Pages

28 July 2019

What happened at the military’s biggest cyber training exercise to date

By: Mark Pomerleau   

When soldiers are preparing to deploy, they head to the Army’s National Training Center at Fort Irwin in California. There, they can replicate an entire campaign during a two-week rotation against a world class force.

But in the cyber world, no such training environment exists. That means cyber forces train in ad hoc cyber ranges and are limited by the number of teams that can dial in. Moreover, there is no space to rehearse for an upcoming mission.

The Persistent Cyber Training Environment (PCTE), managed by the Army, seeks to change all of that. PCTE is an online client in which members of U.S. Cyber Command’s cyber mission force can log on from anywhere in the world for training, either of individuals or of groups, and to rehearse missions.

Working through the agile development process, the Army is not sure what the finial vision for the persistent cyber training environment will look like.

In June, the program underwent its biggest test to date, working with cyber warriors from across several time zones during an exercise created by the Navy, to get the system ready for primetime.

Making sense of Cyber Forge

The genesis for the June exercise, called Cyber Forge, comes from a simple fact: Navy leaders were looking for a better way to train their cyber teams.

"The pipelines that are provided at the time do not meet the demands that we need in order to keep the sailors up to speed in the cyber realm,” Chief Petty Officer Clayton Henry, told Fifth Domain during a visit to the exercise.

In addition, the current methods and tools available are inefficient, officials said.

“I wanted a better way to train my team,” said Jeff Tucker, who is part of Navy Cyber Defense Activity 64, which houses several defensive cyber teams, and designed the Cyber Forge scenario, told Fifth Domain.

To date, most cyber training exercises were a version of playing capture the flag.

“Capture the flag, [is] basically just a question-based type thing. You really have to lead teams down a path, there’s really no set path on how you do it right or wrong. While that’s nice, that’s not an effective way to train people,” Tucker said.

Navy leaders thought there could be a mutually beneficial relationship if they linked up with the PCTE team. The operational community needs to train and the PCTE team needs operational users to continue to test its prototype. As a result, officials extended invitations to Cyber Forge to the entire joint force, not just the Navy, to help test the scalability of PCTE.

“I wanted to be able to expand it out to affect more teams because my team isn’t the only one that needs extra training.,” Tucker said. “That’s how it grew.”

Cyber Forge was a created as a template inside the PCTE platform and could then be downloaded by other teams across the Department of Defense. Teams from the Army, Air Force and Navy — six teams of 10 to 15 people each — spread from Maryland, Georgia, Texas and Hawaii, participated.

The event focused on defensive cyber operations and involved teams hunting on a network to drive out an actor and then delivering a remediation plan to the network owner.

The exercise was a significant expansion from previous exercises with the PCTE .

“It’s testing it at a scale and scope that we haven’t done,” Amit Kapadia, product manager of Cyber Resiliency and Training and chief engineer at Army Program Executive Office Simulation, Training and Instrumentation, told Fifth Domain. “There’s about 150 different virtual machines times six different individual games going on so we’re gradually increasing the size and scope of this.”

No comments:

Post a Comment