Massif Rocks!

Archive for the ‘CEMA’ Category

NetWars Competition Test Knowledge, Skills of Military Cyber Warriors

Sunday, December 29th, 2019

WASHINGTON — Loud music blared throughout the crowded hall of the Washington Hilton as cyber professionals from the military, industry and academia launched into the final day of the NetWars Tournament of Champions, Monday.

NetWars is a suite of interactive learning scenarios designed to provide training and assess the cyber proficiencies of personnel, according to the SANS Institute, the organization responsible for the competition. Individual and team competitors that won other NetWars event over the past two years were invited to the final tournament in Washington, D.C.

“We have organized the NetWars Tournament of Champions for about six years now,” said Ed Skoudis, the creator of NetWars. “The idea was to bring together the ‘best of the best,’ and have them compete in a fun … but competitive [environment.] This year is our biggest Tournament of Champions ever,” he said.

The Army was represented well during this year’s NetWars competition, said Matthew O’Rouke, an intelligence specialist with the 782nd Military Intelligence Battalion (Cyber) at Fort Gordon, Georgia.

As the team captain of “Nation_State_Alchemy,” O’Rouke was joined by Sgt. Andrew Beat, a cyber-operations specialist assigned to the 782nd MI Bn., and Carl Peterson, Chris Maloney, and Neil Klissus, Department of Defense civilians within the U.S. Cyber Command community.

During the competition, O’Rouke and his team huddled over their laptops as they launched a series of attacks or bolstered their defenses during the “castle versus castle,” part of the competition, also known as “level five.” Teams had three hours to increase their scores from the previous day of competition.

The day prior, Nation_State_Alchemy quickly sailed thought the first four levels of the competition to be amongst the first to reach level five. The initial stages included a series of cyber-related exercises that increased in difficulty and corresponded with a fictional-based scenario, O’Rouke said.

At level five, participants set up and managed their “castle” — a virtual server — during a capture-the-flag-type competition, O’Rouke said. In each castle, teams managed four Linux- and four Windows-based services, which included a “digital-text string,” known as their flag.

After they set up their castle, teams could then attack another team’s services and take down an enemy’s flag, put up their flag, or even take down a team’s services altogether.

“Ideally you want to automate as much as possible and get your services set up and automatically defended,” Peterson said. “Then you want to get your attacks set up and get them firing automatically against another team’s systems.”

NetWars scoring servers periodically check the status of each castle. Teams are awarded points based on their uptime or the number of flags the team has across the online play space.

Ultimately, Beat said, NetWars turns into this giant “cyber-knife fight.” Teams try to maintain a 100% uptime by defending their castle, as they branch off to try and take over another team’s services.

“There is certainly a potential upside to aggressive play; however, defense is easier to maintain,” Peterson said.

In this competition, understanding how a team exploited a system can provide an ample opportunity to build a proper defense, O’Rouke added. Further, a team can leverage a known weakness to breach another team’s system.

“Attribution is a challenge, just like in the operational environment,” Peterson said. “Based on the types of attacks we are seeing and the data they leave behind — their flag — we can start to associate each of these attacks with different threat actors.”

Through it all, NetWars provided teams an opportunity to practice their techniques, tactics, and procedures in an open-source competition against a real and thinking adversary, Beat said.

“Ten years ago, we started NetWars — and no offense, the U.S. military personnel just did OK,” Skoudis said. “This is U.S. military, and we face some significant adversaries — OK is just not good enough.

“Now, whenever we run a NetWars event, whether it’s the Tournament of Champions or anything else, the U.S. military is well represented among the winners,” he added. “I do think that shows the investment in those skills is paying off, and cyberspace is a dangerous place, and we need our military forces to be ready to defend the country.”

In total, around 500 people participated in this year’s tournament, in varying levels of competition. Nation_State_Alchemy placed third in the event and is planning to apply the lessons learned in future contests. A second joint-Army team, Whiskey_Business, placed fourth in the tournament.

