|
“It’s the best job in the military,” Capt. Joshua Montgomery, a
member of an Air National Guard team that tests cyber defense
elements, enthused. “We get to break things. We get to go and do all
of the things that would send you to jail in the real world. It’s
fantastic.”
Montgomery is not a criminal, but he plays one
for the Guard. As a member of the 177th Information Aggressor
Squadron at McConnell Air Force Base in Kansas, Montgomery tests
cyber defense capabilities by attempting to hack into sensitive
information systems.
|
April 26, 2017 - Members of the Army National Guard, Air National
Guard and Army Reserve, and civilians working in information
technology prepare to engage as opposition force, or "red cell" in
Cyber Shield 17 at Camp Williams, Utah. Cyber Shield
17 is a National Guard exercise designed to assess soldiers, airmen,
and civilian personnel on-response plans to cyber incidents that is
taking place April 24 to May 5, 2017 at Camp Williams, Utah. (U.S.
Army National Guard photo by Sgt. Michael Giles)
|
“The idea of an information aggressor squadron is to
understand the tactics that real-world adversaries—like
hackers and corporate espionage agents—use,” Montgomery
explained. He then uses that understanding to find network
vulnerabilities that can be exploited.
Montgomery is
preparing to put his hacking skills to use as a member of
the Red Cell during Cyber Shield 17, a cyber defense
exercise being held at Camp Williams, Utah, April 24 to May
5, 2017.
Cyber Shield
17 is a National Guard and U.S. Army Reserve event that
begins with a week of training and preparation and
culminates in a scenario-based cyber role-play. It is the
sixth iteration of the exercise, which began in 2012, and
trains members the Army National Guard, Air National Guard,
and Army Reserve, as well as civilians who work in law
enforcement, intelligence and information technologies.
Participants belong to one of several cells. Red Cell
members, such as Montgomery, play the role of adversary
hackers. Members of the Blue Cell attempt to defend against
the Red Cell’s attacks. Members of the Gold Cell support the
Blue Cell with coaching and mentorship, while White Cell
members evaluate the Blue Cell’s performance.
As Red
Cell members prepare to break into Blue Cell systems, their
opposite numbers prepare for an experience that Blue Cell
leader Maj. Kevin T. Mamula predicts will push them to their
limits.
“The blue teams will be challenged to their
breaking points by design,” said Mamula, who also works as
the cyber network defense team lead for Ohio. “They will be
stressed and frustrated and mad. But they will come out as a
much more effective team.”
Exercise participants
emphasized that the threat that cyber attacks pose make this
kind of challenging training crucial.
“Cyber threats
are real,” said Capt. Joshua Hull, from the Nebraska Joint
Force Headquarters, who serves as assistant leader for the
Nebraska Blue Team in Cyber Shield 17. “They are already all
around us, and they affect every aspect of our daily
interactions.”
Hull said he is confident that his
team will be able to succeed in warding off the Red Cell
attacks thanks to effective collaboration he has observed
among his comrades.
“We have very good team
cohesion,” Hull said. “We have a very good flow of
information and we’ve pulled our best and brightest. They
have a good understanding of how network operations work.”
As Blue Cell fights an uphill battle in the cyber
terrain, they will have the Gold Cell’s support. Lt. Col.
Brad Rhodes, Gold Cell leader and commander of the Colorado
Army National Guard’s Cyber Protection Team 174, said his
team will provide struggling Blue Cell members with coaching
and mentorship to help them learn and succeed.
“Our
goal is that when the blue teams walk out of the door, they
are feeling better about themselves and are more successful
than when they first got here,” Rhodes said.
Red Cell
leader Air National Guard Maj. Michael Ehrstein, who
supervises the 177th Information Aggressor Squadron, said
that Cyber Shield 17 fosters a learning environment by
putting people of different backgrounds and levels of skill
together.
“People who’ve never done this before get
one-on-one dedicated interactions with individuals who’ve
been doing this 15-plus years,” Ehrstein said. “We are able
to bring together experts from DoD, the government and the
civilian world in one place and share that diverse
perspective on cyberspace.”
“I’m very excited about
being on a red team,” said Flo R. Bayer, a security analyst
with the State of Wisconsin Department of Enterprise
Technologies. “To see how hackers do things, their
methodologies, will help me be better at defending the
networks.”
“You don’t get an opportunity to learn
from a group of people like this often, to apply this skill
set often,” said Adam Hellmers, an electrical engineer with
Radiance Technologies. “It’s a chance to develop higher
skills and to further enhance your own self, your company’s
self and the national interests.”
“The 2017 Cyber
Shield exercise is far and away the best exercise I have
ever encountered in my career,” Montgomery said. “It’s well
organized; it’s well put together. And the teams, both red
and blue, have made significant progress in securing DOD
systems.”
By U.S. Army National Guard Sgt. Michael Giles
Provided
through DVIDS
Copyright 2017
Comment on this article |
