“Five Eyes” Nations Finish Large-Scale Cyber Exercise


US service members and civilians, as well as partner nation military personnel, participated in the Cyber Flag 19-1 exercise from June 21-28, in Suffolk, Va. US Cyber Command photo. U.S. service members and civilians, as well as partner nation military personnel, participated in the Cyber Flag 19-1 exercise, June 21-28, in Suffolk, Virginia. The tactical-level exercise focused on the continued building of a community of defensive cyber operators and the improvement of the overall capability of the U.S. and partner nations. U.S. service members and civilians, as well as partner nation military personnel, participated in the Cyber Flag 19-1 exercise, June 21-28, in Suffolk, Virginia. The tactical-level exercise focused on the continued building of a community of defensive cyber operators and the improvement of the overall capability of the U.S. and partner nations. U.S. service members and civilians, as well as partner nation military personnel, participated in the Cyber Flag 19-1 exercise, June 21-28, in Suffolk, Virginia. The tactical-level exercise focused on the continued building of a community of defensive cyber operators and the improvement of the overall capability of the U.S. and partner nations.

Military personnel from the US and the other “Five Eyes” intelligence-sharing partner nations came together for a large-scale exercise focused on preparing for cyberattacks and keeping adversaries out of critical infrastructure.

Cyber Flag 19-1, which was held June 21-28 at a Joint Staff facility in Suffolk, Va., included 650 personnel from across the Defense Department, along with representatives from the United Kingdom, Australia, New Zealand, and Canada. While this is a regular exercise, this year’s iteration was the first time it was led by a non-US official and instead commanded by a Royal Canadian Air Force captain, according to a Defense Department release.

The Homeland Security and Energy departments, FBI, Postal Service, and the House of Representatives also took part in the exercise.

Nineteen American airmen and civilians from the 836th Cyber Operations Squadron, JB San Antonio-Lackland, Texas, participated on the “blue” side and in planning the exercise, along with three weapons officers from other units who supported planning, according to an Air Forces Cyber spokesman. Pentagon staff partnered with DHS and USPS personnel employees, offering airmen a perspective on what it would be like to help protect non-military networks and work under DHS guidelines.

“The airmen were able to exchange ideas and tactics, techniques and procedures about hunting for adversaries and protecting the network on civilian-owned critical infrastructure,” 24th Air Force spokesman TSgt. R.J. Biermann said in an email.

Personnel split into 20 multi-agency teams that blocked attacks on networks built to simulate industrial hardware and software infrastructure, the release states. About 100 people formed an enemy “red team” to test the others’ defensive skills.

"We have more than half the entirety of the teams here with an outside person who doesn’t belong intrinsically to their organization," exercise commander RCAF Capt. Shae Luhowy said in the release. "The teams jumped on it. We encouraged it, and we got an overwhelmingly positive response for this exact reason. The teams are very happy to be able to pick up some ideas and learn from the other teams they may be sharing with."

Cyber Flag dates back to 2011 when it was first held at Nellis AFB, Nev. The growth of the exercise mirrors burgeoning US military cyber operations overall. Last year, US Cyber Command finished building its 133 Cyber Mission Force teams, including 39 Air Force teams and about 6,200 personnel from across DOD in total.

While the exercise focused on defending against attacks, CYBERCOM is looking for more freedom to act offensively against bad actors, command boss Army Gen. Paul Nakasone told lawmakers earlier this year.