Fresh on the heels of the Pokemon Go craze, a group of IDF Cyber Defense cadets in the C5I Directorate were given the task to “catch ‘em all” in a recent week-long training exercise inspired by the world of Pokemon.
A group of IDF cyber cadets from the air force, navy, and infantry were split up into 6 teams that represent different pokemon types, and tasked with fending off a series of intruders attacking their “cities.”
Each day for a week, Team Rocket – a team of IDF cyber trainers, attacked the cadets’ cities and attempted to capture their Pokemon. Over the course of the exercise, the cyber cadets had to mark flags – or Pokemon – hidden in their system. The team that managed to “catch ‘em all” first would be the winner.
“The exercise is designed to mimic a real large scale cyber attack,” said Lt. Roi, commander of the cyber officers training course. “The attacks are based off of real attacks that have taken place around the world. The soldiers need to defend the network against the attack, eliminate the threat, understand how they were attacked, and then restore the network to normal.”
For the first time, the exercise included attacks through mobile and internet-of-things devices. One attack consisted of Team Rocket gaining access to a mobile device and then using it to access all of the networked data. In another attack, Team Rocket attacked the network itself, targeting routers, modems, and other pieces of internet infrastructure.
“The biggest threat we face is something called ‘ransomware,’ in which an attacker convinces a user to click on a link, which then downloads malware covertly on the user’s system,” said Lt. Roi. “The entire world is dealing with this right now.”
The exercise included some challenging surprises for the cadets. “Things were able to change in a moment, just like in the real world. The attackers were able to get their hands on the code and make changes. The defenders had to rapidly adapt their techniques,” said Lt. Roi.
In June 2015, Lt. Gen. Gadi Eisenkot, the IDF Chief of Staff, announced the establishment of a new “Cyber Command” that will oversee all activity in the virtual domain. The command is expected to combine the capabilities of the Military Intelligence Directorate and the C5I Telecommunication Directorate.