsdirektiv og kommentarnotat til dette. Teksten ble lagt inn på norsk, men Kompas svarte på engelsk.
STEG 1 Ordinær rapport
<Svar Start>
# Exercise Directive for Handling Hybrid Attacks with Focus on Digital Infrastructure Failure
## 1. Situation Overview
### Background
A comprehensive hybrid attack that includes both digital and physical threats can dramatically affect an organization’s ability to handle crisis situations. Loss of digital infrastructure can lead to disruptions in communication, data access, and situational awareness. As demonstrated in incidents like the 2015 Ukrainian power grid attack and the 2017 NotPetya cyberattack, this can create dependency issues with the digital tools that organizations rely upon. When critical systems fail during a crisis, organizations must quickly adapt to operate without their standard technological support.
### Problem Statement
– **What happens to our mission execution when digital infrastructure disappears?**
– **Have we become dependent on digital support tools to such an extent that we cannot function without them?**
– **How can we prepare for scenarios where digital infrastructure fails during different types of crises (cyberattacks, natural disasters, physical sabotage)?**
– **How does the loss of digital infrastructure affect you as a leader in various emergency response roles (police, fire department, paramedic, emergency manager in private or public sector)?**
– **What alternative procedures must be in place to maintain operational continuity during digital infrastructure failure?**
## 2. Mission
### Objective
Develop an exercise directive for a training scenario focusing on hybrid attacks and the failure of digital infrastructure. The exercise should contribute to increased awareness and preparedness against such threats.
### Learning Goals
– Be able to develop, contribute to, understand, and further enhance exercises focusing on hybrid attacks and digital infrastructure failure.
– Increase awareness of challenges related to one’s own role and unit’s mission execution during digital infrastructure failure.
### Exercise Directive
#### **1. Planning and Preparation**
– **Scenario Development**: Develop a realistic scenario that includes a hybrid attack with both cyber and physical threats. The scenario should simulate the failure of critical digital infrastructure such as communication systems, data servers, and internet connections. For example, include a coordinated cyberattack that disables emergency service dispatch systems while physical sabotage affects backup power systems.
– **Objectives**: Define clear goals for the exercise, including assessment of ability to maintain operations without digital infrastructure, identification of alternative communication methods, and evaluation of manual procedures.
– **Resource Allocation**: Identify necessary resources, including personnel, equipment, and facilities for conducting the exercise. Ensure access to manual resource management guides and alternative communication tools such as radio equipment, physical maps, and pre-printed forms.
#### **2. Exercise Execution**
– **Initial Phase**: Initiate the exercise with a simulated cyberattack that leads to digital infrastructure failure. For instance, simulate a ransomware attack that encrypts critical databases and disables networked systems. Subsequently introduce physical threats that require immediate response, such as reports of sabotage at key facilities or suspicious packages at critical infrastructure sites.
– **Communication**: Implement alternative communication methods, such as radio communications, manual signals, and the use of messengers. Evaluate the effectiveness and reliability of these methods under time pressure and stress conditions.
– **Resource Management**: Use manual resource management guides to allocate and coordinate resources. Evaluate the effectiveness of manual procedures and identify areas for improvement, particularly focusing on the time difference between digital and manual processes.
– **Leadership and Coordination**: Test leadership and coordination functions during the crisis. Assess the leader’s ability to maintain control and decision-making without digital support, including their capacity to gather information, process it manually, and disseminate commands effectively.
#### **3. Evaluation and Learning**
– **Debriefing**: Conduct a thorough review of the exercise with all participants. Identify strengths and weaknesses in handling the scenario using specific metrics such as:
– Response time comparison (digital vs. manual processes)
– Information accuracy and completeness
– Resource allocation efficiency
– Decision-making quality under pressure
– Team coordination effectiveness
– **Learning Points**: Document learning points and recommendations for improvement. Develop action plans to address identified weaknesses, with clear timelines and responsibility assignments.
– **Future Exercises**: Plan future exercises focusing on continuous improvement of preparedness against hybrid attacks and digital infrastructure failure. Establish a progressive training schedule that builds complexity with each iteration.
### Reflection Note
#### **Reflections on the Exercise Directive**
– **Experiences from Own Organization**: Reflect on previous experiences with crisis management and exercises. How have digital tools influenced our ability to handle crisis situations? What manual procedures do we have in place, and how can they be improved? Consider recent incidents where digital systems were compromised or unavailable, and how the response was affected.
– **Dependency on Digital Tools**: Assess the degree of dependency on digital tools in our organization. How does this dependency affect our ability to maintain operations during a hybrid attack? Conduct an inventory of critical functions and determine which ones have adequate non-digital backups.
– **Preparation for Future Attacks**: How can we better prepare for future hybrid attacks? What measures can we implement to reduce our dependency on digital systems and strengthen our manual preparedness? This might include regular training in manual procedures, maintaining updated physical documentation, and establishing clear chains of command for non-digital operations.
