Home on the cyber warfare range: Hands-on training on how hackers think

The Arizona Cyber Warfare Range bills itself as a “live fire” range where computer users of any skill level can wargame the hackers, learning to think like a cyber criminal to better protect themselves from cyber crime. (Photo by Christiaan Colen via flickr/Creative Commons)

WASHINGTON – Other soldiers play war games. Why not cyber warriors?

That’s the concept behind the Arizona Cyber Warfare Range, where co-founder Brett L. Scott said citizens can learn to think like the enemy in order to defend themselves against online hackers.

“How can you fight a war if you don’t even know how the enemy functions?” asks Scott, a cyber security expert. “Until people get their hands dirty with this, we’re going to keep losing the war.”

The Mesa-based range is a “privately funded organization designed to accelerate innovations in cyber security,” according to its website. Staffed and managed by volunteers, it offers technology users of any skill level a place to “learn in a hands-on environment the skills they need” to better protect themselves against hackers trying to steal personal information from their private devices.

The range operates out of the AZLabs “reconfigurable laboratory facility” in Mesa, and currently has more than 150 metal servers, 1,300 virtual machines, and 12 petabytes of storage – or 12.6 million gigabytes, its website said.

“It is a collaborative effort between the Arizona Cyber Threat Response Alliance, the all-volunteer group and AZLabs,” said Frank Grimmelmann. He is president and CEO of the alliance, a public-private group focused on “protecting the nation’s infrastructure through mutual information sharing.”

The range allows citizens to “get into the head of the enemy” by providing a safe environment “to learn hacking,” Grimmelmann said. “It is the largest all-volunteer range in the world, to the best of our knowledge.”

The project’s website explains how the range works and how citizens can access it via computers and cell phones.

“We’re in a race and we don’t know when the enemy presses the red button.”

Brett L. Scott

The first step is to apply for an account, which requires applicants to submit their “name, a valid mobile phone number that you have access to all the time, and your email address,” the website said. If the project’s management team approves the application, the data is entered into a registration system. Only then will users be “able to access the ranges” and only through their mobile phone and text messaging.

Text messaging is integral to access the range. Users are required to send at least one “short message service” command every 24 hours to a range-provided number.

The first command is “ENROLL,” which lets users choose from four different ranges, according to skill level – beginner, intermediate, advanced and real-world. The second command, “ACCESS,” is a safety precaution that users must issue once a day or whenever their IP address changes.

Scott said it is important for Arizonans to know how to spot and defend against hackers’ evolving techniques because “we’re in a race and we don’t know when the enemy presses the red button.”