July 9, 2020 | International, C4ISR, Security

This training tool could be the answer to stop mass cyberattacks

At air bases across Europe, networks are under attack. Malicious hackers have gained access to sensitive systems, information, controls and critical infrastructure. But cyber operators from U.S. Cyber Command, in concert with Five Eyes partners, have been called in to thwart these attempts in real time.

This was the main scenario for this year's capstone cyber training exercise put on by Cyber Command, Cyber Flag 20-2.

The exercise, which took place June 15-26 and was exclusively defensive in nature, saw more than 500 participants and 17 teams participating from five countries across nine time zones, and it included America's National Guard, the U.S. Energy Department and the Five Eyes alliance — Australia, Britain, Canada, New Zealand and the U.S. Australia, however, did not participate during this iteration.

Officials told reporters this week that the purpose of Cyber Flag 20-2 was to continue building the community of defensive cyber operations and to improve the overall capability of the Five Eyes countries to defend against cyber aggressors.

The drill involved teams defending IT and operational security networks against a live, opposing force trying to disrupt, deny and degrade the air bases' operations. The networks under attack were industrial control systems simulated to generate network traffic for an aviation fuel farm, power grid, air traffic control radars and electronic access control systems. The attacks came in the form of malware that targeted devices responsible for fuel and power.

But the unique aspect of this year's exercise, as C4ISRNET previously reported, was the use of a new remote cyber training tool called the Persistent Cyber Training Environment.

PCTE is an online client that allows Cyber Command's cyber warriors, as well as partner nations, to log on from anywhere in the world to conduct individual or collective cyber training as well as mission rehearsal, which to date had not existed for the cyber force as it does for physical troops.

The program is run by the Army on behalf of the joint cyber force. The platform not only allowed the exercise to continue as planned amid the coronavirus pandemic, but it enabled collaboration and simultaneous training across the world.

A new way to train

Officials say PCTE is providing Cyber Command with an entirely new way to train cyber forces, which previously was difficult given a lack of infrastructure and the time needed to set up ranges and scenarios.

It also allows Cyber Command and military units to conduct more frequent training. Cyber Flag typically was Cyber Command's largest and only holistic tactical training event, held annually during June. For units, aside from Cyber Flag, there were no other ways to stay sharp on their skills unless they built their own environments.

Now, Cyber Command plans to hold more exercises, with Cyber Flag 20-3 occurring in the fall.

“The delivery of the Persistent Cyber Training Environment absolutely allows us to increase the frequency and the complexity of exercises that are conducted by the command itself,” Coast Guard Rear Adm. John Mauger, director of exercises and training at Cyber Command, told reporters. “Going forward, I would expect you to see a series of exercises throughout the year where we are reaching out to the different teams to test their capabilities or to focus on specific issues that are of concern or interest to us.

“Going forward, we're going to get the benefits of both those distributed exercises along with increasingly complex exercises as PCTE is instantiated across both the secret network and the top-secret network.”

Scenarios and environments can be stored, saved, reused and modified if needed in the system for later exercises. Smaller units will also be able to leverage these scenarios to practice whenever needed.

The PCTE virtual environment for this year's exercise included 25 interconnected ranges of more than 3,000 virtual machines — a high-fidelity network that simulated and emulated open internet traffic with more than 4,000 static websites that store and share data.

The simulated air base networks created in PCTE had fully configured Windows active directory domains with over 100 nodes running more than 10 types of major operating systems, along with 35 simulated user control workstations actively surfing the internet and using Microsoft Office products to access, create and transfer files.

Moreover, officials also explained PCTE can be integrated into larger, multi-combatant command-type exercises to simulate the cyber effects, such as Global Lightning and its companion Cyber Lightning.

Global Lightning is an annual global exercise run by Strategic Command to test integration across several geographic and functional combatant commands. Cyber Lightning is Cyber Command's portion to the exercise.

“We think that is the next evolution of the Persistent Cyber Training Environment and how we take to the tier 1 exercises, incorporate cyber effects. They're no longer white-carded,” Col. Tanya Trout, Cyber Command's PCTE director and acting director of the Joint Cyber Training Enterprise, told reporters.

