By Staff Sgt. C. Todd Lopez
WASHINGTON (April 19, 2006) -- In an obscure office park midway between Baltimore and Washington, about 50 men and women use laptop computers to break into networks at the nation's military service academies.
When one of them is successful at penetrating a networked computer, they get up and ring a bell.
"We hit a remote desktop on a workstation," one hacker proclaims.
Everybody in the room breaks into applause, like the whole issue of national security is just a game -- and it is.
The event was the 2006 Annual Cyber Defense Exercise, April 10 to 14, in Elkridge, Md. In its sixth year, the CDX is about helping future protectors of military networks -- students in the nation's military academies -- learn more about what they will be faced with when they get out of school.
"This exercise mirrors what they will see in the real world," said Maj. Thomas Augustine, the exercise director. "It's also about best practices in securing your networks, so that only the right people have the information they need, when they need it."
Major Augustine works at the National Security Agency and is assigned to the 70th Intelligence Support Squadron at Fort Meade, Md.
As part of the CDX, participants were divided into three cells:
• Blue Cell participants included students of computer science and related fields at the nation's military service academies. Their role was to defend the military network.
• Red Cell participants played the aggressors. They came from the National Security Agency and various service network security groups such as the Air Force Information Warfare Center, the Navy Information Operations Command and the Marine Corps Network Operations and Security Command.
• White Cell participants, also seasoned network professionals, acted as exercise proctors, referees and scorekeepers.
The exercise, like many military exercises, involved a hypothetical scenario. During the CDX, Blue Cell members played as if they were "deployed" to a South American country and were participating in counterterrorism efforts. While there, they defended a network built using both U.S. military and host nation equipment.
The reality of the exercise was that Blue Cell participants -- students from the Naval Academy, Military Academy, Air Force Academy, Merchant Marine Academy, Coast Guard Academy and Air Force Institute of Technology -- were at their respective schools, and were playing between classes.
Exercise coordinators, members of the White Cell, pre-built computer networks and installed software on the computers and then sent those out to the academies. Students, many majoring in computer science or related fields, had two weeks prior to the start of the exercise to prepare the networks.
One part of that preparation involved setting up the networks; another involved finding pitfalls installed by exercise coordinators. That could mean deleting extraneous accounts or ensuring passwords weren't set to "password."
For Red Cell members, the exercise was about breaking in and taking control of the Blue Cell networks. Red Cell members used computing tools to guess passwords, reveal information that was supposed to be private, take administrative control of Blue Cell computers, deface web pages, perform "denial of service" attacks and break through network firewalls.
Senior Airman Quinn Carman, a full-time Air National Guardsman with the 177th Information Aggressor Squadron at McConnell Air Force Base, Kan., was one Red Cell member responsible for breaking into Blue Cell computers at the Air Force Academy. While Airman Carman's team was able to cause trouble for network administrators at the Colorado Springs, Colo. school, he said he was impressed with what the students there were doing.
The Red Cell was able to deface the Air Force Academy's Blue Cell Web page, and had been performing denial-of-service attacks as well, Airman Carman said. But, the cell had been unable to penetrate the Academy's firewall or take administrative control of any computers.
"The Academy has been doing really well," he said. "Somebody there must be real good with setting up firewalls."
During the exercise, Red Cell teams used open source software, available freely on the Internet, to perpetrate network attacks against Blue Cell members, Major Augustine said.
"It's amazing what's out there," he said of the large amount of network-cracking tools available to the public.
Cadet 2nd Class Thomas Griesemer and Cadet 1st Class Christopher Patten, students at the Air Force Academy, both participating in the CDX, said their coursework at the school helped prepare them for the exercise and for the dynamic nature of defending Air Force networks.
"What we are learning is not just the specifics, but how to research methods to secure our networks," Cadet Griesemer said.
"The classes do give us a kind of general overview, and let us know where to look on the network," Cadet Patten said. "But everything changes year to year."
The exercise was fun and valuable to their training, both said.
To score the exercise, Blue Cell teams each began with 50,000 points. During the exercise, those points were either reduced or increased, based on the network attacks they became vulnerable to or were able to defend themselves against. During the course of the exercise, Blue Cell participants were also required to file reports on the status of their network. Points were taken away if their reports were not complete or less than accurate.
The U.S. Naval Academy won the 2005 Cyber Defense Exercise, receiving a trophy from the NSA to display for a year in a common area on the campus. This year's exercise winner will be announced April 21. (The Air Force Academy won the trophy.)