“One big takeaway: no matter how hard you defend, the attackers will go after the weakest link,” Peterson said. “The teams we were up against didn’t focus on us. They focused on the less prepared teams in the play space.”

SERVICES CUP

As Nation_State_Alchemy and Whiskey_Business competed in the Tournament of Champions division, the team “Crabby_Patties,” led by Capt. Michael Milbank, represented the overall Army in the 2019 NetWars Services Cup competition.

Milbank joined other members of the U.S. Army Cyber Command’s Cyber Protection Brigade out of either Fort Gordon or Fort Meade, Maryland, including Capt. Braxton Musgrove, Chief Warrant Officers 2 Michael Edie and Michael Shue, Warrant Officer Christopher Watson, and Staff Sgt. Buffye Battle.

“Being placed in a contested environment with actual adversaries offers us a chance to test new strategies, enhance our tactics, and rehearse our procedures so that we are more effective and adaptive in real-world scenarios,” Milbank said. “Our team is incredibly thankful to SANS for putting together this competition and thankful to the Army for providing the training and opportunity to allow us to be successful.”

Teams representing the Navy, Air Force, the Marine Corps, Coast Guard and National Guard also participated in this year’s competition. The Air Force was the overall winner, followed by the Navy and Coast Guard, respectively.

“The [services] are always competing with each other for fun, so we decided to have a commander’s cup for cyber,” said Daryl Gilbertson, SANS DOD national account manager “The cup travels with the winning team … and it gives the [cyber team] some notoriety. Their names are actually engraved on it … it’s a big deal.”

WEST POINT

Cadets from the Army Cyber Institute at West Point, New York, also participated in this year’s Tournament of Champions. Joining the cadets was their instructor, Capt. Daniel Hawthore, an assistant professor and deputy at the Cyber Research Center, who placed third overall as a first-time solo player.

West Point qualified for this year’s event by beating the other academies during a SANS training event and tournament last spring, Hawthorne said. The team pressed hard and broke into level four before the close of the competition.

“Anybody who sat in one of my classes will tell you I’m very passionate about the field,” Hawthorne said. “I’m watching these cadets take off. They’re going to go further than I have.”

By Devon L. Suits, Army News Service

National Guard Disrupts Cyberattacks Across US

Wednesday, November 20th, 2019

WASHINGTON — The National Guard is ready to mobilize its cyberdefenses in case of a potentially devastating domestic attack.

“When I first joined the National Guard, cyber was not part of our vocabulary, but certainly now it is one of our daily battlegrounds,” said Air Force Gen. Joseph L. Lengyel. “Our adversaries and non-state actors use cyber activity to target personnel, commercial and government infrastructure and the effects can be devastating.”

Lengyel, chief of the National Guard Bureau, talked about the Guard’s cybermissions and capabilities during a media roundtable on Nov. 5 at the Pentagon.

Lengyel said cyberattacks have occurred at both the federal and state levels.

Earlier this year, a number of school districts and agencies in Louisiana and Texas suffered ransomware attacks. Ransomware is a type of malicious software designed to block access to a computer system until a ransom is paid.

With the help of the Guard, schools opened on time and agencies were able to get back to work, Lengyel said.

“[Ransomware] is obviously a new and emerging kind of enterprise. We are able to access superb civilians and skill sets, and they can bring capabilities that the military sometimes does not have,” Lengyel noted.

In Texas, 22 counties were attacked with ransomware during June, disrupting local service, said Army Maj. Gen. Tracy R. Norris of the Texas National Guard.

Norris said Texas’ department of emergency management called the Guard, and officials assessed the attacks with a team of Guard soldiers and airmen.

“It was a joint team that went out to assess [the damage],” she said. “From there, they picked different places to go [in] the counties for the recovery process. We thought it was bad in the beginning, and it couldn’t have been much worse.”

