Cyber Protection Squads Engage in Friendly Competitions as They Sharpen Skills to Safeguard NRO Data
Bringing the Heat in Cyber Warfare: Delta 26's Cyber Training Exercises
By Tech-SavvyDefending the National Reconnaissance Office from cyber threats and online espionage isn't a walk in the park, but that's just what Delta 26, the Space Force unit, is empowered to do. In a bid to improve their game, they have taken things a step further, staging competitive training exercises - a portion of which was outsourced to a private sector cyber range.
Recently, at a cybersecurity conference for the space and satellite sector, Col. Erica Mitchell of Space Training and Readiness Command shed some light on their gaming tactics. With their own cyber range still under development, the team had to rely on commercial resources, which made for a more generic exercise in defending an enterprise network rather than specifically tackling the NRO. In these games, five teams, each representing one of Delta 26's five squadrons, competed over four days.
Held in January and August, these contests, dubbed Cyber Spartan 24-1 and 24-2, represented the "crawl" phase in Delta 26's progression, according to Mitchell. STARCOM even issued a press release on the first one in March, but the second contest remained unreported until now.
For Mitchell, the competitions were a resounding success, despite some technical issues with the range. The biggest takeaway? The necessity to prepare for multiple attack vectors across various locations, not all targeting the same area with the same type of attack.
A Taste of the Private Sector's Gaming World
Both Cyber Spartan events featured a Capture-the-Flag (CTF) component, organized by a private sector provider, Hack The Box. CTFs are long-standing traditions in the private sector, where teams test their IT network knowledge and vulnerabilities to locate and gather pieces of computer code called flags. Unlike in traditional CTFs, teams in Cyber Spartan didn't attack each other's systems directly.
Acting as the exercise director, Maj. Ryan Galaz explained that CTFs are an effective way of assessing cyber skills. The events were educational opportunities for operators to quickly understand and report on attacks, a highly important skill in the dynamic and fast-paced world of cyber warfare.
The Art of Battle in the Digital Arena
Both competitions also included a blue team element, in which each team was responsible for defending a network under attack and reporting their findings as promptly as possible. Each team experienced six attacks, with just 30 minutes on the clock to figure out the nature of each attack.
"Our objective," explained Galaz, "was not only to test an operator's ability to correctly assess an attack, but to test their speed, as situations can get chaotic and confusing in a real battlefield."
Teams were mere bystanders, competing against the clock and themselves rather than each other directly. This was what Mitchell referred to as "parallel play," where teams worked alongside each other rather than engaging with one another.
The final leg of Cyber Spartan 24-2 included another simulated attack, designed to help teams work in harmony to respond to an adversary's onslaught. This exercise tested the teams' ability to collaborate effectively to combat a sustained attack from a determined enemy.
Galaz aimed to create an environment that resembled the confusion and chaos typical of real conflict: "The moment the first contact is made with the enemy, our plans won't stand a chance. These teams have to continue to adapt and evolve."
Evolving the Art of War
The eventual goal is to weave the different elements of the exercise together, creating a more realistic war simulation. In these future simulations, squadrons could start with separate battles, but the final battle would be a collective effort to mirror a real-world scenario.
Both competitions were won by the Delta's 661st Cyber Operations Squadron. "They outperformed themselves," Mitchell said. While the blue team contest was tight, the 661 team stood out in the CTF, outmaneuvering all the other teams. The second time around, however, things were much closer.
Planners are already planning next year's Cyber Spartan event, with a focus on creating fresh, engaging challenges that keep operators focused and learning.
The Cyber Universe
Enrichment Data:In essence, Cyber Spartan is part of the U.S. Space Force's ongoing efforts to strengthen its cybersecurity capabilities and improve its defenses against cyber threats, particularly in the context of protecting critical space systems and infrastructure. The competition-based approach to training helps prepare teams for the real-world complexity of cyber warfare. It also fosters teamwork, collaboration, and rapid decision-making in fast-paced, chaotic environments. The incorporation of elements such as Capture-the-Flag (CTF) events and blue team exercises is common in cybersecurity training and helps assess and improve operators' skills in a pressurized setting. The aim is to develop cyberwarriors who are adaptable, resourceful, and ready to counteradvances in attack methods and cyber techniques that threaten national security.
- The Space Force's Delta 26 conducted cyber training exercises, such as the Cyber Spartan series, utilizing both public and private sector resources, like Hack The Box, to fortify their cybersecurity capabilities against space and satellite-related threats.
- To simulate the multifaceted nature of cyber warfare, these exercises included a Capture-the-Flag (CTF) component, where teams worked to locate and report cybersecurity vulnerabilities in a digital environment, thereby preparing for various attack vectors across diverse locations.
- As part of these simulation competitions, teams faced simulated attacks, collaborated under pressure, and learned to adapt their response strategies in a fast-paced, ever-changing digital battlefield, with the goal of cultivating cyber warriors capable of countering advanced threats to national security.
