Fifty military cybersecurity experts are defending the online infrastructure of their imaginary nations at the Cyber Endeavor X Games this week.
Now in its sixth year, the five-day competition is being held at Carnegie Mellon University’s Software Engineering Institute.
“It’s very easy to suspend your disbelief and believe that you’re actually in a real environment with real-word things happening and responding to those events in the context of the exercise,” said Michael Massa, program manager at CMU’s CERT division, or omputer Emergency Readiness Team.
CMU works closely with US-CERT and the U.S. Department of Homeland Security to improve the nation’s cybersecurity infrastructure.
Austin Whisnant, cyber security engineer at CMU’s CERT division, manages the simulation.
She said the participants – mostly Army and Navy reservists – are divided into four teams, each representing a country. Teams spent the first couple days last week familiarizing themselves with their country’s infrastructure and patching weaknesses in their cyber defenses, Whisnant said.
“And then after that, they can start defending their network and attacking other countries if they choose to do so, and kind of continuing with their vulnerability mitigation,” she said.
As in past years, the game is paired with a more serious conference on cybersecurity.
The U.S. Department of Defense-sponsored Cyber Endeavor conference runs Tuesday through Thursday and focuses on the theme of “deterrence.”
Massa said there is a need to develop a cyber version of the doctrine of “mutually assured destruction,” which some experts credit with preventing nuclear war.
He said there are also no hard and fast rules of engagement when it comes to cyber warfare.
“If you suspect that you have been attacked via the cyber avenue – whether it be to influence something politically or to disrupt critical infrastructure or to steal state secrets – how do you prove who it was and how do you respond within the context of the law as it exists internationally as well as in the U.S. code?”
No comments:
Post a Comment