“We already had a team in place and sent them out to assess, and we then aligned the team [based on] what the assessment showed,” Norris said.

Lengyel said the Illinois Guard is forming a cyber task force to assist the state of Illinois, as the need arises.

The Illinois task force will involve Guard soldiers and airmen performing cyber, information technology and other military functions.

Indiana recently started a cyber battalion, and personnel will be trained to military standards for use in a domestic response capacity if they need to be, Lengyel said.

“So, this will be part of the cyber mission force that will be part of the Army mission that, if needed, can be federalized and mobilized to do cyber activity for the U.S. Army or the U.S. Cyber Command,” Lengyel said. “And when they’re not mobilized, we can do our homeland mission.”

Lengyel said many of these Guard members have cyber-related civilian jobs. He said it’s an example of how the varied skill sets of Guard members contribute to national defense.

“They can do things working in national defense they can’t do in their civilian careers,” he said of Guard members.

Other attendees included vice director of domestic operations, National Guard Bureau; National Guard adjutant generals from Washington and Illinois; and the National Guard advisor to the commander of U.S. Cyber Command.

Story by Terri Moon Cronk, Defense.gov

Photos by U.S. Air Force Staff Sgt. Jonathon Alderman, Wyoming Air National Guard and U.S. Army National Guard Staff Sgt. Brendan Stephens, North Carolina National Guard

TacJobs – The Ranger MI Bn

Thursday, November 14th, 2019

In addition to Military Intelligence in each of the Ranger Battalions and Regimental headquarters, the 75th has a dedicated Military Intelligence Battalion at Fort Benning.

Netline Strengthens Its Presence In Asia-Pacific With A New Contract To Protect Head-Of-State Convoy

Wednesday, November 13th, 2019

The company has also secured follow-on orders worth $8 million to supply its C-IED system, the C-Guard RJ, in both portable & vehicular configurations, to a state police force in Asia.

November 11, 2019 – Netline Communications Technologies Ltd. – a leading developer and manufacturer of high-end electronic warfare and spectrum dominance solutions – is strengthening its presence in the APAC region, with several new contracts recently signed in this market.

One significant contract is a program to provide the C-Guard Reactive Jamming (RJ) Vehicular System, a vehicle-installed system that provides counter-IED (improvised explosive device) protection, to head-of-state motorcades in a Southeast Asian country. This unique solution both detects the threat and provides an immediate response, preventing remote detonation of radio controlled IEDs by transmitting jamming signals around the entire convoy. The system will be delivered by the end of the year.

Other contracts signed by Netline include follow-on orders for the supply of both vehicular and ManPack (MP) C-IED systems, to a state police force in Asia. In its MP configuration, C-Guard RJ is carried by frontline forces in a single backpack unit, preventing attempts to activate IEDs around tactical forces when on the move.  

IEDs, such as roadside bombs, are activated by radio-controlled devices (cell phones, walkie talkie, etc.), and have become a common threat in today’s asymmetric warfare, as they are easy to make. Delivering benefits that include superior reactive jamming capabilities, wide coverage, simple operation by ground forces within a specific radius, and compliance with a wide range of Mil-STDs and radiation safety regulations, Netline’s C-Guard family of reactive jamming systems provide a real-time counter-IED solution.

“We are pleased to further establish our presence in Asia, both with new contracts and business, and by securing follow-on orders from existing customers,” says Yallon Bahat, CEO of Netline. “Both our new and repeat orders are an indication of our customers’ satisfaction with Netline’s technology and products. We appreciate the cooperation with the different security agencies in these countries and believe this cooperation will be extended to additional future projects, enabling our customer to align their EW security strategy with the rapidly evolving threats, by using Netline’s high-end, advanced EW technology.”

www.netlinetech.com

TacJobs – Navy Information Warfare

Sunday, October 27th, 2019

Air Combat Command Discusses 16th Air Force as New Information Warfare NAF

Saturday, September 21st, 2019

JOINT BASE LANGLEY-EUSTIS, Va. (AFNS) —

Gen. Mike Holmes, Air Combat Command commander, discussed the designation of the 16th Air Force as a new information warfare numbered air force Sept. 18 at the Air Force Association’s Air, Space & Cyber Conference in National Harbor.

