Main Menu

Hack the Army

Started by Eclipse, November 24, 2016, 02:51:40 AM

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Eclipse

November 24, 2016, 02:51:40 AM

"That Others May Zoom"

Spaceman3750

#1
November 24, 2016, 03:19:38 AM Last Edit: November 24, 2016, 03:22:42 AM by Spaceman3750
Isn't Cyber Patriot defend only?

etodd

#2
November 24, 2016, 03:40:53 AM
Quote from: Spaceman3750 on November 24, 2016, 03:19:38 AM
Isn't Cyber Patriot defend only?

Can learned skills not be used elsewhere, off the CAP clock, so to speak?
"Don't try to explain it, just bow your head
Breathe in, breathe out, move on ..."

Spaceman3750

#3
November 24, 2016, 03:42:24 AM
Quote from: etodd on November 24, 2016, 03:40:53 AM
Quote from: Spaceman3750 on November 24, 2016, 03:19:38 AM
Isn't Cyber Patriot defend only?

Can learned skills not be used elsewhere?

Sure, and knowing where vulnerabilities can lie is pretty helpful in offense, but I don't think that is what Eclipse was inferring. At least not how I read it.

Eclipse

#4
November 24, 2016, 03:44:52 AM
An open door is open - whether you lock it from the inside or walk in from the outside is on the viewer.

"That Others May Zoom"

Live2Learn

#5
November 24, 2016, 05:56:22 PM
So, what exactly is "Defense"?  If our infrastructure or organizations are attacked, isn't a well executed counterattack a valid and often very effective "defense"?  Why WOULDN'T CyberPatriot participants learn how to not only set up a defensive perimeter and identify/neutralize intrusions ex post, but also conduct counter attacks on an identified cyber aggressor to deter future attacks?

Spaceman3750

#6
November 24, 2016, 08:38:43 PM
Quote from: Live2Learn on November 24, 2016, 05:56:22 PM
So, what exactly is "Defense"?  If our infrastructure or organizations are attacked, isn't a well executed counterattack a valid and often very effective "defense"?  Why WOULDN'T CyberPatriot participants learn how to not only set up a defensive perimeter and identify/neutralize intrusions ex post, but also conduct counter attacks on an identified cyber aggressor to deter future attacks?

Defense can be broken down into three pieces: prevent, detect, and respond. Cyber Patriot seems to focus heavily on protect, with a little detect and respond at the national level with the introduction of a red team.

Hacking back is often talked about even in private sector INFOSEC. The biggest issue is legal and ethical ramifications - just because they attacked you doesn't make attacking them any less of a crime. Second to that is the fact that attribution is extremely difficult and there is often no way to know for sure that you are attacking the right person and not an innocent person or organization whose compromised infrastructure was used to mask the true source of the attack.

Public sector is a little different but I don't have any experience there.

Holding Pattern

#7
November 24, 2016, 11:13:50 PM
Quote from: Live2Learn on November 24, 2016, 05:56:22 PM
So, what exactly is "Defense"?  If our infrastructure or organizations are attacked, isn't a well executed counterattack a valid and often very effective "defense"?  Why WOULDN'T CyberPatriot participants learn how to not only set up a defensive perimeter and identify/neutralize intrusions ex post, but also conduct counter attacks on an identified cyber aggressor to deter future attacks?

Because the cyberpatriot rules explicitly state not to.

The good news is that your computer education program at your squadron in no way has to be limited to the cyberpatriot curriculum.

JC004

#8
November 26, 2016, 04:46:16 AM
Imma hack the army and order their coolest equipment to my yard.

Eclipse

#9
November 26, 2016, 05:09:24 AM
Hopefully the ethics of what they are involved in are addressed at some point during Cyber Patriot.

Just like tracers which also reveal the position of the shooter,  you can't show  someone how to secure
a computer or network without also giving them at least some of the tools to also exploit or compromise it,
that's just the reality of how they work.

