'Red Cell' challenges cyber warriors in combined exercise

By Sgt. Michael GilesAugust 3, 2017

'Red Cell' challenges cyber warriors in combined exercise
Members of the Army and Air National Guard and Army Reserve, as well as civilian experts in information technology, prepare to engage as the opposing force, or 'Red Cell' for exercise Cyber Shield 17, at Camp Williams, Utah, April 26, 2017. Cyber Shi... (Photo Credit: U.S. Army) VIEW ORIGINAL

Air Force Capt. Joshua Montgomery isn't a criminal, but he plays one as part of his duties. He's a member of an Air National Guard team that tests cyber defenses.

"It's the best job in the military," he said. "We get to break things. We get to go and do all of the things that would send you to jail in the real world. It's fantastic."

As a member of the 177th Information Aggressor Squadron at McConnell Air Force Base in Kansas, Montgomery tests cyber defense capabilities by attempting to hack into sensitive information systems.

"The idea of an information aggressor squadron is to understand the tactics that real-world adversaries like hackers and corporate espionage agents use," he explained. He then uses that understanding to find network vulnerabilities that can be exploited.

Montgomery is putting his hacking skills to use as a member of the "Red Cell" during Cyber Shield 17, a cyber defense exercise at Camp Williams, Utah, that began April 24 and continues until May 5.

Cyber Shield 17 is a National Guard and U.S. Army Reserve event that begins with a week of training and preparation and culminates in scenario-based cyber role-playing. It is the sixth iteration of the exercise, which began in 2012 and trains members of the Army and Air National Guard and Army Reserve, as well as civilians who work in law enforcement, intelligence and information technology agencies.

Participants each belong to one of several cells for the exercise. Red Cell members play the role of adversary hackers, while the Blue Cell attempts to defend the network against Red Cell attacks. Members of the Gold Cell support the Blue Cell with coaching and mentorship, while White Cell members evaluate the Blue Cell's performance.

As Red Cell members prepare to break into Blue Cell systems, the defenders prepare for an experience that Blue Cell leader Army Maj. Kevin T. Mamula predicts will push them to their limits.

"The Blue teams will be challenged to their breaking points by design," said Mamula, who also works as the cyber network defense team lead for Ohio. "They will be stressed and frustrated and mad. But they will come out as a much more effective team."

Exercise participants emphasized that the threat that cyberattacks pose make this kind of challenging training crucial.

"Cyber threats are real," said Army Capt. Joshua Hull from the Nebraska Joint Force Headquarters, who serves as assistant leader for the Nebraska Blue Team in Cyber Shield 17. "They are already all around us, and they affect every aspect of our daily interactions."

Hull said he is confident his team will be able to succeed in warding off Red Cell attacks, thanks to their collaborative efforts.

"We have very good team cohesion," Hull said. "We have a very good flow of information, and we've pulled our best and brightest. They have a good understanding of how network operations work."

As Blue Cell fights an uphill battle in cyber terrain, they will have the Gold Cell's support. Army Lt. Col. Brad Rhodes, Gold Cell leader and commander of the Colorado Army National Guard's Cyber Protection Team 174, said his team will provide coaching and mentorship to help the Blue Cell learn and succeed.

"Our goal is that when the Blue teams walk out of the door, they are feeling better about themselves and are more successful than when they first got here," Rhodes said.

Red Cell leader Air Force Maj. Michael Ehrstein, who supervises the 177th Information Aggressor Squadron, said that Cyber Shield 17 fosters collaboration and learning by putting people of different backgrounds and levels of skill together.

"People who've never done this before get one-on-one dedicated interactions with individuals who've been doing this [for] 15-plus years," Ehrstein said. "We are able to bring together experts from [the Defense Department], the government and the civilian world in one place and share that diverse perspective on cyberspace."

The attackers are learning from their efforts in the exercise as well.

"I'm very excited about being on a Red team," said Flo R. Bayer, a security analyst with the State of Wisconsin Department of Enterprise Technologies. "To see how hackers do things, their methodologies, will help me be better at defending the networks."

"You don't get an opportunity to learn from a group of people like this often, to apply this skill set often," said Adam Hellmers, an electrical engineer with Radiance Technologies. "It's a chance to develop higher skills and to further enhance your own self, your company's self and the national interests."

Related Links:

National Guard

U.S. Army Reserve