AF creates new cyber squadron to fend off attacks
- By Kris Osborn
- Nov 03, 2016
The Air Force is standing up new cyber squadrons and working vigorously to widen the aperture of its cybersecurity focus.
“We do a good job with our networks. Our weapons systems are also IT related, so we are working within the Air Force to get those systems to a better place with regard to cybersecurity,” Air Force Senior Information Security Officer Peter Kim told Defense Systems in an interview.
In order to bring this effort to fruition, the Air Force has begun establishing cyber-squadron pilot programs that task specific units at bases to go on cybersecurity patrols to protect mission systems and core networks, Kim explained.
Rapidly emerging computer algorithms as well as sensors and weapons systems linked by computer processors pose a growing and unique cybersecurity challenge, Kim said. As a result, the Air Force works to ensure that drone feeds, fire-control systems and computer-integrated avionics are secured against rapidly-evolving cyberthreats.
While Kim did not mention any weapons systems in particular, there are a wide range of current and emerging Air Force weapons that depend heavily on advanced IT. The F-35, for instance, uses early iterations of artificial intelligence to help acquire, organize and present information to the pilot on a single screen without much human intervention. Often referred to as easing the cognitive burden upon pilots, the effort is geared toward systematically presenting information from a range of disparate sensors on a single screen. The F-35s widely-discussed sensor fusion, for example, is evidence of this phenomenon, as it involves consolidating targeting, navigation and sensor information for pilots.
Protecting drone feeds from enemy hacks is yet another example of the Air Force’s focus on maximizing its information assurance efforts.
The networked elements of portable devices, flowing data, mission systems, hard drives and software systems increase capability but also simultaneously introduce new areas of vulnerability, Kim said.
Referring to cyberdefense as a man-made “team sport,” Kim explained how increasing security often relies upon simple practices and behaviors that lessen the likelihood of a successful intrusion.
Kim praised ongoing Air Force progress when it comes to broadly implemented cybersecurity techniques currently in place. He did emphasize, however, that widespread education about cyberdefense practices across the service would go a long way toward strengthening the effort.
Cybersecurity often involves sophisticated technologies that protect routers, servers and networks. Alongside these efforts, the Air Force is pushing to make sure service members remain cautious about clicking on email attachments in order to avoid phishing and watering hole attacks.
Nevertheless, many of the most effective security measures involve simple, basic cyber-hygiene practices such as not connecting to unauthorized devices or using non-military handheld devices with Air Force networks. Keeping computers up-to-date and patched are also key aspects of the broader cybersecurity calculus.
“We have to be aware that there are dangers out there. The adversary is constantly evolving, changing and trying to get into our systems and exfiltrate information,” Kim said. “Airmen who touch information technologies that enable us to do warfighting have to be disciplined in what they are downloading and clicking on. They can’t use a maintenance computer to power up a personal iPhone; they can’t use a USB from home and need to stop and think before they download anything.” he said.
Kris Osborn is a former editor of Defense Systems.