WEST POINT—West Point cadets competed with the U.S. Naval Academy and the Royal Military Academy of Canada in the 16th annual Cyber Defense Exercise (CDX) on April 11-15 against the National Security Agency.
Cadets successfully defended their networks against the NSA to keep systems online and achieved the highest score when the competition ended.
Each military academy in the exercise was scored on their ability to maintain services, prevent and recover from security breaches, and provide forensic analysis of compromised systems.
“We built a computer network and are defending it against the NSA who is trying to attack us,” said Curtis Gardner, a senior cadet on the team. “We are only playing defense in this.”
The NSA launched attacks on the network of each military academy over a three-day period. The NSA gave each academy points on how they solved hacking attacks which was on a screen in real time.
“At any point in time, we can figure out what the score is,” Gardner said. He pointed to the screen that showed the West Point team in the lead.
Cyber Scrimmage
The team of 26 cadets provided a web server, email, and a file transfer protocol (ftp) for the users, who could be anyone from a general to a soldier using the system. Most of the team are computer science majors. Others major in information technology, electrical engineering, mechanical engineering, math, and a foreign language.
The exercise teaches students how to protect and defend the nation’s information systems. Like a scrimmage in a football game, players get experience working as a team against an opponent. A referee keeps players within the rules of the game and each team wants to win with the most points.
Several boards provided real-time information to the team. When the team found bad traffic, it was listed on the whiteboard column called Bad Actors.
Gardner said the team designed their network from scratch. “We got switches and routers from the box, brand new.”
Cadets formed five teams—monitoring, networking, systems, services, and forensics. Gardner said each team has their own tasks over the three days. Monitoring logs in all traffic and identify the biggest cyber threats.
The Networking team designed the entire system for the exercise and figured out anything new the NSA might add to their system. The NSA team added a general’s laptop to the cadet’s network. The team had to see if it was infected with any computer virus.
The systems team kept all the network’s services—email, ftp, and web server—working and secure. Gardner called Forensics the “quick reaction force” that had to solve immediate hacking attacks.
Sophomore cadet Adam Van Prooyan worked on the forensics team. He analyzed malware brought by the NSA. He said his team worked on a web app, a kind of internet chatroom, called an ARCbot (Advanced Really Cool bot) the NSA gave them, to see if it was infected.
