Cyber Defense Exercise 2008 Video Transcript
STUDENT: I've got this guy coming in on several ports. Nothing's working.
STUDENT: CDX is an exercise between the service academies and two post-graduate schools, where we build a network that the NSA Red Cell tries to break into.
NSA REP: Our job as the Red Cell is to try and break in.try and scan them.
STUDENT: It's a point system. And whoever has the most points at the end wins.
NSA REP: So they're down fifty points now...
STUDENT: I can't stop him I shut. I closed the connection and he's right back up within a second.
JOAN: Make it a fair competition, work hard, have fun and now's the time to start. Best luck to everyone.
KYLE: We are the defense team. Whereas NSA is the making active attempts to hack into and penetrate our secure networks.
STUDENT: We have been preparing since January.
STUDENT: we didn't receive the images until a couple of weeks ago.
DANIEL: The work stations all came with different, say like root kits, and they had something like viruses and stuff like that already planted in them.
MICHAEL: So most of it was like background research, but really it was the last two to three weeks that we really got busy.
NSA REP: The tiger team is over there-that's mostly NSA people. They're the guys who know where the "malware" is on the target host that was placed in advance for the students to find. If they didn't find it these guys are the ones that are going to make them pay.
TOM: This year the design has a number of constraints built in so they had to make decisions ahead of time.
NSA REP: This year they have budgetary constraints.
BRIAN: everyone's network is constrained by rotarian marks so we were much more vulnerable to attack by the red cell than last year was.
NSA REP: We invented a set of rules that establishes a notion of budget that says that everything on your network has a cost.
DOUG: and they were given a budget and they could either basically fix their hosts , their workstations, or they could fix the server, or they could fix the network, but they didn't have enough money to fix all three, which is a very realistic constraint.
ERIC: I was pretty much, just cover the basics and hopefully everything will work.
STUDENT: This morning was a very exciting morning. We had many, many attacks. It seemed like the red team was throwing everything that they could. And they were focusing only on us.
STUDENT: Holy, BEEP OUT EXPLETIVE! Kill'em all.
NATHANIEL: It was really hot this morning. 'About to get some more activity, I think the guys are starting to pick some stuff up. But we've been doing really well today. So, I'm pretty happy about that.
STUDENT: Cause there's crap going on over there, but hopefully, it's not getting out.
STUDENT: Oh, my goodness!
STUDENT: It's been going O.K. I'm not really positive about everything that's going on.
STUDENT: We've had a couple of successful hacks against us, but it looks like we're doing all right.
STUDENT: Yesterday we had some exploits that occurred due to call backs.
ARLEN: we thought there was a major attack on us, then it turned out one of the cables just came undone. So, we were down for a little while. It was kind of embarrassing.
STUDENT: We just got an inject on it. We don't know what's on it. After I make sure it's clean you can put it on the network. I'll do my best to find out what's really on it. and then, if there's anything really horrible on there, take that off. Uh, scrub it, if possible. So, uh. so we'll see. It'll be interesting.
ADRIAN: It's incredibly difficult to secure your network. And it's really easy to just slack off, but with that small little thing that you didn't check, that could be the niche that the Red Team needs to get into the door.
STUDENT: If this works, all the.uh.tactical.all through this tunnel.
RED TEAM MEMBER: By that time, you know, the place is on fire and you're long gone with all the data, you know.
RED TEAM MEMBER: yeah.
JON: We have several confirmed exploits on several of the academies. So I have high hopes that we're going to ding at least all of them.
RED TEAM MEMBER: They'll love that. LAUGHS.
RED TEAM MEMBER: well against the Merchant Marine Academy yesterday, we had a compromise in about three hours.
JON: I can't tell you who's winning but I can tell you who's losing.
RED TEAM MEMBER: We deliver the images they have to use for this exercise. We put a lot of extras on that before we gave it to them.
SCOTT: When it calls back it gives us a command shell on their machine. We can do anything we want with that. so it doesn't get any easier than that.
RED TEAM MEMBER: oh, wow, look at this, they got movies and stuff like that. little do they know they're being owned. Chumming.
BRADLEY: It's directly applicable to what we'll be doing out in the operational Air Force, particularly if you're in the communications field and you're in charge of setting up a network somewhere similar to this.
JOHN: 'Domestic deployment schedule changes I could be on my first deployment in January. So it's great to get this kind of real world experience before I go out into the field.