White carding involves telling exercise participants that a certain action has occurred. This was typical of cyber effects, given it was difficult to realistically simulate them, which diminished the training value in exercises because participants didn't experience the full breadth of these actions.

Now, these activities can play a real role in exercises increasing the overall fidelity of training across the joint force and continuity of all operations of warfare.

The system will also be able to be used for mission rehearsals. A Cyber Command official said the force can input prior operations, such as those used against the Islamic State group, to train against. Additionally, they'll be able to upload to the platform malware discovered in operations.

The PCTE program office, which is in the prototyping phase despite delivering the first portion to Cyber Command in February 2020, also learned valuable lessons in Cyber Flag. Officials said the two-week exercise provided the program office with six months' worth of data it can use to make significant improvements.

Prior to the February delivery, the program office leveraged several smaller-scale training events at the unit level to incrementally increase capabilities and scalability as well as help geographically dispersed teams prepare for tier 1 exercises like Cyber Flag.

Overall, officials are happy with how the system performed in its first tier 1 exercise, pointing to little to no latency issues, though there were periodic improvement tickets.

“What we found through the rapid development and use of the Persistent Cyber Training Environment is that we really have a unique capability to move forward with,” Mauger said.

https://www.c4isrnet.com/dod/cybercom/2020/06/25/this-training-tool-could-be-the-answer-to-stop-mass-cyberattacks

On the same subject

March 18, 2022 | International, Aerospace

L'Inde commence l'assemblage du prototype de l'AMCA, son avion de combat multi rôle de 5ème génération
L'entreprise d'état indienne HAL (Hindustan Aeronautics Ltd) a annoncé la fabrication du premier bord d'attaque du prototype de l'avion de combat multi rôle indien 5ème génération AMCA (Advanced Medium Combat Aircraft). Le premier vol est prévu « pour 2024-2025 avec une mise en production début 2030 », selon Air & Cosmos. L'AMCA, d'une masse de 25 tonnes, aura une charge utile interne de 1.5 tonne et une charge utile externe de 5.5 tonnes en addition de 6.5 tonnes de carburant. Il sera disponible en version furtive et non furtive. Concernant ses deux moteurs, ses variantes connaîtront deux étapes : une version MK1 équipée des moteurs GE414 qui équipent le LCA Tejas (génération précédente d'avions de combats indiens), puis une version MK2 équipée d'une motorisation plus puissante (110kN, légèrement en dessous du NGF). « Un accord de collaboration devrait être signé prochainement avec Safran ou Rolls-Royce pour le développement de ce moteur », souligne Air & Cosmos, qui rappelle que Safran a déjà travaillé avec HAL sur le développement du moteur Shakti de son hélicoptère ALH. Air & Cosmos du 18 mars
June 18, 2019 | International, C4ISR, Other Defence

