Photo By Staff Sgt. Matthew Ard | Members of the Air National Guard, law-enforcement agencies and technology firms...... read more read more
Subscribe
CAMP WILLIAMS, Utah (May 4, 2017)—“We’re always under cyberattack,” said Lt. Col. Henry Capello, exercise control officer in charge of Exercise Cyber Shield 17. “There’s a lot of things that people don’t realize goes on behind the scenes, and in order to really understand them, and comprehend them, it’s important that we work together.”
This is the sixth iteration of the Cyber Shield exercise. The exercises are the National Guard’s solution to the threats that hackers pose to the security and functioning of our daily lives. They began as an effort to protect the Department of Defense Information Network, Capello explained, before evolving to address threats that cyberattacks can pose to nonmilitary computer systems.
This year, the National Guard ran the exercise at Camp Williams, Utah, in collaboration with the U.S. Army Reserve. It brought together educators and trainees from the Guard, reserve, various law enforcement and intelligence agencies, information technology firms and academia. Beginning April 24, the training involved one week of classroom training and preparation, before a week-long scenario-based exercise that gave participants a feel for responding to a real-world cyber threat.
As a member of the Louisiana National Guard, Capello is familiar with large-scale disasters. One of the goals of Cyber Shield is to help domestic first responders become as ready to respond to cyber disasters as they are to respond to natural disasters, he said.
“We exercise our all-hazard responses quite frequently,” Capello said. “But even so, until a few years ago, we hadn’t even started considering cyber as a disaster. And that’s the first piece of this: it’s really educating what cyber can do to a state or to our country.”
Cyberattacks impact citizens by disrupting communities’ critical infrastructure, according to Capt. Lori Williams, the Cyber Shield 17 exercise control executive officer.
“If there is a cyber attack on a critical infrastructure, you don’t have just that infrastructure being affected,” said Williams, who works with the National Guard Bureau full time. “You have the people as well. If it’s a water treatment facility and they shut it down, then we’re looking at no water for an organization, so the people are affected. There’s a lot of other things that can get very costly.”
To better prepare federal, state and local forces, Cyber Shield 17 provided an environment for sharing knowledge, for developing interoperable partnerships and for putting the knowledge and partnerships into practice in a hands-on simulation.
The cyberdefense classroom: gaining awareness of the threats
“We have some of the top minds contributing here,” said James Gunter, exercise director for Cyber Shield 17. “We have a pretty wide view and scope of the personnel that are pretty top notch compared to the rest of the country.”
Among these top minds is Chris Roberts, chief security architect at Acalvio Technologies. Roberts gained notoriety several years ago with allegations that he had hacked into the controls of commercial airliners in flight.
Roberts’ message is that we must become aware and think critically, he said. During a Cyber Shield 17 Distinguished Visitor’s Day presentation, he explained how the management of trains, livestock and crops can be hacked in ways that have potentially devastating consequences. While the risk of train wrecks is obvious, less obvious but perhaps more catastrophic would be the disruption of the food supply chain.
“The problem is we trust more and question less,” Roberts said. “We download apps on our phones without thinking about it. We don’t think about the developers. We don’t think about who built it. We don’t think about the implications of putting stuff on hardware systems in our homes.”
Roberts gave the example of the cameras people put in their homes to watch their kids. We buy them, install them and we might even grant them access to our wireless networks without questioning the implications. We don’t think about what may be embedded in the camera’s software that can result in a stranger somewhere having access to images we prefer to have private.
“Nobody thinks that. Why?” he asked.
“Because why should we?” he retorted. “Because it should come secure. We plug it in, and it says, ‘Hi! I need access to your wireless network.’ You type it in and you get it on, and then three weeks later you find pictures of your family on the bloody Internet.’”
Another member of the awareness-raising team is Heidi Cooke—a senior learning consultant with the International Society of Automation—who provided Cyber Shield 17 participants with a cybersecurity design and maintenance course that prepares them for ISA/ICE 62443 Cybersecurity Expert Certificate testing. Cooke informed about how industrial operations that large populations depend on can be vulnerable to hacking.
