USMA’s cyber warriors survive first day of Cyber Defense Exercise
Story and photos by Mike Strasser
WEST POINT, N.Y. (April 17, 2013) — Twenty-eight Class of 2013 cadets gathered inside the Cyber Lab at Thayer Hall Tuesday morning for the start of the 13th annual Cyber Defense Exercise.
Class of 2013 Cadet Rebecca Malone, the team’s public affairs representative, noticed the atmosphere was very calm from the beginning. Indicative, perhaps, of their confidence in the computer network they built over the course of three weeks and their ability to defend it. Or maybe a wise tactic for conserving their mental faculties, considering the exercise would continue for three 14-hour days until the winning team is announced Friday.
“This is a very strong team and that has a lot to do with having the right people in the disciplines they are good at,” Malone said about the collection of information technology, computer science and electrical engineering majors.
The exercise was established by the National Security Agency in 2001 and has become a friendly competition among service academies to see who can best defend its network against an NSA and Department of Defense attack team. These adversaries are known as the Red Cell OPFOR, or opposition force.
The U.S. Military Academy has won this network and computer security exercise six times and the team is being commanded this year by Class of 2013 Cadet Nolan Miles.
Though the official start was 9 a.m., they suspected the attackers would begin scanning the network at any time. Until then, Lt. Col. David Raymond, the team’s officer in charge, had a few encouraging words to premise the challenging day ahead.
“Things are fixing to get interesting,” Raymond, assistant professor in the Department of Electrical Engineering and Computer Science, said. “This has been a heroic effort getting the network together. I’ve been involved in the CDX for three years and this is the best CDX network I’ve seen and the best team dynamic I’ve seen.”
The exercise began with no countdown or fanfare, just a nondescript gentleman wearing a DOD badge who walked up to the front of the room and quietly gave a few words of instruction. Not too many of the cadets sitting three rows deep took notice of what happened; even the cadets up front looked puzzled for a second or two before realizing it was actually the “go time” moment they were waiting for. Then, instantly, the room was buzzing with activity.
“Oh, we’re getting scanned now,” Class of 2013 Cadet Patrick Smith said, jumping to the dry erase board to record the activity. “Read me off some of those.”
This happened 18 minutes into the exercise as the opposition made its presence known. Smith, lead of the network management team was instrumental in creating the network and this was his first skirmish in the cyber battle.
“Basically at this time we’re monitoring the IP addresses and all the network traffic,” Malone said. “We can watch them scan us and it allows us to see what kind of attacks they’re trying to do.”
Other cadets had relatively less to do on the first day and filled their monitors with solitaire, social media and other distractions.
“Hopefully I’ll be bored most of the time,” one cadet said. “If I’m doing nothing that’s how I know my services are doing well.”
But when cadets jump into action, something bad has happened, he added. Throughout the day, it was an ebb and flow of activity and most worked quietly within their section—whether it was the Services Team, Network Team or Systems Team.
“When things got active it could get loud, as people were letting others know from across the room when things went down and had to get back up,” Malone said. “People were communicating pretty effectively, which was cool to watch.”
At the end of the Day One, Malone said there weren’t any significant attacks to the system, and anyone caught exploiting the system was cut off.
One sort of attack, an HTTP injection, is where abnormal script appears on a website as an attacker tries to gain access.
“Basically when we are seeing these IP addresses that were causing suspicious activity on our system we would blacklist them,” Malone said, “and basically cut off all access to our system.”
The cadets continue their system defense today and tomorrow with the winning team expected to be announced at noon Friday.
Twenty-eight Class of 2013 cadets gathered inside the Cyber Lab at Thayer Hall April 16 for the start of the 13th annual Cyber Defense Exercise. These information technology, computer science and electrical engineering majors are tasked with defending a computer network against an opposition force of National Security Agency and Department of Defense personnel. The exercise was established by the NSA in 2001 and has become a friendly competition among service academies. A West Point team has won it six times.
Class of 2013 Cadets Nolan Miles and Gregory Ecklin get to work at the start of the 13th annual Cyber Defense Exercise April 16. Miles is the cadet commander of the West Point CDX team.
After one day of the Cyber Defense Exercise, the West Point team managed to stave off attacks from the opposition force of National Security Agency and Department of Defense personnel.