PROFESSOR: It's one thing to get this dry lecture in class and these just very contrived lab exercises that they have to do on their own. But when they actually have to put together the whole network, they see whole picture and they actually are up against live fire.real internet attack experts going against them and they have to defend against them in real time. I think they get experience here that they can't get in a standard classroom environment.
JOHN: It's fun to learn about this network security things; how to, not only secure networks, but how to break down networks, how to find vulnerabilities in your own network. It's a lot of fun.
ASHLEY: I learned so much just about network priority and how systems work. It's really just kind of opened me up to the network security area. And it's a lot of fun.
SAM: Having a technical understanding of how to secure your network and how to maintain that security is good for any business and especially for the government. We don't want people getting our information unless we're giving it to them.
STUDENT: It was going to a web site that was fake, so it's probably a hacker site, so it was like getting all my passwords, all my system configurations and things like that.
STUDENT: I was looking at today's results.we seem to be definitely pretty much on par to accomplish our goal.
STUDENT: good luck to everyone, but I hope USCG comes out on top. Go Bears.
STUDENT: Well, Army is the defending champions and we've won it three times before. It's many more than any other school out there.
STUDENT: We always want to beat Army. But uh, I don't think that's going to be too hard in this case.
STUDENT: Navy's going to win. Absolutely.
STUDENT: As long as we can beat Navy, we'll be good.
STUDENT: We'll definitely beat Air Force.
STUDENT: I think that we're going to kick butt.
STUDENT: we have some feelings about the Air Force, or Chair Force, as we call them.
STUDENT: All right, stay focused, we can make fun of the Squids later. LAUGHS
STUDENT: We're doing "awesome."
STUDENT: As long as we do better than we did last year at last place, we should be feeling pretty good about ourselves.
STUDENT: The Merchant Marine Academy is going to come in last place.
STUDENT: I don't know about winning.
STUDENT: I think no other team has a chance of winning.
STUDENT: I think. I think we will do respectable.
STUDENT: We've really coalesced around the idea of not embarrassing ourselves.
STUDENT: so we're keeping it fairly clean, but uhm, it's certainly spirited.
WHITE CELL: West Point has won three of the eight years.
STUDENT: look out service academies because uh we're taking it home this year.
STUDENT: It's pretty exciting, huh?
AARON: We're all students, master students for computer science and we've thrown ourselves together. We've got civilians, and we've got all component s of the service and we're all working really well together.
STUDENT: I was thinking about this orange juice and how delicious it was.
MIKE: I think everybody kind of knows that nothing is going to go quite as planned.
STUDENT: Ask about HQ DNS and why they still suck.
LADY: Anything hands-on versus having to read it in a book and visualizing what it could be like."well here's your JABBER server, this is what it would be like if you could possibly do it on a real computer," versus really doing it and seeing, "oh, look, we can really chat, we can really resolve DNS and we can really have a web site and all these things," is a really good experience to see that.
DAN: I think cyber operations is a growing field in the Air Force and I hope to have a lot of opportunities after AFIT to go use some of this stuff.
STEVE: mostly to keep the team together, to deconflict the different personalities that I know we have on the team, and make them work well together.
STUDENT: We don't want to sound like morons now, do we?
STUDENT: Maturity is at it's height over here.
STUDENT: Oh, yeah, how many bananas can you fit in your mouth at one time?
STUDENT: Did I mention I hate you, Paul?
JON: I'll bet you there are very, very significant difference between the high end and the low end schools' scores. We are not having any difficulty determining who places where, nor is there going to be a whole lot of ambiguity as to, you know, whether, if anything had gone slightly differently, if one team had done better than the other or placed better than they have.
JOAN: so at this point we get to open the envelope, figuratively, and announce the winner. Once again, congratulations to the United States Military Academy at Westpoint. Who-wah!
JOE: Cyber attacks happen every day. The seniors are going to graduate in forty days. And when they get to their units, they're.they're going to have systems like this that need to be brought on board and secured and protected and everything else.
STUDENT: Wait.there's a buffer overflow?
JOE: Uh, the ones that are going into the communications fields, the intelligence fields, it's even more app..applicable to them. So this is not just something that they're going to do here and walk away from.
INSTRUCTOR: Many of them will have the opportunity to go out and actually be part of the networks, something similar to what we're setting up right here.
EMMA: There are a lot of people that have no idea what computer security is. Uhm, we need to educate people. If only educating ourselves so that we can help other people that we know.it really is important to see what can be done to your computer and what you can do to try and stop it.
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009