USCG carried out a cyber-security exercise, where it established a team consiting of “hackers” to try and breach the service’s networks and systems. The efforts highlight weaknesses and show how adversaries can take advantage of them.
These exercises play an important role in helping organizations protect communications, trade secrets and sensitive data from cyber-attacks.
USCG’s new Cyber Operational Assessments Branch includes a Red Team and larger Blue Team, and is tasked to secure the service’s technology, data, systems and networks.
In addition, a much larger unit within CGCYBER, the Cyber Protection Team (CPT), is responsible for helping secure and defend the vast network of operators and infrastructure in the MTS.
The Blue Team primarily does cooperative cybersecurity assessments, security consulting, and enterprise scanning activities.
On the other hand, Red Team also performs cooperative assessments, looking for potential threats or vulnerabilities within a system that attackers might exploit.
Let’s say that the most important thing about your system is command and control data and you want to keep that as protected as possible. If I can show you how I can go in and read that data and maybe manipulate it, that really tells you a story — not just about the security of your systems, but whether your people are doing the right thing
said Lt. Kenneth Miltenberger who leads the team for CGCYBER
The Red Team can also be included into operational exercises. For example, PACAREA, may want to include a cyber-opposing force as part of an operational exercise with cutters and aircraft.
Red Team operations can take a week or as long as three months to run. Customers can range from a systems owner, to a Pacific or Atlantic area operational commander, to CGCyber Commander, Rear Admiral Michael P. Ryan.
The Red Team is planning a return visit to the unit they breached in September.
