West Point cadets tested their cyber defense skills against veteran hackers from the National Security Agency and emerged victorious.
The three-day 2011 Cyber Defense Exercise concluded April 22, 2011, giving the U.S. Military Academy its sixth win since the competition began in 2001. Thirty-eight Class of 2011 cadets participated in the exercise, along with two faculty advisors and numerous support personnel. The senior cadets built the network, managed it and performed the day-to-day operations.
The exercise was established by West Point with collaboration and support from the NSA and Department of Defense to teach students how to protect and defend the nation’s information systems. All five service academies participated, as well as the Naval Postgraduate School, the Air Force Institute of Technology and the Royal Military College of Canada.
“It’s entirely a defensive operation on our part,” said Class of 2011 Cadet Hunter Hutcheson, the team’s public affairs representative. “So we’re learning how to defend the network. West Point has one of the most robust cyber educational programs of all the service academies. Cadets routinely are sent to NSA to practice these skills during summer training.”
Some Class of 2012 cadets participated in the latter stages to perform forensic analysis of the exercise.
“They’ll figure out which machines were compromised by the NSA and create a detailed analysis of the tools used against us as a sort of lessons learned,” Hutcheson said. “So next year when they enter the competition, they’ll have more experience of what they can expect from NSA.”
The cadets could not monitor the systems betwen 10 p.m. and 9 a.m. each day, as that was when their NSA opponents would launch their offensive. The mornings would often find the West Point team on damage control duty from the overnight attacks. This was accomplished by ensuring the services were functioning properly and activity coming into the network from the NSA Red Team was stopped and any threats mitigated as they occurred.
The exercise involved long-hour shifts for the cadets, always on the defensive against NSA. Ample amounts of caffeinated beverages and high-calorie snacks were consumed to offset the periods of inactivity and fueled them when they needed to respond fast.
“It’s definitely a high-stress exercise,” Hutcheson said. “There are periods of boredom throughout the day, but leading up to the exercise there were numerous times cadets worked late nights and sometimes until early into the morning. Throughout the exercise there are also periods of intense activity. Waiting for an opponent to attack can be a nerve-wracking experience.”
The cadets worked in teams, performing various functions like monitoring software and email/chat services. Class of 2011 Cadet John Rollinson led the network security monitoring team.
“Basically I’m logging and analyzing all the traffic flowing across our network for things that don’t fit the standard usage,” Rollinson said.
Hutcheson said this USMA team, in the way they’ve prepared for and executed the exercise, may be one of the best in several years. Rollinson was confident the team could beat the other academies.
“We have cadets on our team who are very knowledgeable about what they’re doing,” Rollinson said. “We have (Cadet) James McColl, who’s a mastermind on the computers; we have (Cadet) Robert Frost, who’s very good at understanding exploits, and (Cadet) Duncan Michel does a great job of managing and distributing who’s looking where on the system.”
Traditionally, the NSA team will conclude the exercise by launching an onslaught upon the teams; basically, unleashing a devastating attack for which there is no preparation.
“Our job is to make sure our network is as secure as possible and the services are all up and running so when that attack happens we have monitoring tools running and all cadets at their stations,” Hutcheson said. “Of course, we fully expect this attack, but we didn’t talk about it. We talk about winning.”
To call this a game would be farthest from the truth for this team. “With the growing importance of cyber defense in the Department of Defense and the private industry, we realize this is no game,” Hutcheson said. “This is real. We’re calling it a demonstration of Army excellence and this is our opportunity to show the NSA and the other academies that we’re prepared and we’re developing graduates fully capable of operating in this environment.”
Article by Mike Strasser, West Point Public Affairs