[ISN] Air Force hackers win NSA’s 13th annual Cyber Defense Exercise

https://www.networkworld.com/community/node/82902 By Ms. Smith NetworkWorld.com 04/21/13 Did you hear about the big game last week? Perhaps not, since as “this annual battle might not yet have achieved the same mythic status as, say, the Army-Navy football game,” but there was a simulated cyberwar being waged from April 16 – 18. During the NSA’s 13th annual Cyber Defense Exercise (CDX), sponsored by the NSA’s Information Assurance Directorate (IAD), “nearly 60 government experts – sitting under a black skull and crossbones flag – worked around the clock this week to break into computer networks built by students at the Air Force, Army, Navy, Coast Guard and Merchant Marine academies.” Two military graduate schools, the Naval Postgraduate School and the Royal Military College of Canada, also participated. According to the NSA press release, “The U.S. Air Force Academy won this year’s Cyber Defense Exercise (CDX), gaining its fourth trophy – and its first consecutive victory – since the annual competition began in 2001.” “If you were a boxer, and you never stepped into the ring before and Mohamed Ali or Mike Tyson gave you a couple of pops, it would be difficult for you to defend yourself had you never had any practice,” Bill Stackpole told CSO; he is an associate professor who teaches network security at the Rochester Institute of Technology. “These competitions give you practice on the receiving end.” The NSA was the red team, “pretending to be the bad guys,” stated Collegiate Cyber Defense Competition Director Dwayne Williams. “Their job was to break into each of the military academy’s teams’ network, steal information from them, shut down their services, degrade their capabilities — that sort of thing.” Due to time constraints of this simulated cyberwar, NSA hackers were a bit “louder” than if this were nation state or other bad actor hackers trying to covertly break into infrastructure. Yet “the attack tools are the same — probe the network, scan the network, break into the network, put in backdoors, steal information, set up dummy accounts and disrupt capabilities.” […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org