An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

My Coast Guard
Commentary | Sept. 13, 2022

Cyber Flag 22: A multinational exercise aims to make defense networks safer and more secure

By Annie Sheehan, MyCG writer

Cyberattacks do not adhere to geographic borders; anyone or any country is vulnerable to malicious activities in cyberspace. In order to bolster international defense measures, U.S. Cyber Command convenes cyber operators from around the world to participate in an annual exercise called Cyber Flag.  

Cyber Flag spanned over the course of four weeks. From July 20 to Aug. 12, dozens of operators gathered at CYBERCOM’s DreamPort facility in Columbia, Maryland, and others joined virtually from nine different time zones in five different countries. 

Cyber Flag is a unique opportunity for cyber professionals in the U.S. and allied nations to exchange ideas, tactics, and techniques against common threats. A simulation exercise between two opposing forces — attackers and defenders — allows participants to hone their response to a perceived threat.  

This year, the Coast Guard Cyber Command (CGCYBER) participated on both the attack and defense sides. Lt. Cmdr. Kenneth Miltenberger led 60 other Red Team operators from various geographic locations. CGCYBER Red Team Operators Ensign Samuel Towers, Petty Officers First Class William Bischof and Charles Vallancourt, and Petty Officers Second Class Isaiah Hernandez and Sean Caffrey led offensive operations against four defending teams in partnership with Army 1st IO Brigade Red Team. As they launched their attacks, defense teams — known as Cyber Protection Teams (CPTs) — had to quickly identify, isolate, and counter their moves.  

Lt. Virgil Moreno is one of two CPTs at the Coast Guard. During this exercise, he served as the CPT lead, in which he and his team worked together with other CPTs to fend off oppositional advances. This led to an unparalleled training opportunity for professionals from the “Five Eyes” allied nations — the U.S., U.K., New Zealand, Canada, and Australia — to brainstorm response strategies, discover best practices, and collaborate with other operators, with the ultimate goal of forging cyber unity and diplomacy. 

“Passion for cybersecurity is a great international equalizer,” stated Miltenberger. “The fact that operators were dispersed all over didn’t matter; we were all raised on the culture of the internet and have a love for how cyber technologies can unite, rather than divide us.”    

Within the past decade, cybersecurity has become increasingly more important to protect public and private entities against threats, such as phishing, data breaches, and ransomware or malware attacks. The Coast Guard, alongside other military branches, has poured resources into bolstering critical cyber infrastructure in order to keep networks safe and secure.  

For example, The Maritime Transportation System (MTS) is an intricate network of waterways, which connect to major highways, railways, airports, and other transportation pipelines. $5.4 trillion flows through the MTS, which constitutes for 25% of the U.S.’s GPS. Thus, because MTS is a vital backbone to the U.S. economy, it has become a prime target for malicious cyber actors that want to disrupt the supply chain.  

According to the U.S. Coast Guard’s 2021 Cyber Strategic Outlook report, there were over 500 major operational technology cyber-attacks that occurred in the maritime industry in 2020 alone. The financial impact of such cybercrimes is severe. It is projected that there will be $10.5 trillion worth of damage related to cybercrimes by 2025.  

Events, like Cyber Flags, are essential to help mitigate these ongoing and ever-growing cyberattacks both in the U.S. and overseas. The annual exercise provides realistic “hands on-keyboard training” against cyber threats that occur in the real world.  

Miltenberger noted that CPTs use Cyber Flag as their capstone exercise to certify them as a U.S. cyber protection team. Through these series of simulations, such as attackers installing malware on the defending team’s server, these operators gain invaluable insights that inform how they’d respond to real cyberattacks.  

Cyber 23 will occur in October of this year. Details are forthcoming. To stay in the loop of all things cyber: please see the United States Coast Guard Cyber Command’s web page.