Military academies take on NSA in cybersecurity competition

The annual cybersecurity competition that pits teams from the nation's military academies against one from the National Security Agency began Monday at a facility of defense contractor Lockheed Martin.

Now in its eleventh year, the Cyber Defense Exercise (CDX) gives students from West Point, Annapolis and the Air Force Academy an opportunity to tackle the kind of daily challenges facing cybersecurity professionals.

They'll be detecting intruders, eradicating malware and adapting to increasingly sophisticated and dynamic adversaries.

Lockheed Martin coordinates CDX with the NSA. The defense contractor, which provides cybersecurity technology to the spy agency, sets up a private network for the exercise, which links all the academies with Lockheed's facility, in Hanover, Md.

The company also provides technical support for CDX preparation and execution.

Exercises like CDX allow students to get a feel for what it's like to be under attack, said Bill Stackpole, an associate professor who teaches network security at the Rochester Institute of Technology. He also coaches RIT's team that competes in the Collegiate Cyber Defense Competition (CCDC), which is an intercollegiate version of the CDX.

"If you were a boxer, and you never stepped into the ring before and Mohamed Ali or Mike Tyson gave you a couple of pops, it would be difficult for you to defend yourself had you never had any practice," he told CSO. "These competitions give you practice on the receiving end."

Cybersecurity competitions typically have a "red" team that act as adversaries for the students defending their networks.

[Also see: DHS eye kindergarten for next generation of cyberscurity pros]

In CDX, the NSA provides the red team. "The NSA is out there pretending to be the bad guys," CCDC Director Dwayne Williams said in an interview. "Their job is to break into each of the military academy's teams' network, steal information from them, shut down their services, degrade their capabilities -- that sort of thing."

Both the CCDC and CDX competitions focus on similar skills, he continued. They include working in a team, securing and defending a network and hands on practical experience that can't be had in a classroom or lab environment.

However, the attacker profile of the red team in CDX is a little different from the one on the collegiate level. "In the CDX, they're far more likely to concentrate on the attacker being an opposing nation-state or a terrorist organization," Williams said.

"Within CCDC, we don't put a face or name on the attackers. It's just the bad guys. They could be organized crime, a rival company or a rogue nation state," he said.

However, he added, the attack tools are the same -- probe the network, scan the network, break into the network, put in backdoors, steal information, set up dummy accounts and disrupt capabilities.

One drawback to cybersecurity competitions is that they're not terribly realistic, contended Stackpole. "The time frame is very limited," he said. "That requires those who are trying to break into the infrastructure a little more overt and little less covert."

"If this were an actual player -- someone really interested in breaking into your infrastructure -- the chance of them being 'loud' if they're trying to remain undetected is very low," he said.

Realism is less important for these kinds of exercises than communication, contended security guru and author Bruce Schneier. "The goal isn't be realistic; the goal is to be an exercise," he said in an interview. "I'm glad they're doing it. This is how we learn stuff."

"The fact that they're talking to each other is great," Schneier said.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Join the CSO newsletter!

Error: Please check your email address.

Tags National Security AgencyapplicationsData Protection | Malwarensalegalsoftwarelockheed martindata protectioncybercrime

More about BillCSOLockheed MartinNational Security AgencyNSATechnologyWest

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts