Red Team: Reserve Marines simulate cyberspace attackers in exercise Cyber Yankee 22
US Marine Corps | Jun. 30, 2022
Cyber warfare is defined as the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attack or defense of information systems for strategic or military purposes. If a successful cyber-attack was directed at a power utility grid, it would have the ability to cut off electricity and running water. In response to this potential threat, service members from all branches of the United States military work alongside industry professionals to simulate an attack and defense of the northeastern power grid and transmission system.
“The transmission system is just a bigger version of what you have in your house,” said. Jason LaDuke, a Company CEO of the electrical enclave. “It’s like a circuit breaker, but a much, much bigger system. So power flowing into a city is flowing over a specific line. If you could close those breakers you would effectively cut off power to the transmission system.”
Reserve Marines from Defensive Cyberspace Operations-Internal Defensive Measures Company B, 6th Communication Battalion, and Marines from the newly created Marine Innovation Unit (MIU), joined their active duty counterparts from 8th Communication Battalion, with help from a subject matter expert from Marine Cyber Auxiliary to participate in exercise Cyber Yankee June 13-17 2022 Camp Nett, Conn.
“Cyber Yankee is a joint effort between the national guards of the New England states. They try to build up their capabilities and respond to any attacks to the critical infrastructure in New England while building a partnership between the National Guard, industry partners and the other branches of the United States military,” said Lance Cpl. Miles Young, a data systems administrator for Defensive Cyberspace Operations-Internal Defensive Measures (DCO-IDM) Company B, 6th Communication Battalion. “The Marine Corps role in this is to simulate an attacker so that the defense can clearly evaluate how they are doing.”
During Cyber Yankee, the service members are divided up into red teams and blue teams, with the Marines participating as the red team. The red team acts as an attacking force while the blue team tries to defend their network.
“This exercise is red versus blue. This emulates four different threat actors that leverage the cyber kill chain to meet their end states.” Master Sgt. Mike McAllister, cyberspace operations chief, MIU
“Each one of the four actors have different end state objectives. They vary in levels of sophistication from a cyber-criminal or hacktivist that is doing nothing more than low risk access attempts that can be mitigated by very simple security controls and elevate all the way up to the most advanced threat act or using sophisticated means of initiating access with stealthy movement throughout the IT enclave and into the operational technology enclave where the critical infrastructure is located,” said Master Sgt. Mike McAllister, cyberspace operations chief, Marine Innovation Unit.
Cyber Yankee is currently the only exercise of its kind.
“Training like this event is hard to come by. It’s rare and there are no other exercises that take it to this level. The power grid is a very complex system. It's essentially one of the biggest machines on the planet when you look at it all together. This exercise really drives that complication element because it is so fast paced and high energy similar to what would take place in a real attack,” explained LaDuke.
The ability for Reserve Marines to integrate with Active Component Marines and service members from other branches provided a valuable training experience as the potential threat of cyber warfare continues to evolve.
“Marines participate in regional exercises and provide red team capabilities to the Joint Force Reserve, National Guards, and industry professionals [as they] interface for regional utilities which means we’re going in and helping the blue teams refine their play books so if they are called to support utility companies or in disasters of cyber nature,” said Staff Sgt. Sean Sarich, an innovation laboratory specialist at Marine Innovation Unit.
The Reserve Marines from MIU also played an important role in Cyber Yankee 2022 and plan to continue to support similar exercises to bring in additional talent and subject matter expertise from the cyber and developmental support occupational fields. MIU leverages existing talent in the Marine Corps Reserve to address advanced technology challenges in order to accelerate the development of new capabilities. MIU houses coders who have the potential to bring a new skillset and in-depth challenges to the exercise.
“It’s good for us to participate in this exercise because it’s important for us to build our technical skills defending this kind of network because the critical infrastructure power and water have very specific systems most people don’t have experience defending,” said Young. “We get the opportunity to sharpen our skill sets and expand our knowledge.”
Who We Are: The United States Marine Corps Reserve is responsible for providing trained units and qualified individuals for mobilization to active duty in time of war, national emergency, and crisis or contingency operations. On a day-to-day basis, Marine Forces Reserve consists of a talented and dedicated pool of nearly 100,000 Marines able to augment the Active Component in a myriad of ways, to include operational deployments, support to training, participation in bi/multi-lateral exercises with partner nations and allies, and service-level experimentation in support of Force Design 2030 and refinement of new concepts, tactics, techniques, and procedures.