ACC will integrate 24th Air Force and 25th Air Force capabilities into a new organization under a single commander who will be responsible for providing information warfare capabilities to combatant commanders with the speed to match today’s technological environment.

“By having cyber and all the intelligence, surveillance and reconnaissance tools together, one of the things it allows me to do is build a collection plan in advance before I do something and am able to have better information to support better decisions for our warfighters,” he said. “The Air Force is not going to run independent information warfare campaigns, but we’ll build those, organize, train and equip tools for combatant commanders.”

The heritage of 16th Air Force pays tribute to a group of highly decorated Airmen with a history of continued excellence in joint warfighting, strategic deterrence and military partnerships. During the Balkans air campaigns in the 1990s, the 16th Air Force pioneered efforts in the way the Air Force conducts intelligence operations, setting the foundation for operating in a continuously evolving information environment.

“We want to arm our leaders with options they can use that are proportional to the things that peer adversaries are doing,” he said. “We think we can present more robust teams with better intelligence support behind them and present some information ops options, which we have some game at already, but to improve that and be able to offer it on a larger scale to more combatant commanders at once.”

Activating 16th Air Force emphasizes the organization’s continued excellence in addition to its early use of integrated information systems and emerging technologies, such as remotely piloted aircraft. Just as the 16th Air Force made history bedding down the RQ-1 Predator at Taszar, Hungary, to provide enhanced ISR capabilities in the Balkans, it will soon make history again in the expanding arena of information warfare.

“The activation of 16th (Air Force) will synchronize the mission areas of ISR, electronic warfare, cyber and information operations capabilities,” said Holmes. “This integrated capability will provide multi-domain options to component and combatant commanders around the globe.”

The 16th Air Force will be located at Joint Base San Antonio-Lackland, Texas, where ACC will hold an activation ceremony later this year.

By Staff Reports, Air Combat Command Public Affairs

Army Cyber Leaders Talk Workforce Strategies, Talent Management

Wednesday, September 18th, 2019

WASHINGTON — The military is doing a great job recruiting cyber talent into military and civilian service, but retention is more difficult, said the deputy assistant secretary of defense for cyber policy said at the Billington Cybersecurity Summit in Washington.

“We have people lined up out the door that are ready to come onboard and do the mission, whether it’s cyber operations or traditional cybersecurity,” Burke E. “Ed” Wilson said at last week’s event.

Wilson said Congress gave the military some unique authorities that have helped in hiring qualified civilians.

“This has allowed us to hire with more agility based on the talent,” he said. “That’s been a big win, and we’ve seen very good results over the last 18 months.”

But the challenge is retention. “Clearly, we don’t do well on salary in the military, but we’ve been able to handle that with bonuses,” Wilson said, adding that the strategy is working well, except in some niche areas.

John “Jack” Wilmer, the Defense Department’s deputy chief information officer for cybersecurity and chief information security officer, said young people are attracted to the military because it has a “cool mission.” To keep them, the military provides them with some really great training opportunities, he said.

Cyber games, for example, allow them to go toe-to-toe with some of the best cyber warriors from other countries, he said. “We try to incentivize people and connect them with opportunities,” he added.

Army Lt. Gen. Stephen Fogarty, commander of Army Cyber Command, said another way to incentivize the workforce while solving difficult cyber problems is to organize the cyber workforce into teams.

Teams can be made up of people who are experts at electronic warfare, information operations, intelligence, developers, malware analysts and other specialties based on the type of operation they’re engaged in, he said.

The teams can extend outside the U.S. military and include foreign military partners, commercial vendors and academia, Fogarty said.

