CAMP WILLIAMS, Utah — The largest Department of Defense declassified training on cyber-warfare, titled Cyber Shield, is underway at Camp Williams in Utah.
“What we are doing here at Cyber Shield is giving our soldiers real world experience,” said Lt. Col. Brad Rhodes, the officer-in-charge of the operation.
The massive event involves hundreds of soldiers, as well as thousands of hours to plan the two week-long event.
Rhodes says the main reason behind the exercises is “so we can make mistakes on the range and not make those mistakes in real life.”
Soldiers are separated out into a Red, White, and Blue team.
Blue team members are mimicking the real role of the U.S. Army National Guard in a cyber-attack. In cells across the country, the Blue teams are paired up with a civilian company, local agency or infrastructure whose system will be the simulated “target” of the attackers.
The job of the Blue team is to “plug the hole” of data coming out then make sure it doesn’t happen again.
The White team or cell is stationed in a command center at Camp Williams, with its job to look at the Blue team's actions and be a referee or judge in the cyber battles.
Lt. Col. Rhodes explained the White team's purpose to be “so we can go and say at the end of it, here’s a report: here’s what you did good here’s what you did bad and here is where you can improve.”
While the Blue and White teams would be seen as the “good guys,” the Red team is composed of the "bad guys."
“The Red team is doing all the attacking activity," said George Battistelli, director of Cyber Shield 2021.
In a dimly lit room away from the large White team sits the Red team, comparatively much smaller than the others, but the skull and crossbones flags let you know they are just as powerful.
Throughout the week the Red team will progressively increase their cyber-attacks on the Blue team.
Capt. Jamar Williams, who created the virtual environment for Cyber Shield 2021, walked through the attacks and admitted they don’t want to throw everything they’ve got at the teams to overwhelm them at first, adding “these guys are true professionals in industry.”
“Everybody gets a week of training," said Lt. Col. Rhodes. "Then we put them on our range to get cyber bullets shot at them by our world class amazing opposing force our red team.”
While this might seem like a similar plot to the movie "War Games," it has a very serious purpose to defend against other countries or state actors that are gearing up for attacks.
“Depending on what you read, China has about 50 to 100 thousand cyber-operators they are building capacity right now to attack,” said Lt. Col. Rhodes. “We need to have the same capacity.”
The Red team’s attacks aren’t chosen at random, as manycome from real life examples of cyber attacks or use the same methods to trigger problems.
Battistelli was the incident commander on the Solarwinds Data breach, and Rhodes worked on the Centennial Pipeline incident.
“We took some lessons from that and said we need to push these into Cyber Shield,” said Battistelli.
Ultimately Capt. Williams summed the gravity and importance of what these troops are doing best by saying, “when we simulate these attacks, we are not only making ourselves better, but the nation better as well.”