“A lot of vendors use remote access to support their customers,” Cooke said. “That is a way for somebody else to come in the door and shut down a process, and someone else is now controlling the process.”
The cyberdefense lab: getting hands dirty
Exercise Cyber Shield 17 gave participants challenging hands-on training, both during the classroom week, and the week of role-playing a cyberattacker versus cyberdefender scenario.
The International Society of Automation IC34/IC37 62443 Cybersecurity Design Specialist/Maintenance Specialist course ran through week one and concluded with a practical exercise in which students had to repair an automation control system.
“Intentional tampering of automatic control systems is what the National Guard has to be able to fix,” said instructor Marco (Marc) Ayala Sr., principal ICS/SCADA lead with aeSolutions, the morning of the practical exercise. “They’re going to come in and get their system into a productive working state. It’s going to be a lot of fun!”
The week-long conflict scenario that followed, between Red Cell cyberattackers and Blue Cell defenders, was intended to be stressful for the defenders, and not fun, according to Blue Cell Leader Maj. Kevin T. Mamula.
“The blue teams will be challenged to their breaking points by design,” said Mamula, who works as the cyber network defense team lead for Ohio. “They will be stressed and frustrated and mad!”
“But they will come out a more effective team,” he added.
Mamula explained that the deck was significantly stacked against the defenders.
“Blue Cell will find it very challenging, because the network is designed against them,” he said. “That gives the red team carte blanche freedom of maneuver and obvious advantage.”
Apart from the challenge, another hands-on aspect of Cyber Shield 17 is interactions between participants of different backgrounds.
“We are able to bring together cyber experts from DoD, the government and civilian world in one place and share that diverse perspective on cyber issues,” said Red Cell Leader Air National Guard Maj. Michael Erstein. “People who’ve never done this before get one-on-one dedicated interactions with individuals who’ve been doing this 15 plus years.”
The results: a more informed, capable cyberdefense force
As Cyber Shield 17 winded down, facilitators and participants beamed as they spoke about the successful training mission that benefited all involved.
“It’s been spectacular,” Ehrstein said. “A lot of good training has occurred for both Red and Blue.”
Ehrstein, whose job was to challenge the Blue Cell by leading Red Cell attacks, watched in real time as the defenders took his lessons to heart.
“We go give them feedback, and then they go act on that feedback,” Ehrstein said. “That’s learning.”
Blue Cell participants—such as Staff Sgt. Liz McDaniel, training noncommissioned officer with the Delaware Army National Guard’s 261st Signal Brigade—expressed agreement, asserting that the challenges have quickly made them more prepared to handle cyber threats than they were before the exercise began.
“We’re definitely learning from defeat,” McDaniel said. “Through the hard training, we’ve learned valuable lessons that have made us a lot more prepared for various possible cyberattacks.”
To address the success he’s observed throughout the event, Roberts returned to the topic of questioning.
“The biggest thing I think we’ve done to the team here is gotten them to ask more questions,” Roberts said. “But also getting them to understand: ‘here’s where we are, and here’s where we need to be.’”
He stated that it’s important for cyberdefenders to think forward to how the ever-evolving fields of information technology will generate ever-developing challenges.
“Where is it going?” Roberts asked. “Where is the future? Where do we need to focus our efforts?”
Story by Sgt. Michael Giles
| Date Taken: | 05.05.2017 |
| Date Posted: | 05.05.2017 13:01 |
| Story ID: | 232733 |
| Location: | UT, US |
| Web Views: | 513 |
| Downloads: | 0 |
This work, National Guard brings top minds to lead hands-on cyberdefense exercise, by SSG Michael Giles, identified by DVIDS, must comply with the restrictions shown on https://www.dvidshub.net/about/copyright.
No keywords found.
LEAVE A COMMENT