Jun 11 2021

Coast Guard to Stand Up First Cybersecurity ‘Red Team’

The service branch is also transforming its main defensive IT security team.

Cybersecurity changes are afloat at the U.S. Coast Guard.

Late last month, a Coast Guard official indicated that the service branch would create its first cybersecurity “red team” as part of its approach to IT security. As security firm CrowdStrike notes in a blog post, in a red team exercise, the red team acts as an adversary, “attempting to identify and exploit potential weaknesses” within the organization’s defenses by using “sophisticated attack techniques.”

Additionally, the Coast Guard is turning its cybersecurity “blue team” unit into a more holistic IT security outfit called the Cyber Operational Assessments Branch, according to Lt. Kenneth Miltenberger, the cyber blue team branch chief.

The red team is being launched this summer, and will “serve as a cyber adversary emulation and penetration testing organization for its cybersecurity operations,” Federal News Network reports.

Coast Guard Revamps Cybersecurity, Will Explore 5G Security

A red team, the CrowdStrike post notes, is often composed of “highly experienced security professionals or independent ethical hackers who focus on penetration testing by imitating real-world attack techniques and methods.”

“The red team gains initial access usually through the theft of user credentials or social engineering techniques,” CrowdStrike notes. “Once inside the network, the red team elevates its privileges and moves laterally across systems with the goal of progressing as deeply as possible into the network, exfiltrating data while avoiding detection.”

Typically, a blue team’s goal is to focus on cybersecurity defense. “Typically, this group consists of incident response consultants who provide guidance to the IT security team on where to make improvements to stop sophisticated types of cyberattacks and threats,” CrowdStrike states.

MORE FROM FEDTECH: How can agencies defend against insider threats?

For the Coast Guard, its blue team will continue to scan endpoints and provide cooperative vulnerability assessments and security consulting for the Coast Guard’s acquisition operations.

“We’re excited to see that kind of fusion of cooperative assessments, plus the red team for some kind of holistic assessments,” Miltenberger said in May during a webinar hosted by the Advanced Technology Academic Research Center.

The Cyber Operational Assessments Branch will explore security challenges related to 5G wireless networks, which the Defense Department sees as a potential game changer for enhancing command and control, according to Miltenberger.

Military branches are working directly with wireless carriers to create custom 5G networks to support specific operations.

For example, the Air Force is experimenting with 5G to make command and control more agile, mobile and difficult to target, Air Force Col. Michael Driscoll, director of future operations at Nellis Air Force Base, previously told FedTech. And at Naval Base Coronado, military staff, civilian scientists and engineers from the Naval Information Warfare Center Pacific and Naval Supply Systems Command Fleet Logistics Center San Diego are spearheading a first-of-its-kind effort to create a 5G smart warehouse.

DIVE DEEPER: Learn why network security can’t be an afterthought with 5G.

U.S. Coast Guard photo by PAC Tom Sperduto/Wikimedia Commons