Back to news

July 9, 2020 | International, C4ISR, Security

This training tool could be the answer to stop mass cyberattacks

At air bases across Europe, networks are under attack. Malicious hackers have gained access to sensitive systems, information, controls and critical infrastructure. But cyber operators from U.S. Cyber Command, in concert with Five Eyes partners, have been called in to thwart these attempts in real time.

This was the main scenario for this year's capstone cyber training exercise put on by Cyber Command, Cyber Flag 20-2.

The exercise, which took place June 15-26 and was exclusively defensive in nature, saw more than 500 participants and 17 teams participating from five countries across nine time zones, and it included America's National Guard, the U.S. Energy Department and the Five Eyes alliance — Australia, Britain, Canada, New Zealand and the U.S. Australia, however, did not participate during this iteration.

Officials told reporters this week that the purpose of Cyber Flag 20-2 was to continue building the community of defensive cyber operations and to improve the overall capability of the Five Eyes countries to defend against cyber aggressors.

The drill involved teams defending IT and operational security networks against a live, opposing force trying to disrupt, deny and degrade the air bases' operations. The networks under attack were industrial control systems simulated to generate network traffic for an aviation fuel farm, power grid, air traffic control radars and electronic access control systems. The attacks came in the form of malware that targeted devices responsible for fuel and power.

But the unique aspect of this year's exercise, as C4ISRNET previously reported, was the use of a new remote cyber training tool called the Persistent Cyber Training Environment.

PCTE is an online client that allows Cyber Command's cyber warriors, as well as partner nations, to log on from anywhere in the world to conduct individual or collective cyber training as well as mission rehearsal, which to date had not existed for the cyber force as it does for physical troops.

The program is run by the Army on behalf of the joint cyber force. The platform not only allowed the exercise to continue as planned amid the coronavirus pandemic, but it enabled collaboration and simultaneous training across the world.

A new way to train

Officials say PCTE is providing Cyber Command with an entirely new way to train cyber forces, which previously was difficult given a lack of infrastructure and the time needed to set up ranges and scenarios.

It also allows Cyber Command and military units to conduct more frequent training. Cyber Flag typically was Cyber Command's largest and only holistic tactical training event, held annually during June. For units, aside from Cyber Flag, there were no other ways to stay sharp on their skills unless they built their own environments.

Now, Cyber Command plans to hold more exercises, with Cyber Flag 20-3 occurring in the fall.

“The delivery of the Persistent Cyber Training Environment absolutely allows us to increase the frequency and the complexity of exercises that are conducted by the command itself,” Coast Guard Rear Adm. John Mauger, director of exercises and training at Cyber Command, told reporters. “Going forward, I would expect you to see a series of exercises throughout the year where we are reaching out to the different teams to test their capabilities or to focus on specific issues that are of concern or interest to us.

“Going forward, we're going to get the benefits of both those distributed exercises along with increasingly complex exercises as PCTE is instantiated across both the secret network and the top-secret network.”

Scenarios and environments can be stored, saved, reused and modified if needed in the system for later exercises. Smaller units will also be able to leverage these scenarios to practice whenever needed.

The PCTE virtual environment for this year's exercise included 25 interconnected ranges of more than 3,000 virtual machines — a high-fidelity network that simulated and emulated open internet traffic with more than 4,000 static websites that store and share data.

The simulated air base networks created in PCTE had fully configured Windows active directory domains with over 100 nodes running more than 10 types of major operating systems, along with 35 simulated user control workstations actively surfing the internet and using Microsoft Office products to access, create and transfer files.

Moreover, officials also explained PCTE can be integrated into larger, multi-combatant command-type exercises to simulate the cyber effects, such as Global Lightning and its companion Cyber Lightning.

Global Lightning is an annual global exercise run by Strategic Command to test integration across several geographic and functional combatant commands. Cyber Lightning is Cyber Command's portion to the exercise.

“We think that is the next evolution of the Persistent Cyber Training Environment and how we take to the tier 1 exercises, incorporate cyber effects. They're no longer white-carded,” Col. Tanya Trout, Cyber Command's PCTE director and acting director of the Joint Cyber Training Enterprise, told reporters.

White carding involves telling exercise participants that a certain action has occurred. This was typical of cyber effects, given it was difficult to realistically simulate them, which diminished the training value in exercises because participants didn't experience the full breadth of these actions.

Now, these activities can play a real role in exercises increasing the overall fidelity of training across the joint force and continuity of all operations of warfare.

The system will also be able to be used for mission rehearsals. A Cyber Command official said the force can input prior operations, such as those used against the Islamic State group, to train against. Additionally, they'll be able to upload to the platform malware discovered in operations.

The PCTE program office, which is in the prototyping phase despite delivering the first portion to Cyber Command in February 2020, also learned valuable lessons in Cyber Flag. Officials said the two-week exercise provided the program office with six months' worth of data it can use to make significant improvements.

Prior to the February delivery, the program office leveraged several smaller-scale training events at the unit level to incrementally increase capabilities and scalability as well as help geographically dispersed teams prepare for tier 1 exercises like Cyber Flag.

Overall, officials are happy with how the system performed in its first tier 1 exercise, pointing to little to no latency issues, though there were periodic improvement tickets.

“What we found through the rapid development and use of the Persistent Cyber Training Environment is that we really have a unique capability to move forward with,” Mauger said.

https://www.c4isrnet.com/dod/cybercom/2020/06/25/this-training-tool-could-be-the-answer-to-stop-mass-cyberattacks

On the same subject

  • Air Force Tests How Quickly, Nimbly It Can Deploy F-35 in 'Agile Lightning'

    August 16, 2019 | International, Aerospace

    Air Force Tests How Quickly, Nimbly It Can Deploy F-35 in 'Agile Lightning'

    By Oriana Pawlyk As part of the U.S. Air Force's effort to improve how it prepares to deploy at a moment's notice, the service earlier this month tested how swiftly it could move its premier stealth fighter to a forward operating location in the Middle East. During an exercise called "Agile Lightning," held Aug. 4-7, airmen assigned to the 4th Expeditionary Fighter Squadron of the 388th Fighter Wing at Hill Air Force Base, Utah, temporarily deployed to an undisclosed location in the Middle East to train in an austere environment with the F-35 Joint Strike Fighter, according to a service news release. "By executing the adaptive basing concepts we have only practiced at home until now, we increased the readiness, survivability and lethality of the F-35A in a combat theater," said Lt. Col. Joshua Arki, 4th EFS commander. "The 'Fightin' Fuujins' of the 4th EFS successfully deployed a small detachment of aircraft and personnel to a forward location, supporting combat operations from that location for a given period of time, and then re-deployed back to our primary operating location," Arki said in the release. https://www.military.com/daily-news/2019/08/15/air-force-tests-how-quickly-nimbly-it-can-deploy-f-35-agile-lightning.html

  • Palantir wants to be the ‘central operating system for all US defense programs’

    October 1, 2020 | International, C4ISR, Security

    Palantir wants to be the ‘central operating system for all US defense programs’

    Andrew Eversden WASHINGTON — Palantir, the Silicon Valley-based software company that successfully sued the Army in 2016, wants to become “the central operating system for all U.S. defense programs," the company wrote in paperwork filed with the U.S. Securities and Exchange Commission for its initial public offering. The software company, known for its controversial work with the U.S. government, went public on the New York Stock Exchange on Wednesday said that it wants its big data analytics platforms to “become the default operating system for data across the U.S. government.” Palantir, according to the filing, views the U.S. government's push toward alternative acquisition methods as a primary opportunity to for their company to grow. The federal government, particularly the Defense Department, is increasingly using what's known as Other Transaction Authorities and Small Business innovation Research contracts to eliminate the long timelines associated with the traditional contracting process. In 2019, research showed that those types of awards accounted for nearly 10 percent of the department's research, development, test and evaluation spending. “Our software is well positioned for this new procurement approach. Our platforms have been tested and improved over years of use across industries and can rapidly be deployed by the government with minor configurations. This gives us a significant edge over contractors selling custom tools,” the filing states. Palantir expects that there is $26 billion worth of work in the federal space, the filing stated. The company offers two big data analytics platforms, Foundry and Gotham, for data-driven decisionmaking by its customers. According to the filing, the company is currently working with Air Force, Army, Navy, Marines, Special Operations Command and “other defense agencies,” along with several other civilian agencies, including the Department of Veterans Affairs. The filing also states that the Army uses the platform to “keep one million troops ready for their missions, and every battalion in the U.S. Army uses our software for intelligence analysis.” In its filing, the the company specifically cites the DoD's $144 billion in fiscal 2020 on procurement funds and $105 billion on research, development, testing, and evaluation dollars as areas where its software “can contribute to programs covered by both of those budgets.” In 2016, Palantir sued the Army over its procurement strategy for an intelligence analysis system. After winning that case, which forced the Army to seek commercial solutions before building their own system. Since winning the case in 2018, the company has received $134.5 million in revenue from Army accounts, up from about $52 million in the previous 10 years. “Our victory in federal court is transforming the procurement of goods and services across the U.S. federal government,” the filing states. “For us, this shift in government acquisition represents a significant expansion of our [total addressable market] with the U.S. federal government. We are working towards becoming the central operating system for all U.S. defense program.” https://www.c4isrnet.com/industry/2020/09/30/palantir-wants-to-be-the-central-operating-system-for-all-us-defense-programs/

