[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] Cyber War Game Tests Future Troops
Forwarded from: William Knowles <wk@xxxxxxx>
By Brian Krebs
washingtonpost.com Staff Writer
Wednesday, April 23, 2003
In a basement lab littered with computers, monitors and chalkboard
diagrams, 14 Naval Academy midshipmen are buzzing about the latest
hacker assault on the computer network they created.
Hackers have penetrated their network and erased a database. But lead
technician James Shey, stifling a yawn, says this attack is no big
deal -- his team saved a backup copy.
Shey has slept a total of five hours out of the last 36. He and the
other future Navy officers have been standing cybersecurity watch as
part of the third annual Cyber Defense Exercise. The midshipmen, along
with teams from the nation's four other service academies, are
defending home-grown computer networks from attack by specialists from
the National Security Agency, the United States's ultra-secretive
surveillance and spy agency.
The war in Iraq drove home the fact that the U.S. military is heavily
dependent on sophisticated electronic communications and information
technology. As the Pentagon deploys even more advanced systems,
planners are acutely aware that a hacker could kill more U.S. soldiers
with bits and bytes than with bombs or bullets.
A porous military network deployed on the battlefield, for example,
could allow the enemy to inject misleading information about the
location of allied and enemy forces, leading to friendly fire
casualties or an enemy ambush, said U.S. Army Lt. Col. Daniel
Ragsdale, assistant professor of computer science at the U.S. Military
Academy at West Point, and co-founder of the exercise.
"We are so highly dependent on information technology that if we don't
do the hard work we're doing here, that could soon become a real
Achilles heel for us," Ragsdale said. "A network compromise in the
battlefield means we could be fed bad information, which could easily
Thus the cyber defense program was born to challenge the notion that
cyberattacks are an annoying but non-lethal threat to U.S. forces.
Begun at West Point in the late 1990s, the training program took off
in 2000 when the NSA sent computer scientist Wayne Schepens to the
academy. Schepens offered the services of the NSA's own computer
security experts, who regularly probe the Defense Department's
networks for security holes.
The program is specifically a product of the service academies and the
NSA, and is not part of any Pentagon computer security of
The excercises are, however, "a microcosm of what's going on in our
military overall today," said John Arquilla, associate professor at
the Naval Postgraduate School.
"Our military relies on advanced communications and technology to know
where the enemy is, and the destruction or disruption of that flow of
information can cripple them," he said. "The information technologies
that make us so strong are also our biggest weaknesses."
This year's exercise took place on closed "virtual private networks,"
rather than on the Internet. Teams of eight to several dozen students
-- mostly computer science majors -- defended their systems against
the NSA hackers from Monday morning to Thursday afternoon. The teams
were based at their respective military academies, while the "hackers"
operated from NSA headquarters at Fort Meade, Md. West Point and the
Air Force Academy competed in the first exercise in 2001. The Naval
and Coast Guard academies joined last year, and the Merchant Marine
Academy joined this year.
As with golf, the winner is the team with the least number of points.
Earning points is bad, because it means the enemy was able to bring
down part of the network or corrupt its contents.
"What you have here is an exercise in battlefield conditions, where
teams were assessed points for any sustained damage to their systems,
with each point considered equal to a loss of life," said Bradford
Willke of the government-funded CERT Coordinating Center at
Pittsburgh's Carnegie Mellon University, which provided the referees
for this year's exercise.
Computer security experts know that the battle against hackers never
ends. To shake things up this year, the NSA changed the ground rules,
adding new twists like insider threats and "injection attacks," where,
for example, teams are asked to shut down the machine running their
database and e-mail servers and find other ways to provide those
services within a given amount of time.
Such tactics force even the most well prepared teams to improvise and
innovate under unforeseen, high-pressure situations, said Midshipman
1st Class Jessie Grove, the leader of the Naval Academy team.
"Our network went from this big beautiful, complex, super-secure
system to something we were fixing on the fly and hoping we could just
make work," she said.
On Wednesday, the NSA told the teams to disable their firewalls for
several hours at a time. The request came after a period of relatively
little activity from the hackers, which led Midshipman Trevor
Baumgartner to boast that the Navy group's defense technologies had
stymied the NSA hackers.
"I thought we were going to be fixing things left and right nonstop,
but [it] seems like they just got tired of trying to hit us,"
Thomas Hendricks, a visiting NSA professor at the Naval Academy,
chuckled at the notion that the NSA team used the firewall exercise as
a last resort. The loss of the firewall, he said, exposed an unsecured
administrative account on the Navy's network, allowing the NSA to
"They were taught -- though I'm not sure how much they listened -- to
protect as many layers of the network as possible," Hendricks said.
"This part of the exercise was designed to see how many layers of
protection they had in place."
Some in the Navy group also suspected that the hackers tried to use
social engineering to gain access to privileged information. That is,
instead of relying on their knowledge of computers, they tried to con
their way in.
Midshipman Jason Kolligs said he got a telephone call Thursday morning
from someone claiming to be a "white cell" member at the Coast Guard
team. The caller asked him to send an e-mail to test their message
server, but Kolligs and his teammates refused after agreeing that
something about the call didn't seem quite right.
"I just told the guy on the other end of the phone that our mail
server was down, too," said Kolligs.
Tomorrow's Online Defenders
This year's winning team won't be announced until later this week, but
Willke said that all of the teams exceeded expectations. "From the
folks at [CERT], I was told that the team that finishes last this year
would have won the competition hands down last year," he said.
The Coast Guard and Merchant Marine academies are the presumptive
underdogs because they do not have information security or computer
science study programs. The Coast Guard team members are electrical
engineering majors, and the majority of the Merchant Marine students
are majoring in subjects like maritime business and marine
Shashi Shah, the Merchant Marine Academy team's director, said he has
been "blown away" by the dedication of his 13-man team, which prepared
for the exercise by attending four days of weekend classes on
information assurance -- on top of their course load. They also set up
metal cots in the school's computer room to have at least one
midshipman manning the battle stations at any time, Shah said.
"I must say I am touched by dedication and devotion of midshipmen who
took part in this exercise, and I know each one of them has learned
far more than they expected," he said.
Many of the program's participants said that they think the training
will help them once they are serving on active duty. Erik Sarson, 22 ,
West Point senior cadet from Latrobe, Pa., said he is going into the
armored branch, "but I'll be an important asset no matter where they
place me because the Army is becoming more digitized every day."
After the exercise ended, a handful of midshipmen from the Navy team
gathered around an xBox video game console to compete in the
first-person futuristic combat game "Halo." Baumgartner and others
said they felt confident they had kept their attackers at bay.
But outside the war room, Hendricks sounded a note of caution, saying
the team may not have spotted all of the NSA's attacks.
"A lot of these schools got a false sense of success last year and
left the exercise thinking they had beat the red team. But it was
pretty bad because the red teams were hardly trying," he said. "This
year, I think most of the schools may have gotten beat up quite a
"Communications without intelligence is noise; Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@xxxxxxxxxxxxx with 'unsubscribe isn'
in the BODY of the mail.