Cybercity trains warriors

EDINBURGH — More than 350 soldiers, airmen and civilians from 42 states converged at Camp Atterbury for the 2015 Cyber Shield Exercise.

The exercise, March 9 to 20, was part of the National Guard’s ongoing efforts to improve Guard readiness to respond to real-world cyberincidents. It focused on developing industrial control systems/supervisory control and data acquisition defense scenarios.

During the first week, soldiers and airmen received hands-on training in a kinetic cybercity directed by the SysAdmin, Audit, Network, Security (SANS) Institute, the largest source for information security training and certification in the world. It develops, maintains and makes available the largest collection of research documents and provides intensive, immersion training.

“The idea of cybercity is to train operators and essentially our warriors on how to defend critical infrastructures in cyberspace, said Ed Skoudis, SANS Institute Instructor.

The cybercity is a physical city, 6 feet by 8 feet in size, Skoudis said.

“There is everything from working lights, tiny buildings, hospital, to working traffic lights. What makes it even more interesting is that it is equipped with its own working power grid and mini industrial control systems,” he said.

Soldiers and airmen were given accesses to the systems and received mock scenarios of cyberattacks through the cybercity. They then are asked to react to possible threats by identifying the adversaries in the environment and exposing tracks of information.

“The mission they received this week was a mock cyberattack on the water reservoir. It simulates manipulating machines that are used to sense water quality,” Skaoudis said. “Even though the water quality is fine, cyberterrorists are trying to alter the system making the operators think they need to dump chemicals into the water making the public worry that the water has been contaminated, when in fact nothing has occurred.”

As the Computer Network Defense teams worked through issues to solve technical challenges, SANS instructors were by their side making sure operations were well-coordinated.

“We are seeing, as they work through these missions, leadership — assigning different tasks to the team. That is fantastic, and really strong technical people on the team are sharing their knowledge and ideas with others. That’s when it works best, and I love seeing that,” Skoudis said.

The class was so well received that 24 teams faced off against adversaries attacking the mock city, demonstrating advanced skills, which led to the Final Four face-off on March 14. The final teams included teams from Oregon, Idaho, Maine, Utah, Virgin Islands and Illinois.

By battling and eradicating malicious invaders of computers and related industrial control systems inside a city, National Guard soldiers and airmen demonstrated that critical infrastructures could resume normal operations and keep our country safe.

While all the teams learned and improved their cybersecurity skills and are more prepared to respond to an actual cyberattack from an adversary, the combined team of Oregon and Idaho took home the trophy.

Skoudis noted that during the past 10 years he has seen a huge change in the field, with the increasing knowledge of the military’s capabilities.

The Cyber City by the SANS Institute was a new addition to this year’s Cyber Shield exercise. National Guard Senior Cyber Adviser Col. Heather Meeds said the National Guard was looking for something to increase the training value and hopes it is a future tool for commanders to visually see the effects cyberincidents can cause.

“It’s realistic, they get into it, it looks like something you would do if the governor called on something that could actually happen within a state and they may be called upon to assist,” Meeds said.

Last year, the Cyber Shield exercise focused the Guard’s Computer Network Defense Teams on defending GUARDNet, which provides a critical link for command and control of the National Guard systems. This year the exercise was able to focus more on the assistance it can provide to federal and state governments with projects like CyberCity. The new training added visual value to see the impact it can pose on actual infrastructure that could possibly be the next mission the National Guard is called to respond.