New Orleans -- The Marine Corps Reserves’ new Defensive Cyber Operations (DCO) Reserve members won 1st, 2nd and 4th place out of seventeen teams competing in a national “Capture the Flag” cyber competition on October 3-4, 2020.
The DCO Marines competed against active and reserve component cyber teams from across the Department of Defense (DoD) where they detected, traced and defeated cyber-attacks. They investigated breaches, discovered malicious network traffic, analyzed attack vectors, tracked lateral movement, and used hunt team skills to defend and protect the simulated network.
These capture the flag exercises simulated a live-fire training evolution for cyber Marines, many of whom maintain professional careers within Fortune 500 companies as full time data scientists, SVPs of banks, security experts at Google, and more. The three DCO Marine teams collected all 63 flags during an intensive competition of more than five hours, with the top two teams finishing less than one minute apart.
“I’m extremely proud of the way our teams came together and got creative to win the day. It speaks highly of the caliber of our reserve Marines, which is best in class,” said LtCol Ian Prater, Commanding Officer, 6th Communication Battalion, Force Headquarters Group.
Leadership from the host organization, Tanium, was impressed with the outcomes. “Many flags were linked into narratives that reflect real-world attack vectors. The Marines received a 60-minute class on the Tanium platform a few days before the competition. Their performance improved as they learned how to use the Tanium platform to capture flags and solve complex problems,” said James Cochran, an associate with Tanium Endpoint Detection and Response Team.
“We try to make these events realistic by linking real-world events to knowledge, skills, and abilities defined in the Marine Corps training and readiness standards,” said Aaron Smith, Tanium Regional Vice President of Technical Account Management.
Capture the flag competitions are capstone events that generate enthusiasm and energy. The top 2 teams finished less than a minute apart, which is an amazing accomplishment. “The result of this competition is a better trained and more ready cyber work-force for the Marines and for the DoD. We are glad to host these events,” said Rhett Jones, Tanium Director of Strategic Accounts.
“This competition was unique in a variety of ways; it was completely remote, it was against reserve units DoD-wide, and each team started with their own Tanium platform. The results of this event exceeded a similar event hosted in June 2020,” said Jones.
The event was hosted by Tanium, an enterprise cybersecurity company that provides endpoint management and security built for the world's most demanding IT environments. Teams were given access to the Tanium security platform, and a series of challenges that pitted the teams against one another in order to provide the best defensive approach possible. The competition is similar to a ‘reaction course’ wherein timing matters, and the longer you take, or the more answers that are shared, the less points you score.
DCO Reserve units participating in the event were Companies A and B, 6th Communication Battalion led by Maj. Robert McCartney and Maj. Dan Heywood respectively.
The DCO Companies are part of a broader span of information environment operations and related capabilities such as computer network attack, electronic warfare, and information operations. These Marines are trained and equipped to support the Marine Expeditionary Force Information Group (MIG), Marine component headquarters, or a Combined/Joint Task Force headquarters (C/JTF HQ) in order to enable and enhance the warfighting capabilities of a Commander.
Interested to learn more? Visit the DCO webpages and contact a Marine Forces Reserve representative if you are interested in joining the cyber companies. DCO teams are primarily comprised of warriors, cyber security professionals, innovators and information technology experts. https://www.marforres.marines.mil/Major-Subordinate-Commands/Force-Headquarters-Group/DCO-IDM/