USCYBERCOM designed Cyber Flag to bring together Department of Defense cyber and information technology professionals to hone their cyber skills against a realistic adversary in a tactical virtual environment.
“Our increasing dependency on reliable and efficient network connectivity and the growing threat posed by cyber adversaries highlight the importance of practicing combined operations in defense of the DOD information infrastructure,” said Capt. Christian Mapp, 24th Air Force exercise branch chief. “As the service provider for Air Force networks, 24th Air Force participation with the other service components is critical to ensuring a synchronized and coordinated approach to DOD network defense being available and capable should the need ever arise.”
Mapp said the Air Force assembled a total force team comprised of more than 70 active duty, Reserve and Air National Guard cyber warriors from across the nation.
This year’s Cyber Flag was larger than the first Cyber Flag held in 2011 on the same cyber range. This year’s exercise saw approximately 700 participants, up from last year’s 300, and doubled the network size. All participants had a specific role to play, playing the part of a U.S. team or role-playing an adversary.
“Exercises like Cyber Flag test participants’ readiness when faced with a realistic cyber event in a stressed environment against a dynamic and skilled adversary. This was not a simple ‘capture the flag’ event,” said Col. George Lamont, director of USCYBERCOM Joint Exercises and Training.
The exercise included an opposing force whose mission was to penetrate and disrupt the computer networks of the “good guys,” or Blue Force – made up of DOD cyber service components.
Lt. Col. Jamie Maki, 24th Air Force chief of exercise and training chief, said Cyber Flag is designed to provide realistic training opportunities for a number of DOD commands to deter and, if necessary, defeat a cyber attack. Additionally, much like Red Flag is to the air world, Cyber Flag aims to give cyber operators experience with tactics, techniques and procedures of our cyber adversaries and test our own tactics, techniques and procedures. The teams were given opportunities to coordinate actions across the offensive and defensive spectrum as well as partnering with our sister services.
Despite this only being the second Cyber Flag, Maki said some of the key successes of the exercise included such efforts as the integration of cyber intelligence analysts proving invaluable to the mission planning cell, ultimately enhancing the defensive posture and virtually eliminating stovepipe efforts. Additionally, the collaboration between teams detecting cyber intrusions and first responders leveraged tactical insights and skill sets yielding greater synergy and mission effectiveness. Finally, the exercise partnered service teams with coalition partners highlighting the global nature of the cyber domain.
“Through the use of a virtual network environment, individuals supporting Cyber Flag benefited by gaining exposure to problem sets they may not normally experience in their day-to-day jobs. Furthermore the event affords the opportunity to work in concerted effort with their sister-service counterparts to operate and defend DOD networks across the full spectrum of operations against a realistic adversary,” Mapp explained.
Cyber security continues to be a priority across the government. The DOD has a critical role in developing and supporting the nation’s cyber security efforts.
“Cyber Flag highlights the interconnected nature of the DOD information infrastructure, making the key takeaway from Air Force Cyber Command’s participation in Cyber Flag the necessity to demonstrate a holistic approach for clearing the net and securing the high ground,” said Mapp.