Air Force Capt. Joshua Montgomery isn’t a criminal, but he plays one as part of his duties. He’s a member of an Air National Guard team that tests cyber defenses.
“It’s the best job in the military,” he said. “We get to break things. We get to go and do all of the things that would send you to jail in the real world. It’s fantastic.”
As a member of the 177th Information Aggressor Squadron at McConnell Air Force Base in Kansas, Montgomery tests cyber defense capabilities by attempting to hack into sensitive information systems.
“The idea of an information aggressor squadron is to understand the tactics that real-world adversaries like hackers and corporate espionage agents use,” he explained. He then uses that understanding to find network vulnerabilities that can be exploited.
Montgomery is putting his hacking skills to use as a member of the Red Cell during Cyber Shield 17, a cyber defense exercise that began here April 24 and continues until May 5.
Cyber Shield 17 is a National Guard and U.S. Army Reserve event that begins with a week of training and preparation and culminates in scenario-based cyber role-playing. It is the sixth iteration of the exercise, which began in 2012 and trains members of the Army National Guard, Air National Guard and Army Reserve, as well as civilians who work in law enforcement, intelligence and information technologies.
Participants each belong to one of several cells. Red Cell members, such as Montgomery, play the role of adversary hackers. Members of the Blue Cell attempt to defend against the Red Cell’s attacks. Members of the Gold Cell support the Blue Cell with coaching and mentorship, while White Cell members evaluate the Blue Cell’s performance.
As Red Cell members prepare to break into Blue Cell systems, their opposite numbers prepare for an experience that Blue Cell leader Army Maj. Kevin T. Mamula predicts will push them to their limits.
“The blue teams will be challenged to their breaking points by design,” said Mamula, who also works as the cyber network defense team lead for Ohio. “They will be stressed and frustrated and mad. But they will come out as a much more effective team.”
Exercise participants emphasized that the threat that cyberattacks pose make this kind of challenging training crucial.
“Cyber threats are real,” said Army Capt. Joshua Hull from the Nebraska Joint Force Headquarters, who serves as assistant leader for the Nebraska Blue Team in Cyber Shield 17. “They are already all around us, and they affect every aspect of our daily interactions.”
Hull said he is confident his team will be able to succeed in warding off the Red Cell attacks, thanks to effective collaboration he has observed among his comrades.
“We have very good team cohesion,” Hull said. “We have a very good flow of information, and we’ve pulled our best and brightest. They have a good understanding of how network operations work.”
As Blue Cell fights an uphill battle in the cyber terrain, they will have the Gold Cell’s support. Army Lt. Col. Brad Rhodes, Gold Cell leader and commander of the Colorado Army National Guard’s Cyber Protection Team 174, said his team will provide struggling Blue Cell members with coaching and mentorship to help them learn and succeed.
“Our goal is that when the blue teams walk out of the door, they are feeling better about themselves and are more successful than when they first got here,” Rhodes said.
Red Cell leader Air Force Maj. Michael Erstein, who supervises the 177th Information Aggressor Squadron, said that Cyber Shield 17 fosters a learning environment by putting people of different backgrounds and levels of skill together.
“People who’ve never done this before get one-on-one dedicated interactions with individuals who’ve been doing this [for] 15-plus years,” Erstein said. “We are able to bring together experts from [the Defense Department], the government and the civilian world in one place and share that diverse perspective on cyberspace.”
“I’m very excited about being on a red team,” said Flo R. Bayer, a security analyst with the State of Wisconsin Department of Enterprise Technologies. “To see how hackers do things, their methodologies, will help me be better at defending the networks.”
“You don’t get an opportunity to learn from a group of people like this often, to apply this skill set often,” said Adam Hellmers, an electrical engineer with Radiance Technologies. “It’s a chance to develop higher skills and to further enhance your own self, your company’s self and the national interests.”
Cyber Shield 17 is far and away the best exercise he ever has encountered in his career, Montgomery said.
“It’s well organized,” he added. It’s well put together. And the teams, both red and blue, have made significant progress in securing DoD systems.”