It’s commonly understood that Airmen operate now in a cyber contested environment. Cyberattacks and persistent malware have become so frequent, widespread, and advanced that they now pose a threat to Air Force core missions beyond what national level cyber protection teams can cover and defend against.
In April, communications squadrons across the Air Force were tasked by their respective major commands to be pathfinder units in what has become known as the “Cyber Squadron Initiative” construct. This is meant to be a transition effort toward a new cyber unit that integrates defensive cyber operations concepts toward protecting the five core Air Force missions at the base level.
The pathfinder units were met with the first achievements under the new concept.
A recent rash of malware struck bases across the Air Force in October, causing national level cyber protection teams to fan out to several bases in search of a root cause. One base they didn’t need to visit was the 482nd Fighter Wing at Homestead Air Reserve Base, Florida, one of the pathfinder units.
“Our mission defense team took notice of the intel traffic happening at other bases, and used their new cyber skills to compare what was happening across the Air Force against our own systems here at Homestead,” said Maj. Michael Wells, the 482nd Communications Squadron commander.
What they found was that similar malware was indeed infecting their systems and that it was coming dangerously close to the jets themselves. They employed the procedures taught by Air Force Cyber Command and used by cyber protection teams to contain the malware, while tightening procedures to prevent further infection. The corrective actions put in place by the base level team directly emulate the actions to be taken by a national level team.
Since the systems used to load data onto the jets are stand-alone computers, the traditional base communications squadron without a mission defense team would likely not be alerted to the issue. Only after repeated dangerous cyber incidents and a several cyber protection team visits would a long-term solution be implemented.
“A base level mission defense team can’t do everything that a national cyber protection team can, but we have enough of their capabilities now to start being proactive in our mission defense,” Wells said. “Our base has a team now that can network with other pathfinder units to determine where to put our emphasis and react quickly.”
Through coordination with the Office of Information Dominance at Headquarters Air Force, pathfinder units are quickly gaining the skills, tools, and capabilities to deliver active cyber defense to their wings on an ongoing basis.
As pathfinder units continue to develop their capabilities, scarce resources used by the cyber protection team can be freed to focus on national level operations. If the Cyber Squadron Initiative pathfinder effort proves successful, then it is likely that traditional base communications squadrons across the Air Force will convert to cyber squadrons with the aim of providing mission assurance to their base.
Filed Under: Aerospace + defense