Cyber challenges demand trained young leaders
Participants in this year's Cyber Defense Exercise fought back challenges of the type threatening U.S. critical infrastructure, including ransomware.
Cadets and midshipmen from the U.S service academies battled in cyberspace for the 2016 CDX trophy. (Photo credit: Sean Carberry/FCW)
CDX, the nation's premier cybersecurity challenge, is designed to enhance the abilities of tomorrow's leaders to meet the challenges of safe computing in today's increasingly complex world.
More than 100 participants from military institutions designed, implemented and managed an operational network of computers while NSA network specialists simulated realistic information assurance threats. The participants were divided into five teams and were graded on their ability to effectively maintain network services while detecting, responding to, and recovering from security intrusions and compromises.
Undergraduate cadets and midshipmen from the U.S. Coast Guard Academy, U.S. Merchant Marine Academy, U.S. Military Academy, U.S. Naval Academy, and the Royal Military College of Canada all competed for the highest score – and the coveted Cyber Security Operations Director's Trophy. This year, the trophy went home with the U.S. Naval Academy.
For the government, CDX means much more than a trophy. This exercise is a uniquely important opportunity to provide tomorrow's military leaders with a real-life experience of what it's like to be in the middle of a cyber battle, and to recruit top talent to pursue a technical position in the military they may not have previously considered.
The global problems we're facing today require educated professionals to develop innovative solutions. At the same time, CDX also benefits those who are currently tasked with protecting and defending America's critical infrastructure and networks of data. The types of techniques and strategies this year's participants employed during the exercise may lead to solutions that could be applied today.
One of the challenges this year's CDX participants faced was a "ransom" attack on several systems. The attackers temporarily -- and reversibly -- damaged some systems from each school before offering to repair them for a cost. The students had to quickly decide whether to pay the ransom -- meaning they'd get their systems back in exchange for precious points -- or risk losing a lot of points while trying to restore their systems on their own.
This attack represented the increasingly realistic dilemma our future military leaders will likely face at some point in their careers, possibly with much more significant table stakes.
These types of exercises are more important than ever as America's access to drinking water, electricity, transportation networks and countless other types of critical infrastructure are significantly at risk from cyber intrusions.
In fact, a report published last month by Massachusetts Institute of Technology policy experts urged the White House to pay closer attention to the threats facing America's electrical grid and other critical infrastructure.
"The digital systems that control critical infrastructure in the United States and most other countries are easily penetrated and architecturally weak, and we have known it for a long time," according to the report, which also outlined a series of recommendations.
We cannot afford to be complacent as many – if not most – of America's control systems and infrastructure have been in place since long before cybersecurity was a concern. As cyber attacks become increasingly more complex, we must remain vigilant and committed to the development of new and innovative solutions to address the evolving cyber threat faced by energy producers, transportation infrastructure entities, telecommunications companies, and government agencies.