Keeping bad guys at bay

-A A +A

Lab hosts cyber security exercise at Buffalo Thunder

By Roger Snodgrass

POJOAQUE – In the game of Pin the Tail on the Donkey, each child is spun around until disoriented and given the task of attaching a paper tail closest to the rear end of a picture of a donkey. The game is often won by interpreting why people are laughing at you and is good training for overcoming handicaps while dealing with challenging odds.

In one of the side rooms at the conference center at Buffalo Thunder for four days this week, a phalanx of 100 Cyber-security first responders pinned electronic tails on virtual donkeys in a far more serious encounter known as Tracer FIRE 2.

The meeting drew participants from Los Alamos, Sandia and other national laboratories, academic and public safety organizations, homeland security and private industry for a week of serious fun and games by some of the most knowledgeable and experienced cyber defenders in the country.

They were organized randomly in 10 teams. Each member of the team brought his own computer and software, ready to engage with allies and deter or defeat any foe that might stir up the electrons in his neighborhood.

Against the back wall of the room, a dynamic screen flashed team standings, as individual duels were fought out. From time to time the screen was refreshed with the picture of dozens of little bugs, depicting tanks that wandered around an electronic battlefield littered with symbolic debris from an ongoing free-for-all that was going on in the background.

To participate in this game required on-the-fly programming skills to write or plug in routines that can adapt to real-time activities, explained Alex Kent, event organizer and cyber systems program manager for the Lab’s Global Security organization.

There were three main tracks of activities, he said. The first two had to do with forensics, that is, how to figure out when something is an attack on the computer or on a network. The third has to do with “malware,” or malicious software designed to infiltrate a system.

“After we detect that somebody has done something inappropriate, we have to pick it up and take it apart, almost like an autopsy,” Kent said. “Each person approaches these things in a different way and different points of view assure us of getting the best answer.”

Earlier in week, public officials talked to lawmakers in the Capitol about an issue they described as a growing global problem that costs hundreds of millions of dollars a year and involves malicious activities by web-based attackers.

A former Director of Intelligence Michael McConnell got people’s attention when he told a Senate Commerce Committee in his opening statement, “If we were in a cyber war today, the United States would lose.”

He wasn’t talking about not having talented people — the people in Pojoaque were beginning their first two days of training in preparation for their competition at the time, quite apart from the hearing.

He said he was referring to the fact that our country depends more on information and communication technology than any other country in the world and that we may not appreciate how quickly the world is changing.

“The federal government will spend more each year on missile defense than it does on cyber security,” he said, “despite the fact that we are attacked thousands of times each day in cyberspace and we are vulnerable to attacks of strategic significance, i.e. attacks that could destroy the global financial system and compromise the future and prosperity of our nation.”

In Pojoaque, meanwhile, the competitors mulled around, ate pizza and glared at their laptops. One punched in a few commands and watched a program scroll upward.

Kent said he sees warnings like the one McConnell delivered on Tuesday as a challenge.

“It’s an awesome responsibility to work on this problem right now,” he said. “There are no simple answers. We just know its going to take a lot of people working together to mitigate, not necessarily to solve.”

“The folks in this room are honing their skills for protecting national security,” said Darrin Jones, a special agent with the FBI. “Their systems are being attacked every day. Their facilities become targets for people who try to steal our national secrets. Their job is to keep the bad guys out and at the same time to allow our scientists to have ready access to the information they need.”

He said the FBI is involved because cyber attacks are illegal. One of the pieces of the process is the criminal investigation that triggers a national security process to prosecute offenders.

While the job of the experts in the room was emphatically defensive, to repel those who would try to breach the protective systems, Jones said, “You have to understand the offensive side at a very deep level.”

Kent said one of the most productive outcomes from these kinds of collaborations is the networking and the ongoing relationships, so that each participant knows who to call to deal with specific problems.

“This is an opportunity to win, rather than not fail” he said about the friendly competitions of Tracer FIRE 2. “No one person can do all of this.”