“We very rarely act without a consortium of partners. I can’t think of a single operation that didn’t include multiple partners,” he said. “Young people reach out to their peers and build their own networks. They’re very successful at building these ad hoc relationships, and they get after the mission.”

By David Vergun, Defense.gov

Rohde & Schwarz at DSEI: Information Superiority, Situational Awareness and Spectrum Dominance

Monday, September 9th, 2019

Rohde & Schwarz demonstrates tactical and strategic intelligence and digital communications sovereignty, as a systems partner and integrator for planning, developing, manufacturing and implementing secure communications architectures and monitoring networks. The privately owned company showcases an innovative portfolio of interoperable, high-performance solutions for deployment on land, in the air and at sea.

London, September 9, 2019 – At this year’s DSEi, taking place in London, Great Britain from 10 to 13 September 2019, Rohde & Schwarz pushes information superiority, situational awareness and spectrum dominance to the next level, presenting its full technology portfolio on booth S1-350. Showcased are EW/SIGINT (electronic warfare/signals intelligence) systems, integrated communications on the high seas, on land and in the air, networked encryption devices and test and measurement solutions for radar and EW, alongside counter-UAS systems.

Rohde & Schwarz will showcase its operationally proven NAVICS integrated communications system for internal and SOVERON for external communications on all classes of ships. Relying on commercial IT technology to a large extent, the system is especially cost-effective, and its modern graphical user interface (GUI) makes it intuitive to operate. The system is fully IP based, allowing the integration of further communications services such as Voice-over-IP (VoIP), broadcast, alarm functions and shipborne telephone systems. Rohde & Schwarz will equip the Royal Navy’s Type 26 Global Combat Ship with an integrated communications system, built around the NAVICS, under a contract from BAE Systems, covering both internal and external communications.

As a leading supplier of EW/SIGINT solutions, Rohde & Schwarz is THE One-Stop Shop for reliable and field-proven EW, offering an exceptional portfolio and comprehensive functionality. In London, the company will showcase advanced EW systems for enhancing the situational awareness during operations in the field. The presented ELINT system features components of next generation ELINT intercept solutions that have been established on the market for years. The core component is a new 8-channel wideband ELINT concept, with 2GHz bandwidth, collecting and analyzing modern LPI signals and likewise legacy radar emissions. Exhibits also include a cellular network analysis system for supporting reconnaissance missions with focus on non-military communications. Moreover, Rohde & Schwarz will present a counter-UAS solution that provides reliable drone detection and countering capabilities even under challenging signal scenarios. The modular and scalable systems can be deployed on a variety of platforms and are in operation in the field several dozen times.

With its expertise in test and measurement, Rohde & Schwarz is also a leading provider of dedicated test solutions that help developers and engineers address the latest challenges in advanced radar and EW system design. At DSEI, the company will showcase its state of the art solutions for testing multifunctional radar systems, radar warning receivers and deceptive jammers/DRFM.

Addressing land-based platform requirements, SOVERON provides government customers with a secure, high-performance network architecture based on state-of-the-art hardware and software. SOVERON creates technological independence, scalable and modular according to customer requirements thus enabling digital sovereignty. As key components of the SOVERON architecture, Rohde & Schwarz presents its innovative SOVERON software defined radios (SDR) for tactical and airborne communications scenarios. For these SDRs, the company has designed high data rate, anti-jam waveforms to match diverse mission requirements. For every communications scenario, users can select the waveform and encryption that best suit their requirements in terms of range, data rate and jam resistance.

Furthermore, Rohde & Schwarz displays a broad range of hardware and software products to effectively protect networks and critical infrastructures against attacks. These encryption solutions protect authorities, organizations and enterprises against espionage and data manipulation. The Rohde & Schwarz network encryption devices are approved by the German Federal Office for Information Security (BSI) and can be used flexibly with many stationary and mobile applications.

www.rohde-schwarz.com