In the same way that infantry divisions train hard to be good in battle, cyber forces work hard to research and develop the right tools to win the information war.
That was the premise for a unique maritime-based cyber exercise that concluded on Sept. 16 at Naval Information Warfare Center (NIWC) Atlantic called “Cyber ANTX” — Cyberspace Defense in Denied, Degraded and Disconnected Environments (Cyber) Advanced Naval Technology Exercise (ANTX).
Most of Cyber ANTX occurred at the National Cyber Range Complex (NCRC) Charleston, a state-of-the-art facility at NIWC Atlantic headquarters where more than 100 assessors, industry partners and subject matter experts participated in two weeks of demonstrations.
“To defend deployed networks, you need a strong scheme of cyber support, which can be difficult at sea,” said Capt. Nicole Nigro, NIWC Atlantic commanding officer. “With that in mind, this exercise posited, and sought to address, one simple challenge: If a cyberattack knocks out the network on multiple ships at once, what kind of fallback solutions can we develop to support cyber defenders afloat?”
For vendors, Cyber ANTX was an unprecedented opportunity to demonstrate 24 unique innovations in the highly fraught cyber domain using operational vignettes implemented by NCRC Charleston’s unique capabilities.
Funded by the Test Resource Management Center under the Office of the Under Secretary of Defense for Research and Engineering, NCRC Charleston allows programmers and hackers to work in a safe and controlled environment.
“I look at this as a live-fire exercise, but in the cyber domain,” said Drew York, Cyber ANTX principal investigator. “NCRC Charleston provided an excellent setting, where we could target innovative technologies using real malware and enable the safe exploration of cyberspace defense technologies on multiple fronts.”
A total of 29 technology proposals were submitted ahead of the event, according to Dana Rushing, Cyber ANTX execution lead.
Rushing grouped participants into focus areas that included themes like prevention, warning, malware detection and cloud-enabled defense. She said each company was evaluated based on the capability it brought cyber defenders in an afloat environment.
In addition to traditional industry partners, many technologies at Cyber ANTX came from the innovative world of small business.
Two technologies were developed by government labs, through a collaboration between NIWC Pacific and the Office of Naval Research. Their tools involved “debloating” systems overstuffed with non-mission-critical “dead code,” such as unused libraries and chat apps, in order to secure networks vulnerable under the weight of too much data.
In the weeks preceding the exercise, Scott West, lead event director at NCRC Charleston, orchestrated the integration and testing of the vendor technologies on the range. Once Cyber ANTX began, the range environment lit up with activity and dynamic interactions among vendors, active-duty military assessors, and technical assessors from NIWC Atlantic and NIWC Pacific.
“From a mission perspective, this exercise challenged everyone to figure out ways of negating an enemy’s ‘soft kill’ cyberattack and quickly restoring capabilities,” said Jeff King, director of NCRC Charleston. “The idea of rear echelon support to forward deployed forces applies to all of the military services and components, since neutralizing a near-real-time cyber effect will be critical in any future conflict.”
In other words, cyber solutions harvested at Cyber ANTX can apply to domains other than a shipboard environment.
“If you think about a small expeditionary force like a unit of Marines, which could easily find itself in a disconnected or limited-access environment on an island chain in the Pacific, cyber defense and incident response are crucial as well,” said Peter C. Reddy, NIWC Atlantic executive director.
Maintaining readiness to enable “integrated deterrence” around the world were key messages when Chief of Naval Operations Adm. Mike Gilday released Navigation Plan 2022 two months ago.
In the document, under force design, “cyber” is named within four priority investment areas.
At NIWC Atlantic, leaders not only hold events like ANTXs but also strive to move away from government-based research and development models that are “isolated, protected and exquisite,” said Greg Hays, NIWC Atlantic’s senior scientific technology manager for Rapid Prototyping and Fleet Exercises.
“Our value proposition is not measured by the number of commercially available widgets or apps that we can procure but rather by the continuous delivery of solutions in response to the changing adversary,” Hays said.
The idea for a Cyber ANTX was hatched at Camp Lejeune a year and a half ago, while York and Rushing were working at an isolated outdoor range in a NIWC Atlantic ANTX called “Naval Integration in Contested Environments.” York said a discussion about an exercise involving cyber came up with Randy Sharo, who is now the Chief Technology Officer at U.S. Fleet Cyber Command / Commander, U.S. TENTH Fleet (FCC/C10F).
Fast-forward to last week, and Sharo was part of a tour of high-ranking officials at Cyber ANTX. Afterward, Sharo said he believed the event represented a change in the way the Navy should evaluate cyber technologies.
“With the help of NCRC Charleston, we were able to run realistic scenarios using real tools in an isolated network environment,” Sharo said. “This meant operating at a higher level of fidelity than we would have ever considered before on an open network.”
Once Cyber ANTX concluded, York praised the strong support of FCC/C10F, NIWC Pacific, NCRC and allocations from Naval Innovative Science and Engineering. He also credited Naval Information Warfighting Development Center, the Navy’s Cybersecurity Program Office (PMW 130) and U.S. Marine Corps Forces Cyberspace Command for their support.
About NIWC Atlantic
As a part of Naval Information Warfare Systems Command, NIWC Atlantic provides systems engineering and acquisition to deliver information warfare capabilities to the naval, joint and national warfighter through the acquisition, development, integration, production, test, deployment, and sustainment of interoperable command, control, communications, computer, intelligence, surveillance, and reconnaissance, cyber and information technology capabilities.