The U.S. Military Academy won the 2016 Cyber Defense Exercise (CDX), capturing its 8th Information Assurance Director’s Trophy since the annual competition began in 2001, NSA announced on April 15.
“CDX is a uniquely important exercise to develop the cyber security skills of the students at these military institutions,” said Kim Beam, an Information Assurance Directorate senior leader. “It is an exercise where the participants put theory and classroom instruction into practice.”
Cadets and midshipmen from the U.S. Coast Guard Academy, U.S. Merchant Marine Academy, U.S. Military Academy, U.S. Naval Academy, and the Royal Military College of Canada had their cybersecurity skills, tenacity, and ingenuity tested this week against the National Security Agency’s top information assurance professionals. NSA’s Information Assurance Directorate (IAD) sponsored the event.
“During the week the participants – who are focusing on keeping their network services available and running – experience real cyber-attacks and their impacts. The academies build networks and defend them from real attacks by exercise ‘hackers,’” said Beam. “CDX provides a competition that increases the participants’ cyber defense skills. Defensive skills and insights are gained not only by the network defenders, but also by those playing offense during the exercise. They’ll go back to defending networks post CDX.”
NSA experts who help secure the U.S. government’s most sensitive communication systems challenged service academy teams to protect networks they designed, built, and configured at their respective schools. Working out of the Parsons facility in Columbia, Md., another group of NSA specialists graded each team’s ability to effectively maintain network services while detecting, responding to, and recovering from security intrusions and compromises.
“All of the teams competed intensely for the trophy – and the bragging rights that come with a victory,” Beam added. “Each team had strengths and the overall skill level of the defenders rises each year. While just one team gets the trophy, all of them win by honing their cyber security skills. The Information Assurance Directorate is proud to be a part of this event.”
In addition to the core exercise, the students’ analytic skills were tested through three challenge modules. Those modules were also scored and a winner named in each of the modules. The winners of each of the challenge modules are:
- Malware Analysis/Reverse Engineering challenge: U.S. Naval Academy
- Host and Network Forensics challenge: U.S. Military Academy
- Offensive Ethical Hacking challenge: A tie between The Royal Military College of Canada graduate team and The Royal Military College of Canada undergraduate team