UT, UNITED STATES
Photo by: Sgt. Michael Giles
100th Mobile Public Affairs Detachment
“It’s the best job in the military,” Capt. Joshua Montgomery, a member of an Air National Guard team that tests cyber defense elements, enthused. “We get to break things. We get to go and do all of the things that would send you to jail in the real world. It’s fantastic.”
Montgomery is not a criminal, but he plays one for the Guard. As a member of the 177th Information Aggressor Squadron at McConnell Air Force Base in Kansas, Montgomery tests cyber defense capabilities by attempting to hack into sensitive information systems.
“The idea of an information aggressor squadron is to understand the tactics that real-world adversaries—like hackers and corporate espionage agents—use,” Montgomery explained. He then uses that understanding to find network vulnerabilities that can be exploited.
Montgomery is preparing to put his hacking skills to use as a member of the Red Cell during Cyber Shield 17, a cyber defense exercise being held at Camp Williams, Utah, April 24 to May 5, 2017.
Cyber Shield 17 is a National Guard and U.S. Army Reserve event that begins with a week of training and preparation and culminates in a scenario-based cyber role-play. It is the sixth iteration of the exercise, which began in 2012, and trains members the Army National Guard, Air National Guard, and Army Reserve, as well as civilians who work in law enforcement, intelligence and information technologies.
Participants belong to one of several cells. Red Cell members, such as Montgomery, play the role of adversary hackers. Members of the Blue Cell attempt to defend against the Red Cell’s attacks. Members of the Gold Cell support the Blue Cell with coaching and mentorship, while White Cell members evaluate the Blue Cell’s performance.
As Red Cell members prepare to break into Blue Cell systems, their opposite numbers prepare for an experience that Blue Cell leader Maj. Kevin T. Mamula predicts will push them to their limits.
“The blue teams will be challenged to their breaking points by design,” said Mamula, who also works as the cyber network defense team lead for Ohio. “They will be stressed and frustrated and mad. But they will come out as a much more effective team.”
Exercise participants emphasized that the threat that cyber attacks pose make this kind of challenging training crucial.
“Cyber threats are real,” said Capt. Joshua Hull, from the Nebraska Joint Force Headquarters, who serves as assistant leader for the Nebraska Blue Team in Cyber Shield 17. “They are already all around us, and they affect every aspect of our daily interactions.”
Hull said he is confident that his team will be able to succeed in warding off the Red Cell attacks thanks to effective collaboration he has observed among his comrades.
“We have very good team cohesion,” Hull said. “We have a very good flow of information and we’ve pulled our best and brightest. They have a good understanding of how network operations work.”
As Blue Cell fights an uphill battle in the cyber terrain, they will have the Gold Cell’s support. Lt. Col. Brad Rhodes, Gold Cell leader and commander of the Colorado Army National Guard’s Cyber Protection Team 174, said his team will provide struggling Blue Cell members with coaching and mentorship to help them learn and succeed.
“Our goal is that when the blue teams walk out of the door, they are feeling better about themselves and are more successful than when they first got here,” Rhodes said.
Red Cell leader Air National Guard Maj. Michael Ehrstein, who supervises the 177th Information Aggressor Squadron, said that Cyber Shield 17 fosters a learning environment by putting people of different backgrounds and levels of skill together.
“People who’ve never done this before get one-on-one dedicated interactions with individuals who’ve been doing this 15-plus years,” Ehrstein said. “We are able to bring together experts from DoD, the government and the civilian world in one place and share that diverse perspective on cyberspace.”
“I’m very excited about being on a red team,” said Flo R. Bayer, a security analyst with the State of Wisconsin Department of Enterprise Technologies. “To see how hackers do things, their methodologies, will help me be better at defending the networks.”
“You don’t get an opportunity to learn from a group of people like this often, to apply this skill set often,” said Adam Hellmers, an electrical engineer with Radiance Technologies. “It’s a chance to develop higher skills and to further enhance your own self, your company’s self and the national interests.”
“The 2017 Cyber Shield exercise is far and away the best exercise I have ever encountered in my career,” Montgomery said. “It’s well organized; it’s well put together. And the teams, both red and blue, have made significant progress in securing DOD systems.”