【据美国国防部网站2014年 7月17日报道】美国联邦政府举行了一场大规模网络演习——“网络卫士14-1”，来自军队、执法部门、民间机构、学术界和商业界、国际盟友的500余人参加了这次演习。这次演习为期两周，在2014年 7月17日拉下帷幕，演习的目的是检验军队和联邦机构如何在战役和战术层面相互配合，以保护美国国家网络基础设施，预防、减轻这些基础设施面临的网络攻击并迅速从攻击中恢复。
“网络卫士”还包括一些网络保护分队，这是美国网络司令部的任务保护部队（Mission Protection Force）的一部分。这些分队保护美国国防部的信息网络，提供外国情报和评估以及为国家防御提供现役能力，以支持军方的需求。
“像‘网络卫士’这样的演习帮助我们开发和完善关键信息共享和协调机制，了解对方的能力和授权，使我们可以获得正确的信息，以最好的方式进行国家反应，”负责网络安全行动和项目的的国土安全部助理副部长格雷格•陶希尔（ Greg Touhill）说。
Cyber Guard Exercise Tests People, Partnerships
From a U.S. Cyber Command News Release
FORT MEADE, Md., July 17, 2014 – Partners from across government, academia, industry and the international coalition recently completed Cyber Guard 14-1, a two-week exercise designed to test operational and interagency coordination as well as tactical-level operations to protect, prevent, mitigate and recover from a domestic cyberspace incident.
Elements of the National Guard, reserves, National Security Agency and U.S. Cyber Command exercised their support to Department of Homeland Security and FBI responses to foreign-based attacks on simulated critical infrastructure networks, promoting collaboration and critical information sharing in support of a “whole-of-nation” effort.
“Citizens of our nation are counting on us to generate the necessary capacity and capability to meet the challenges of this problem set,” Navy Adm. Michael S. Rogers, Cybercom commander and NSA director, said in remarks to more than 70 distinguished visitors to the exercise. “We are continuing to learn and mature. We have to build a construct to work seamlessly and effectively with our partners, and not just within the government, but also with industry and academia – outside [the Defense Department].”
Building and ensuring partnerships, processes, and human and technical capabilities were common themes during the exercise.
“We talk all the time about physical networks connecting computers and communications,” said Robert Anderson, executive assistant director of the FBI’s criminal, cyber response and services branch, in remarks to exercise participants. “But we must remember that on both ends of that computer network, there is a network of people working toward a common goal: to defeat our adversaries. Cyber Guard helps us get better at using the network of warriors on the front lines — like you — to achieve our goal.”
The event, executed by Cybercom and hosted by the FBI at the National Academy in Quantico, Virginia, was the largest yet, hosting more than 550 participants, roughly double the number who participated last year. Continuing the event’s evolution into a holistic, whole-of-nation effort, observers from academia, private industry and state utilities were on hand to observe.
In the event of a domestic cyber incident, federal agencies have specific, complementary roles, officials said.
DHS is the lead for coordinating the protection, prevention, mitigation of, and recovery from a cyber incident. The Justice Department and the FBI are responsible for the investigation, attribution, disruption and prosecution of domestic cyber crimes, as well as the collection, analysis and dissemination of domestic cyber threat intelligence. DoD is responsible for defending the nation from attack, collecting, analyzing and distributing foreign threat intelligence, and supporting DHS in their protection, prevention and recovery role.
“Practicing as an interagency team is essential to ensure national response to cyber events produce results that are effective and efficient,” said Greg Touhill deputy assistant secretary of homeland security for cybersecurity operations and programs. “Exercises like Cyber Guard help us develop and refine key information sharing and coordination processes, understand each other’s capabilities and authorities, and operate in a manner that keeps us in the right formation to present the best national response.”
The National Guard plays a key role in directly helping the states affected by a cyber incident, allowing federal forces to focus on their more traditional mission. The majority of the participants were National Guard service members representing 22 states.
The exercise also included several Cyber Protection Teams, part of Cybercom’s Cyber Mission Force being built over the next few years. The teams defend DoD information networks and help support DoD’s requirement to provide foreign intelligence and assessment and active-duty capabilities to defend the nation.
“Cyber Guard provided an opportunity for agencies to execute and refine the DoDIN command and control construct model,” said Phil La Perla, chief of readiness and exercises for the Defense Information Systems Agency. “The 90th [Cyber Protection Team], aligned to DISA, also benefited by teaming with the U.S. Coast Guard in defending DoD information networks, building on our great relationship with DHS.” Some of DISA’s network management teams also participated in the event.
In addition to the observers, FBI hosted an “Industry Day” that included 105 participants from a broad cross-section of private industry, including energy, finance, and information technology security. The event continued to strengthen relationships with private industry to facilitate information sharing that could prevent, mitigate or respond to a cyberattack, officials said.
“This robust, interagency exercise to defend the nation has accelerated in maturity over the last three iterations,” said Coast Guard Rear Adm. Kevin Lunday, Cybercom’s director of training. “We used this event to develop teamwork and collaboration, and we have gone from just a few Guard teams two years ago to incorporating critical government and private sector partnerships to test whole-of-nation solutions in this dynamic domain.”
Eric Rosenbach, deputy assistant secretary of defense for cyber policy, took note of other ways the exercise has improved and evolved.
“I think it’s really impressive what you’ve done from the authority, policy and law standpoint,” he said in comments to the distinguished visitors at the event. “I also think how you’ve connected the technical parts – the ranges, your tools and capabilities – is also impressive.”
Lunday also noted that in each iteration of the exercise, the scenarios from the adversary – simulated by a ‘red team’ – get more realistic and incorporate lessons learned from previous exercises.
“What you’re doing here is critically important to how we will respond on behalf of our nation to a major cyberattack,” he said. “The more we know and share about the adversary and the better-defined our processes are, the better we can defend the nation.”