Marine Lt. Cmdr. Gabe Edwards, Cyber Flag 21-2 trainer, will be working with William Groover, a Red Team Operator at Cyber Command, during Cyber Flag on June 22nd.
WASHINGTON: CYBERCOM’s premier defensive tactical exercise now underway demonstrates one of the command’s new training capabilities known as the Persistent Cyber Training Environment (PCTE).
This year’s exercise, called Cyber Flag 21-2, takes place in a virtual network for a fictitious Allied logistics depot. The exercise is not based on specific real cyber actors or previous incidents, but rather simulates “threats common in Indo-PACCOM geography,” noted Lt. Cmdr. Gabe Edwards, Cyber Flag 21-2 trainer.
One fictional cyber actor at this year’s event is motivated by cyber espionage while the other is focused on “denial and destruction,” said Christopher Bartz, chief of exercises and training at CYBERCOM, the Coast Guard, in a briefing for reporters. Edwards added that the exercise involved a few well-known scenarios, including the possibility of a ransomware payload.
It also emphasizes how cyber incidents can impact a wide variety of operations. “During this year’s iteration, in particular, we focused on how the cyberdomain transitions into other domains,” said Bartz. “We wanted to see all levels. Cross-domain effects were the real core of this year’s exercise. “
Cyber Flag 21-2, also known as Big Flag, is commonly referred to as Cybersecurity Blue Teaming. It tests the ability of cyber professionals to respond to simulated cyber attacks in a virtual environment. This year’s event takes place in virtual cyber rooms that are five times larger than in previous years and spans three countries in eight time zones.
PCTE, first used in a full-strength exercise during the global pandemic last year, enables the DoD to conduct joint cyberspace trainings, drills, mission rehearsals, experiments, and certifications. It also enables the U.S. and allies to assess missions that cross borders and networks.
PCTE came about because “we needed something bigger and better than we had,” explained Bartz.
“We can design any scenario we want to create,” Col. Ally Smith, chief of CYBERCOM’s exercise design and planning division, told reporters. “That puts us in front of what our opponents might want to do.”
This year’s exercise includes 430 professionals in 17 Cyber Protection Teams (CPTs) from the component commandos of CYBERCOM (Air Force, Army, Marines, Navy), the Department of Defense, the National Guard, the US House of Representatives, the US Postal Service and others Federal agencies. Allies Canada and Great Britain also participate. PCTE allows allies – in this case three CPTs each from Canada and the UK – to attend without leaving home, noted Bartz.
The participants are cyber operators who are responsible for the daily defense of assets against real cyber attacks. The CPTs work independently of one another during the exercise, although they are simultaneously working in similar virtual networks with similar cyber scenarios.
Smith said the PCTE is a kind of “testing ground” to evaluate different scenarios and how well teams react. The goal of the exercise is to find out what makes effective CPTs and share the lessons learned in order to improve cyber defense in the real world. A special focus is on the readiness and interoperability between the teams.
Cyber Flag 21-2 is a kind of “choose your own adventure,” Edwards said.
CPTs have to navigate through the virtual cyber realms in order to recognize, identify, isolate and counteract the fictional opponents. As the exercise progresses, new information emerges that teams need to evaluate and make decisions. The teams are challenged to apply a range of advanced countermeasures.
Edwards found that PCTE provides the ability to create virtual industrial control system networks that allow attackers to gain access to and control over technologies that allow them to carry out potentially destructive attacks on critical infrastructure.
Smith noted that CYBERCOM had some “creative minds ready to push the envelope” in designing these exercises. Edwards noted, “You name … [a scenario]and we’ll try to model it. “
Ultimately, these exercises are designed to keep U.S. and allied cyber talent updated and to keep best practices updated. “We continuously evaluate the performance of our troops [and] new opponent [tactics, techniques, and procedures]”Said Bartz. “We are developing the training at the speed with which opponents develop TTPs. We have to stay one step ahead. CYBERCOM will do anything to defend the nation. “
source https://collegeeducationnewsllc.com/cyber-flag-21-2-showcases-new-cybercom-training-environment-breaking-defense-breaking-defense/
No comments:
Post a Comment