  • Space Force lays out acquisitions reforms in new report

    May 25, 2020 | International, Aerospace

    Space Force lays out acquisitions reforms in new report

    Nathan Strout In a new proposal, the U.S. Space Force is asking Congress to overhaul the tools it uses to acquire new space systems, allowing the new service to move with more agility and keep pace with near-peer adversaries. “Our nation requires a bold Alternative Space Acquisition System that not only matches the pace of change but also manages unpredictability and regularly disrupts our adversaries' threat cadence," the Department of the U.S. Air Force report concludes. “The features outlined in this report will create a new space acquisition approach for the USSF that is the envy of all other services and ultimately enables the USSF to rapidly leverage industry innovation to outpace space threats.” When Congress passed legislation establishing the Space Force as the nation's sixth branch of the armed services in December, it included a provision requiring the Secretary of the Air Force to provide a report by the end of March on whether the military should adopt an alternative space acquisition system. While the Pentagon did deliver a report to Congress in March, it largely kicked the can down the road on any specific acquisitions reforms. Space Force leadership have touted this more detailed acquisitions report as “groundbreaking” in recent appearances. The new report, which was first reported by Bloomberg Government, includes nine specific proposals to improve Space Force contracting, although it doesn't make any suggestions towards unifying the various organizations involved in purchasing space platforms and systems, such as the Space Development Agency, the Space Rapid Capabilities Office, the Space and Missile Systems Center, or the National Reconnaissance Office, which purchases satellites for the intelligence community. Instead, the report's recommendations include changes to the contracting tools and reporting requirements the Space Force will use to acquire new systems, with a focus on increasing flexibility and delegating authority. Three of the suggestions require legislative action, while the remaining proposals will simply require internal Department of Defense adjustments. Perhaps the most important recommendation in the report, according to the Air Force, is the consolidation of budget line items along mission portfolios, such as missile warning or communications, instead of by platform. While this has been done on a limited basis in the past for the Space Rapid Capabilities Office and some classified efforts, it marks a change from standard DoD budgeting practices. Theoretically, this would allow the Space Force to move funding between missile warning systems without having to submit reprogramming requests to Congress, something it did several times last year in order to move up the delivery date for the first Next Generation Overhead Persistent Infrared satellite. The Air Force's repeated reprogramming requests rankled some members of Congress, leading to a fight between lawmakers and the White House over the program's funding for fiscal 2020. The Air Force claims this fix is needed to give program managers the flexibility to adapt to growing threats. According to the report, transparency at the program level would be preserved in future budget documents. This change would not require legislation. Beyond that, the Air Force is asking Congress for permission to push milestone decision authority down the chain of command, similar to what's been demonstrated by the Missile Defense Agency and National Reconnaissance Office. This change would speed up decision making for space programs. The third major change the Air Force is pursuing is authority for the Space Force to use incremental funding for space systems and programs. This “Efficient Space Procurement” coding was used to acquire the fifth and sixth satellites in the Advanced Extremely High Frequency satellites at the same time as well as the fifth and sixth Space-Based Infrared System satellites, resulting in significant savings. The department claims full funding each space vehicle has lead to affordability issues in the past, and can “lead to production breaks, obsolescence, and industrial base impacts.” Instead, the department wants to spread out funding for satellites over multiple years to help keep costs in check and avoid funding spikes. Other changes include streamlining requirements validation and reporting requirements. “Under these reforms, our Nation's newest military service will have unprecedented agility to build resilient, defendable, and affordable space capabilities through streamlined processes and closer partnerships with one of America's decisive advantages—its innovative and rapidly changing commercial space industry,” Secretary of the Air Force Barbara Barrett wrote in the introduction to the report. https://www.c4isrnet.com/battlefield-tech/space/2020/05/21/space-force-lays-out-acquisitions-reforms-in-new-report/

All news