Cyber Lightning sparks virtual awareness

  • Published
  • By Airman Beth Kobily
  • 911th Airlift Wing Public Affairs

 “Was it worth the trip?”

This question was asked by Master Sgt. Robert Beveridge, computer systems operator with the 910th Airlift Wing and software engineer at Carnegie Mellon University to a classroom full of communications Airmen.

The answer was a unanimous yes.

Communications Airmen from the 911th Airlift Wing, the 910th AW and the 171st Air Refueling Wing came together at CMU Wednesday, May 18th, 2016, to use their annual training days in an innovative way. The cyber security exercise, dubbed Cyber Lightning, was coordinated by Beveridge and two of his CMU colleagues, Captain Geoffrey Dobson, officer in charge of cyber assurance with the 911th AW, and Tech. Sgt. Jonathan Frederick, network administrator with the 171st ARW.

This exercise was the first of its kind, according to Dobson. A unique aspect of Cyber Lightning was how it incorporated not only members of different bases, but a mixture of Reservists and Guardsmen.

“We all have to go through cyber training,” said Beveridge. “Throughout this career we learn about how to maintain and operate our fixed base communications. What we don’t do well is learn about cyber threats. You hear about it in the news, things getting stolen, and breaches happening. What we want to do is to give some training on that.”

Dobson, Beveridge and Frederick work at the CERT division of the Software Engineering Institute at CMU, an organization which has worked with the Department of Defense to increase global situational awareness and address threats to the DOD network. Their simulation, training, and exercise platform program was used for the exercise.

CERT was able to provide a convincing emulation of the internet, even customizing some network environments that are used on military bases. Ed Desautels, writer and editor with the public relations department of the Software Engineering Institute, said that the use of some of these systems on base are contracted to civilians, but a better understanding of them by the military members could help ease communication between Airmen and contractors.

Cyber Lightning was broken down into three days to give Airmen useful skills, knowledge and experience in dealing with cyber threats to take back to their host units.

The first day was a lecture bringing them up to speed on some of the tools and technology that would be used in later parts of the exercise. The Airmen were quizzed on that information on the second day.

Airmen put the skills and knowledge introduced in the first two days to the test by finding injections, launched or activated malware within a network, in a gaming-like environment during the final day of Cyber Lightning.

“The exercise was 31 malicious code injections into the network,” said Tech. Sgt. Jared Korby, NCO in charge of the Communications Focal Point assigned to the 910th Communications Squadron. “We had to identify them and answer the questions of how we did it and what the vulnerabilities were.”

Korby said that the simulated injections exposed during the exercise were all vulnerabilities that had been found and corrected in real computer networks. This included situations varying from malware to offshore hackers.

While the content of the exercise simulated real-world scenarios, a challenge for the team was to add the intensity of a real-world attack to the exercise. The solution was to make the exercise itself a challenge. Each base collected points throughout the three days, and the base with the most points at the end was deemed the winner.

“In the real world you have deadlines, timelines and the pressure of getting the job done,” said Beveridge. “The competition gives them an element of having to get the job done under pressure.”

Senior Airman Alexis Thomas, client systems technician assigned to the 171st ARW and management information systems major at the Indiana University of Pennsylvania, said the exercise made her aware of how fast and diligent she was working. She hopes the exercise is held again next year but would like the training to be longer, with time to go more in depth on topics mentioned in the first two days.

Beveridge said that participant surveys will affect changes for future exercises, but the team would like to see the program expand in the future. He would like to see base communications units, cyber protection units and active duty members from all services in the classroom next year.

Brian Barnes, system administrator with the 911th Communications Squadron, agrees that the training was worth the trip. He said the class was a great environment to be in and that it was an honor to be at CMU.

“We’re really just starting to understand this,” said Barnes. “But if we were able to do this more often, we would be able to make better use of this experience. We’ll be able to use these tools to sharpen our skills and make us the tip of the spear.”