Air Force wins cyberexercise

The Air Force Academy recently beat out the four other service academies in the Cyber Defense Exercise, a cyber training tool designed to prepare students to protect and defend the nation's critical information systems.

Each student team was challenged to configure a network of computers securely to serve both local and remote users. The exercise environment was created to represent coalition information sharing; the students entered into direct cybercombat with so-called "red forces," which challenged them to keep their systems online and running.

Each team was evaluated on how well they maintained services, as well as their efforts to recover from and prevent future security breaches, according to the National Security Agency, which sponsors the event along with the U.S. Military Academy.

In addition to requiring each school to host a "rogue" computer that was controlled by the red forces, this year's exercise differed from the previous two years in many ways. The networks at each academy represented a collection of coalition partners deployed as regional commands, said Army Lt. Col. Daniel Ragsdale, director of the information technology and operations center in the electrical engineering and computer science department at the U.S. Military Academy.

"These commands are required to provide services to one another and receive direction from a centrally located command forces headquarters," Ragsdale said. "Sharing services adds a realistic element to the exercise and introduces the threat of 'insiders.' The focus is on keeping services available while maintaining the integrity of information. These partners are not allowed to have full, unfettered access to all of the systems or services."

Other changes to make the exercise more realistic included: leaving the design of the network topology up to the students; making the students select the operating systems that would run on the more than 20 servers available to them; and requiring students to identify software and applications to address 10 major system requirements including local and remotely accessible e-mail, Web service, database services, video conferencing services, and secure communications capability.

For the first time this year, organizers used traffic generators to create a certain amount of artificial ambient network traffic. Participants were also required to frequently communicate with remote coalition partners and headquarters.

"These changes increase the difficulty of detection intrusions because malicious traffic will be, at least, partially masked by this activity," Ragsdale said. He added that social engineering, which was disallowed in previous years, was introduced this year in order for Trojan horses to be sent through e-mail and/or other communications within the Cyber Defense Network.

This year's competition was extremely close. A single-system compromise was the difference between the Air Force team and the other participants during the four-day exercise, which concluded last week. The level of competition has grown exponentially over the last three years, proving that "this exercise is making a direct impact to the preparedness of future military leaders," according to the NSA.

The Air Force Academy team, which beat out the Naval Academy, Coast Guard Academy, and Merchant Marine Academy and the two-time defending champions, the U.S. Military Academy, will be presented the NSA Information Assurance Director's Trophy during graduation week.


  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.