#### **Conclusion**
Developing and conducting exercises that focus on hybrid attacks and digital infrastructure failure is essential for strengthening an organization’s crisis preparedness. By identifying alternative communication methods, improving manual procedures, and reducing dependency on digital tools, we can build a more robust and resilient organization capable of maintaining operations even when critical digital systems fail.
Key takeaways include:
1. Regular practice of manual procedures is essential for maintaining proficiency
2. Documentation must be accessible in physical form during digital outages
3. Leadership must be prepared to make decisions with incomplete information
4. Alternative communication channels must be established and tested regularly
5. Cross-training personnel ensures operational continuity during specialized system failures
Next steps should include developing a comprehensive manual operations plan, establishing regular training schedules for non-digital procedures, and creating a physical resource library accessible during digital infrastructure failure.
<Svar Slutt>
STEG 2 Videre «forskning»
<Svar Start>
# Hybrid Attacks and Digital Infrastructure Crisis Preparedness
## 1. Situation Overview
### Background
A comprehensive hybrid attack that includes both digital and physical threats can dramatically affect an organization’s ability to handle crisis situations. The loss of digital infrastructure leads to disruptions in communication, data access, and situational awareness. Incidents such as the 2015 Ukrainian power grid attack and the 2017 NotPetya cyberattack have demonstrated that such attacks can create a heavy dependency on digital tools that organizations rely upon. For instance, during the Ukrainian power grid attack, significant communication disruptions occurred because operators could not access necessary control systems or communicate effectively with field personnel. Similarly, the NotPetya attack resulted in widespread data access issues, crippling the ability of several organizations to retrieve critical information and maintain situational awareness.
When critical systems fail during a crisis, organizations must quickly adapt and operate without their standard technological support. In the Ukrainian power grid attack, affected organizations turned to manual operations and alternative communication methods to restore power and manage the crisis. In parallel, companies struck by the NotPetya attack implemented contingency plans, such as reverting to pen-and-paper methods and utilizing offline backups to sustain their operations.
### Problem Statement
– **What happens to our mission execution when digital infrastructure disappears?**
– **Have we become dependent on digital support tools to such an extent that we cannot function without them?**
– **How can we prepare for scenarios where digital infrastructure fails during different types of crises (cyberattacks, natural disasters, physical sabotage)?**
– **How does the loss of digital infrastructure affect you as a leader in various emergency response roles (police, fire department, paramedic, emergency manager in private or public sector)?**
– **What alternative procedures must be in place to maintain operational continuity during digital infrastructure failure?**
### Additional Research Questions
– **What were the specific impacts on communication, data access, and situational awareness during the 2015 Ukrainian power grid attack and the 2017 NotPetya cyberattack?**
– **How did the organizations affected by these attacks adapt their mission execution in the absence of digital infrastructure?**
– **What are the quantifiable dependencies on digital support tools across different types of organizations (e.g., public vs. private sector)?**
– **What are the statistical probabilities of various types of crises (cyberattacks, natural disasters, physical sabotage) leading to digital infrastructure failures?**
– **How do different emergency response roles (e.g., police, fire department, paramedic) vary in their reliance on digital infrastructure, and what historical data supports these findings?**
– **What are the most effective alternative procedures that have been implemented to maintain operational continuity during digital infrastructure failures?**
– **Are there documented case studies or incidents where organizations successfully managed crisis situations without digital support tools, and what can be learned from these examples?**
– **What are the best practices for training leaders in emergency response roles to handle scenarios where digital infrastructure is compromised?**
## 2. Mission
### Objective
Develop an exercise directive for a training scenario focusing on hybrid attacks and digital infrastructure failure. The exercise should contribute to increased awareness and preparedness against such threats.
### Learning Goals
– Develop, contribute to, and understand exercises focusing on hybrid attacks and digital infrastructure failure.
– Increase awareness of challenges related to individual roles and units during digital infrastructure failure.
– Identify the most common types of hybrid attacks that have targeted digital infrastructure in recent years.
– Understand the frequency and impact of hybrid attacks across different sectors.
– Learn from successful training exercises to improve awareness and preparedness.
– Address key challenges associated with maintaining mission execution during digital infrastructure failures.
– Implement role-specific strategies to enhance responses during hybrid attacks.
– Develop comprehensive training scenarios that accurately simulate hybrid attacks and digital infrastructure failures.
– Explore weaknesses in digital infrastructures that contribute to the success of hybrid attacks and learn corresponding mitigation measures.
### Exercise Directive
#### 1. Planning and Preparation
– **Scenario Development**: Create a comprehensive and realistic scenario that combines both cyber and physical threats. The scenario should simulate the failure of critical digital infrastructure such as communication systems, data servers, and internet connections. For example, orchestrate a coordinated cyberattack that disables emergency service dispatch systems while physical sabotage disrupts backup power systems. Consider incorporating ransomware, Distributed Denial of Service (DDoS) attacks, and Advanced Persistent Threats (APTs) for a diverse range of cyber threats.
– **Objectives**: Define clear and measurable goals for the exercise. Goals should include assessing the ability to maintain operations without digital infrastructure, implementing alternative communication methods, and evaluating manual procedures. Ensure that these objectives are specific, achievable, and relevant to the participants’ roles.
