ELKRIDGE, Md. -- In an obscure office park midway between Baltimore and Washington, about 50 men and women use laptop computers to break into networks at the nation's military service academies.
When one of them is successful at penetrating a networked computer, they get up and ring a bell.
"We hit a remote desktop on a workstation," one hacker proclaims.
Everybody in the room breaks into applause, like the whole issue of national security is just a game -- and in this case, it is.
The group was part of the 2006 Annual Cyber Defense Exercise (CDX), a five-day event that took place last month in Elkridge, Md. In its sixth year, the CDX is designed to help those who will one day be charged with protecting military networks -- students in the nation's military academies -- to learn what they will face when they graduate.
"This exercise mirrors what they will see in the real world," said exercise director Maj. Thomas Augustine, who works at the National Security Agency (NSA) and is assigned to the 70th Intelligence Support Squadron at Fort Meade, Md. "It's also about best practices in securing your networks, so that only the right people have the information they need, when they need it."
As part of the CDX, participants were divided into three groups, or cells:
- played the aggressors. They came from the NSA and various service network security groups such as the Air Force Information Warfare Center at Lackland Air Ford Bace in San Antonio, Tx., the Navy Information Operations Command at Fort Meade and the Marine Corps Network Operations and Security Command at the Marine Corps Base in Quantico, Va.
- White Cell participants, also seasoned network security professionals, acted
as exercise proctors, referees and scorekeepers.
The exercise, like many military exercises, involved a hypothetical scenario. Blue Cell members played as if they were "deployed" to a South American country and were participating in counterterrorism efforts. While there, they defended a network built using both U.S. military and host nation equipment.
What we are learning is not just the specifics, but how to research methods to secure our networks.
Cadet 2nd ClassU.S. Air Force Academy
To ensure a level playing field, CDX coordinators pre-built computer networks and installed the necessary software on the computers and then sent those out to the academies. Students, many majoring in computer science or related fields, had two weeks prior to the start of the exercise to prepare the networks.
One part of that preparation involved setting up the networks; another involved finding pitfalls installed by exercise coordinators. That could mean deleting extraneous accounts or ensuring passwords weren't set to "password."
For Red Cell members, the exercise was about breaking in and taking control of the Blue Cell networks. Red Cell members used computing tools to guess passwords, reveal private information, take administrative control of Blue Cell computers, deface Web pages, perform denial-of-service attacks and break through network firewalls.
In regard to scoring, Blue Cell teams each began with 50,000 points. During the exercise, those points were either reduced or increased, based on the network attacks they became vulnerable to or were able to defend themselves against. Blue Cell participants were also required to file reports on the status of their network. Points were taken away if their reports were incomplete or inaccurate.
Senior Airman Quinn Carman, a full-time Air National Guardsman with the 177th Information Aggressor Squadron at McConnell Air Force Base in Wichita, Kan., was one Red Cell member responsible for breaking into Blue Cell computers at the Air Force Academy. While Carman's team was able to cause trouble for network administrators at the Colorado Springs, Colo. school, he said he was impressed with the efforts of the students there, who ultimately went on to win this year's competition.
The Red Cell was able to deface the Air Force Academy's Blue Cell Web page, and had been performing denial-of-service attacks as well, Airman Carman said. However, the cell had been unable to penetrate the Academy's firewall or take administrative control of any computers.
"The Academy has been doing really well," Carman said. "Somebody there must be real good with setting up firewalls."
"I believe one reason behind our success was a focus on fundamental security principles, rather than specific tools," said Capt. Sean Butler, computer science instructor and officer in charge of the Air Force Academy team.
During the exercise, Augustine said, Red Cell teams used open source software, available freely on the Internet, to perpetrate network attacks against Blue Cell members.
"It's amazing what's out there," Carman said of the large number of network-cracking tools available to the public.
Cadet 2nd Class Thomas Griesemer and Cadet 1st Class Christopher Patten, CDX participants and students at the Air Force Academy, said their coursework at the school helped prepare them for the exercise and for the dynamic nature of defending Air Force networks.
"What we are learning is not just the specifics, but how to research methods to secure our networks," Griesemer said.
"The classes do give us a kind of general overview, and let us know where to look on the network," Patten said. "But everything changes year to year."
The U.S. Naval Academy won the 2005 CDX, receiving a trophy from the NSA to display for a year in a common area on the campus. That trophy is now headed to the Air Force Academy.
C. Todd Lopez is a Staff Sgt. in the U.S. Air Force, and a staff writer for Air Force Print News' Pentagon bureau. Additional material was used in this story.