"That Others May Zoom"

Spaceman3750

#10
November 26, 2016, 05:43:17 AM
Quote from: Eclipse on November 26, 2016, 05:09:24 AM
Hopefully the ethics of what they are involved in are addressed at some point during Cyber Patriot.

Just like tracers which also reveal the position of the shooter,  you can't show  someone how to secure
a computer or network without also giving them at least some of the tools to also exploit or compromise it,
that's just the reality of how they work.

Fair enough.

xray328

#11
December 01, 2016, 02:13:01 PM Last Edit: December 01, 2016, 02:32:03 PM by xray328
The CyberPatriot curriculum would in no way prepare you to hack into anything. There was a session at the last Wing conference that made it a point that the CAP Cyber training that's being rolled out does not equal CyberPatriot either.  My daughter attended the Cyber Fam course last year and said very little of what she was taught had anything to do with the CyberPatriot competition. There's a misconception that sending your cadets down there turns them into CyberPatriot stars, not so. That being said, I'm very excited to see the advanced training being offered this year (beta mode), it's great exposure for them (us).


Sent from my iPhone using Tapatalk

Paul Creed III

#12
December 01, 2016, 03:22:23 PM
Quote from: xray328 on December 01, 2016, 02:13:01 PM
The CyberPatriot curriculum would in no way prepare you to hack into anything. There was a session at the last Wing conference that made it a point that the CAP Cyber training that's being rolled out does not equal CyberPatriot either.  My daughter attended the Cyber Fam course last year and said very little of what she was taught had anything to do with the CyberPatriot competition. There's a misconception that sending your cadets down there turns them into CyberPatriot stars, not so. That being said, I'm very excited to see the advanced training being offered this year (beta mode), it's great exposure for them (us).


Sent from my iPhone using Tapatalk

What advanced training are you referring to?
Lt Col Paul Creed III, CAP
Group 3 Ohio Wing sUAS Program Manager

xray328

#13
December 01, 2016, 03:39:28 PM
They're trying to roll out an advanced cyber networking NCSA. I haven't seen it on the NCSA website as of yet though.


Sent from my iPhone using Tapatalk

Paul Creed III

#14
December 01, 2016, 03:41:19 PM
Quote from: xray328 on December 01, 2016, 03:39:28 PM
They're trying to roll out an advanced cyber networking NCSA. I haven't seen it on the NCSA website as of yet though.


Sent from my iPhone using Tapatalk

Ah, yes, we are working on the curriculum for that course now.
Lt Col Paul Creed III, CAP
Group 3 Ohio Wing sUAS Program Manager

xray328

#15
December 01, 2016, 05:22:07 PM
It's now listed on the NCSA site, CyberDefense Training Academy - Maryland Campus


Sent from my iPhone using Tapatalk

Paul Creed III

#16
December 01, 2016, 05:26:08 PM
Quote from: xray328 on December 01, 2016, 05:22:07 PM
It's now listed on the NCSA site, CyberDefense Training Academy - Maryland Campus


Sent from my iPhone using Tapatalk

Excellent!

I am the Chief of Staff for the Maryland Campus this year.
Lt Col Paul Creed III, CAP
Group 3 Ohio Wing sUAS Program Manager

xray328

#17
December 01, 2016, 05:27:00 PM
Nice! Any idea where it's being held? Andrews by chance?


Sent from my iPhone using Tapatalk

Paul Creed III

#18
December 01, 2016, 05:28:42 PM
Quote from: xray328 on December 01, 2016, 05:27:00 PM
Nice! Any idea where it's being held? Andrews by chance?


Sent from my iPhone using Tapatalk

That is still being determined by the NHQ Cyber team.
Lt Col Paul Creed III, CAP
Group 3 Ohio Wing sUAS Program Manager

Eclipse

#19
December 01, 2016, 05:37:50 PM
It's in the toooobes man!


"That Others May Zoom"
Print
Go Up Pages1
User actions