– **Resource Allocation**: Identify and allocate the necessary resources, including personnel, equipment, and facilities, for the exercise. Ensure that participants have access to manual resource management guides and alternative communication tools such as radio equipment, physical maps, and pre-printed forms. Consider incorporating redundancy to simulate real-world constraints and challenges.
#### 2. Exercise Execution
– **Initial Phase**: Begin the exercise by simulating a cyberattack that results in the failure of digital infrastructure. For instance, start with a ransomware attack that encrypts critical databases and disables networked systems. Follow this by introducing physical threats that require immediate responses, such as reports of sabotage at key facilities or suspicious packages at vital infrastructure sites.
– **Communication**: Test alternative communication methods, including radio communications, manual signals, and the use of messengers. Evaluate the methods for effectiveness and reliability under time pressure and stress. Consider conducting stress tests to assess the resilience of these alternative methods.
– **Resource Management**: Use manual resource management guides to allocate and coordinate resources. Assess the effectiveness of manual procedures by focusing on the differences in response time when compared to digital processes. Include scenarios where participants must rapidly adapt to changing conditions and resource constraints.
– **Leadership and Coordination**: Evaluate leadership and coordination functions during the crisis. Assess leaders’ abilities to control situations and make decisions without digital support, including compiling information manually and disseminating commands effectively. Consider role-playing exercises to simulate real-world decision-making scenarios.
#### 3. Evaluation and Learning
– **Debriefing**: Conduct a comprehensive review of the exercise with all participants. Identify strengths and weaknesses in handling the scenario using specific metrics, including:
– Response time comparison (digital vs. manual processes)
– Information accuracy and completeness
– Resource allocation efficiency
– Decision-making quality under pressure
– Team coordination effectiveness
– **Learning Points**: Document key learning points and recommendations for improvement. Develop action plans to address identified weaknesses with clear timelines and assigned responsibilities. Incorporate participant feedback to enhance the relevance and effectiveness of the action plans.
– **Future Exercises**: Plan and schedule future exercises aimed at continuously improving preparedness against hybrid attacks and digital infrastructure failures. Establish a training schedule that incrementally increases in complexity. Ensure that the schedule allows for the incorporation of lessons learned from previous exercises and includes opportunities for skills development and refinement.
By following these directives, organizations can enhance their readiness to respond to hybrid attacks and digital infrastructure failures, ultimately contributing to greater resilience and security.
## Reflection Note
### Reflections on the Exercise Directive
– **Experiences from Own Organization**: Reflect on previous crisis management experiences and exercises. Consider which digital tools have been most influential in past exercises, how the organization responded to incidents where digital systems failed, and the outcomes of those responses. Evaluate the manual procedures used during past digital outages and consider improvements based on these experiences. Reflect on recent incidents of digital system compromise or unavailability, and assess how the response was affected.
– **Dependency on Digital Tools**: Assess the organization’s level of dependency on digital tools. Identify critical functions that rely on digital tools and examine which functions have non-digital backups. Evaluate how dependency on digital tools affected the organization’s ability to maintain operations during previous hybrid attacks. Identify gaps in non-digital backups for critical functions by conducting an inventory.
– **Preparation for Future Attacks**: Consider measures to better prepare for future hybrid attacks. Identify specific actions that can reduce dependency on digital systems and strengthen manual preparedness. These measures might include regular training in manual procedures, maintaining updated physical documentation, and establishing clear chains of command for non-digital operations. Determine how frequently manual procedures should be practiced to maintain proficiency, and develop training schedules accordingly. Establish and communicate clear chains of command for non-digital operations, and identify alternative communication methods to be tested regularly. Consider instituting cross-training programs that ensure personnel can sustain operational continuity during specialized system failures.
#### Conclusion
Developing and conducting exercises focused on hybrid attacks and digital infrastructure failure is essential for strengthening an organization’s crisis preparedness. By identifying alternative communication methods, improving manual procedures, and reducing dependency on digital tools, organizations can build a more robust and resilient response capability. Key takeaways include:
1. Regular practice of manual procedures is essential for maintaining proficiency.
2. Physical documentation must be accessible during digital outages.
3. Leadership needs to be prepared to make decisions with incomplete information.
4. Alternative communication channels must be established and regularly tested.
5. Cross-training of personnel ensures operational continuity during specialized system failures.
Next steps should involve developing a comprehensive manual operations plan, establishing regular training schedules for non-digital procedures, and creating a physical resource library accessible during digital infrastructure failures. Essential elements of such a plan include clear chains of command, alternative communication methods, and updated physical documentation. Additionally, ensuring effective implementation and monitoring of training schedules will help maintain proficiency and readiness.
<Svar Slutt>
Konklusjon
I begge tilfeller er svarene «retningslinjer» for hvordan utføre arbeidet og verktøyet fremkommer ikke med et komplett oppsatt øvingsdirektiv eller kommentarnotat. Og det er vel også ganske åpenbart at Kompass AI, på samme måte som de andre «KI-verkøyene» ikke skjønner hva som etterspørres.
