recommended reading

Pacific Command repels hackers with cyberwar Xbox

Flickr user chippermist

Pacific Command recently played a series of wargames on a 7-inch-high box with NATO and other international partners to intentionally scramble communications, according to contractors that provided the equipment. The chassis, or case containing circuit boards and wiring, comes prepackaged with infections that hurl torrents of malicious traffic and imaginary users at communications systems. The goal of this exercise is to ensure participating nations and humanitarian organizations stay in contact with one another during crises.

In other classified simulations, the military and intelligence agencies upload code into the chassis -- without sharing the code with manufacturer Ixia Breaking Point -- to recreate sophisticated viruses already targeting the government that agencies don’t want to tell anyone about.

“The exploits, many of them, are public . . . [But] if they have collected that attack in the wild, they have the ability to replay that attack within their device. So, we at Breaking Point, don’t have to know what it was,” said Tom Taschler, the company’s assistant vice president of federal sales. Pentagon officials have indicated they test undisclosed worms, company executives said.

One of the most recent public exercises took place in August at Changi Naval Base in Singapore. Among the players at the Cyber Endeavor workshop were representatives from militaries of more than 20 countries, including Bangladesh, Cambodia, India, Japan, Republic of Korea, and Vietnam. The U.S. European and Cyber Commands conduct similar tests using the boxes. The devices are sold to the government for between $150,000 and $500,000, including technical support.

In general, the simulations involve a red team of hackers, a blue team of cybersecurity experts, and a green team of non-technical personnel just trying to communicate with one another. The blue team monitors vital statistics about the system under attack, such as the resiliency of the network.

One type of scenario, called “fuzzing,” helps the network defenders find unintentional flaws in otherwise safe software programs. Fuzzing spews random information at software, while security specialists monitor the program for signs of failure. “It purposely mangles it. It purposely messes it up,” said Pat McGarry, an Ixia systems engineer. “It’s a great way of finding zero days for example,” referring to the slang term for previously unknown software bugs. If the software stops responding, that indicates there is a vulnerability hackers could exploit.  

Attackers practice fuzzing to find holes too, McGarry acknowledged. He claims, however, that his firm’s test code is too complex for hackers -- even state-sponsored adversaries -- to emulate. But McGarry admits there is a chance that nation states prohibited from buying the product, such as Iran, can smuggle it in. “There is a possibility that they could use us illegally. If they can get it off the black market, we can’t stop them,” he said.

Scott Griffin, Pacific Command’s technical director for multinational communications interoperability program, said in a statement that Ixia’s “hands-on facilitation” with the red, blue and green teams “further developed capacities of the participants to maintain and defend critical network infrastructures during humanitarian assistance and disaster response.”

Federal agencies likely run cyber wargames on the boxes weekly, company executives said. “Many of them are classified in nature. Some of them -- we’re not sure they are even happening,” Taschler said. The Defense Advanced Research Projects Agency, the Pentagon’s technology incubator, replicates large-scale network attacks at a national cyber range. Ixia’s chassis is not a part of the DARPA program.

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.