by Sean Gallagher
|Gregory Fresnais, trains participants in Pacific Endeavor 2012's cyber exercise on the BreakingPoint cyber-range. Courtesy of Ixia
In August, a collection of military, government and nongovernmental humanitarian organizations from 22 countries in the Pacific gathered in Singapore for Pacific Endeavor 2012, a joint exercise to test how quickly and how well they could communicate in the face of a disaster. While the simulated mission was peaceful, some of the participants were put through a separate, more hostile test — Cyber Endeavor, a full-on "live fire" cyberwarfare exercise focused on "protecting information in a collaborative environment, "with both innocent bystanders and hostile attackers."
The battle was fought on a closed "cyber range," a network designed to put network security teams through their paces and expose them to the most up-to-date exploits and attack methods available to hackers in the real world. Using BreakingPoint FireStorm network security testing appliances from Ixia, two teams created test traffic against the "Blue Team" defenders in the exercise. A "Green" team created normal, benign application traffic against the network's infrastructure, and a "Red" team that staged attacks drawn from a library of up-to-date vulnerabilities and exploits, using simulated botnets, real malware, and malformed packets designed to stress network infrastructure.
The Defense Department has invested heavily in cyber-ranges, including DARPA's multimillion dollar effort to build a National Cyber Range, a project now in the process of being transferred to U.S. Cyber Command. The NCR's goal was to create a secure, self-contained network facility that could be set up to emulate both internal Defense Department networks and commercial networks for evaluating and certifying cyberdefense tools. And the NCR isn't alone — there are several other cyber-range facilities operated by other parts of the DOD.
Source: Ars Technica