http://www.dcmilitary.com/navy/trident/10_48/local_news/39232-1.html By Martha Thorn Trident Managing Editor January 20, 2006 When Tom Hendricks, National Security Agency visiting professor in the computer science department, talks about red cells and white cells, he's not talking about blood. The white cells are referees and the red cells are hackers in an inter-service academy competition sponsored by the National Security Agency. During the four-day competition that is held in April, midshipmen and cadets set up a computer network between the five service academies and sometimes other schools such as the Naval Postgraduate School and the Air Force Institute of Technology. This calls for a coalition, a cooperative effort between the academies. Then, the red cells or hackers from the National Security Agency and other information assurance groups begin attacking the data sharing network. The academy that best withstands the onslaught wins the competition. Last year, the Naval Academy team won the competition for the first time. In 2002, the first year that the Naval Academy entered the competition, it placed second. With the beginning of the spring semester, the Naval Academy is beginning to form its team and prepare for this year's competition. Any computer science and information technology major is eligible to join the team and plebes planning to major in one of these areas may also be considered. "In the past, only firsties could join the team," said Assistant Professor Lori DeLooze of the computer science department, "but once they were trained, they graduated. "That's why last year we opened it up to the other classes. This year we have 16 returning cadre who can teach the next group and continue the learning process." The midshipmen must do all the work. They can ask questions about topics that have not been covered in class, but it's up to them to set up working groups and a chain of command. Hendricks and DeLooze serve as primary advisers for the team, along with Marine Maj. William "Clay" James and Adjunct Professor Paul Derdul, both of the computer science department. While these faculty members serve as the first line of defense in answering the team's questions, Hendricks stresses, "The midshipmen can use anyone at the academy as a resource." Hendricks says that the midshipmen frequently consult with the Information Technology Services Division about programs like Microsoft Exchange and equipment like Cisco. In the past, the midshipmen have set up as many as 10 or more teams to handle diverse tasks. "No one person can do everything that needs to be done, so you need people to specialize in firewalls, mail, Web sites, encryption, backups, intrusion detection, administration, technical and morale," Hendricks says. "You also need back-up people because the exercise runs 24 hours a day. You can bet that as soon as your best person takes a nap, that's when the break-in will occur, so you want everyone to know what to do and how to handle it." He says that the competition is very real world. "In the real world, we're always forming and breaking up coalitions and alliances. We're always sharing information and protecting against break-ins to the system." Hendricks estimates that the majority of break-ins occur from within the system. "You never know where the red cells are going to come from," he says. "During the exercise, the midshipmen see how easy it is for someone to get into a system and how much damage they can cause." Hendricks contends that every system will be broken into at one time or another. "What counts is how quickly you can detect the infiltration and how well you respond to it," he says. "You want to test your system for weaknesses and minimize them as much as possible." Midshipmen interested in joining this year's information assurance team should e-mail hendrick AT usna.edu. _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Sun Jan 22 2006 - 23:39:03 PST