Lab Note: Training the Cyber Defensive Line
MIT Lincoln Laboratory Lexington United States
Pagination or Media Count:
The number of attacks on computer networks is massive for example, in 2013, the Pentagon reported getting 10 million attempted cyber intrusions a day. 1 These attacks are also growing in sophistication, primarily because cyber attackers are using combinations of techniques such as inserting malicious code malware or email phishing, and are adding complexity to the attack by involving multiple parties. 2 And, cyber intruders are breaching systems in just minutes. 2 Network operators, who are typically tasked with day-to-day maintenance of the computer systems, are hard-pressed, and often not trained, to address this flood of advanced, novel attacks. In response to the proliferation and growing complexity of cyber threats, the U.S. Cyber Command USCYBERCOM over the last three years has created squads who will act as cyber strike teams in the field to protect the nations networks. To help the Department of Defense DOD build such cyber protection teams, staff from Lincoln Laboratorys Cyber Security and Information Sciences Division, in collaboration with several other federally funded research and development centers FFRDC and university-affiliated research centers UARC, developed and conducted a series of exercises designed to evaluate the capabilities of cyber defenders. Not exactly games, these exercises, collectively called Project C, pit a red team attacking the network against a blue team defending it. The red team plans an attack strategy, and the blue team develops countermeasures to thwart the attack. The blue team needs to learn about the network and how best to defend it, locate any attacks, defeat them, and, finally, redefend the network, says Douglas Stetson, associate leader of the Laboratorys Cyber System Assessments Group.
- Computer Systems Management and Standards