What’s the best way for the Army to demonstrate force via electronic warfare?
By: Mark Pomerleau When the Russian military attacked Ukraine, it prevented units from communicating with each other by turning to powerful electronic jamming tools. The U.S. Army, however, is not interested in the same raw demonstration of force. Instead, U.S. officials are following a philosophy that relies on “surgical” attacks. This could include creating an image on enemy's radar, projecting an aircraft at one location when enemies think it is at another, or impairing the command and control links of adversaries' unmanned aerial systems. “When the Russians emit like that, they're letting the entire world know where they are,” Col. Mark Dotson, the Army's capabilities manager for electronic warfare said on a media call with two reporters June 14. “What we're looking at in the future ... [is] surgical electronic attack, electronic intrusion or 21st century electron attack. We're looking for much more discrete ways of conducting electronic attack. Using low power to affect the signal and to affect it in such a way that it may not even be detectable that you're interfering with what they're doing.” Dotson said instead of sheer power, future capabilities should focus on the end result, such as whether it's hurting an enemy's ability to communicate or to use radar. “There's a variety of different approaches that can be taken to create the effect necessary without having to do what we refer to as traditional jamming, which is just increasing the signal to noise ratio,” Dave May, senior cyber intelligence advisor at the Cyber Center of Excellence, said. Finding materiel solutions The officials spoke at the conclusion of Cyber Quest, a week-long technology experimentation that took place at Fort Gordon. Cyber Quest is a prototyping event that allows the Army to test technologies and concepts from industry to help solve future problems. This year, Army leaders focused on several areas. They include: Improving the requirements for the Terrestrial Layer System, an integrated electronic warfare and signals intelligence system that will provide a much-needed jamming capability to formations; Identifying candidates for rapid acquisition, and Conducting risk reduction against current programs and identifying candidates for electronic warfare capabilities to outfit the Intelligence, Information, Cyber, Electronic Warfare and Space detachment or I2CEWS, a battalion-sized unit described as the “brain” of the Army's multidomain task force. “Cyber Quest helps ... in that we are able to take these difficult challenges to industry, walk them through what we're trying to accomplish and let industry come back to us with novel approaches,” May said. “This pre-prototyping philosophy allows us to work through concepts, [tactics, techniques and procedures], and actually start the concept for doctrine.” At Cyber Quest, Army officials focused on the overall TLS system and two subsets: the Tactical Electronic Warfare System (TEWS) and the Tactical Signals Intelligence Vehicle. Both are integrated platforms the Army is using to experiment with different technologies that would allow for sensing, signals intelligence, electronic warfare and RF-enabled cyberattacks. May said these subsystems are in the pre-prototype phase. Army leaders also tested a spectrum analyzer tool that will notify commanders of the health of their systems within the electromagnetic spectrum. Such a tool would provide details on the footprint of blue force electromagnetic spectrum. The Army's current spectrum management program of record, Electronic Warfare Planning and Management Tool, only offers details on red force's in the spectrum relying on sensors in the field. By contrast, the spectrum analyzer tool the Army looked at during Cyber Quest is a handheld system that doesn't need to rely on the sensors that belong to tactical operational tools. There's been a focus across all the services in recent years to better understand their own electromagnetic spectrum as a way to prevent themselves from being detected and jammed or detected and killed. The details for when these capabilities would reach soldiers, however, is still in flux. If the Army has approved a requirement, a new product can be fielded to certain units under what the Army refers to as a buy, try, decide model. Capabilities can be fielded faster if they are funneled through the Rapid Equipping Force, though, they wouldn't become a program of record, but could be fielded to operational units that need it between 90 days and six months. If a capability goes through the Rapid Capabilities Office, it could take six to 18 months to get to units, Dotson said. May said the goal for TLS is to deliver a “validated requirement” to the program manager by third quarter of fiscal year 2020. That puts fielding in the 2022 or 2023 timeframe. Officials were a bit more circumspect on the Multi-Functional Electronic Warfare Air Large program, a first of its kind brigade-organic aerial electronic attack pod that will be mounted on unmanned systems. Lockheed Martin was awarded was awarded two sequential 18-month contracts valued at $18 million in January. Officials said it should be flying within the next 12 months but added that they want to see the product that ends up flying before forecasting a timeline for when it would reach units. https://www.c4isrnet.com/electronic-warfare/2019/06/17/whats-the-best-way-for-the-army-to-demonstrate-force-via-electronic-warfare/
September 7, 2018 | International, Aerospace

France-Parly satisfaite des nouvelles fonctionnalités de l'A400M
PARIS, 6 septembre (Reuters) - La ministre française de la Défense Florence Parly s'est déclarée jeudi satisfaite des nouvelles fonctionnalités en cours de test sur l'avion de transport militaire A400M d'Airbus. “Nous sommes dans une phase extrêmement positive”, a-t-elle observé lors d'une rencontre avec l'Association des journalistes professionnels de l'aéronautique et de l'espace (AJPAE), disant attendre l'intégralité des fonctionnalités en 2021. Les retards successifs du programme A400M ont conduit les pays clients, comme la France, à réceptionner des appareils n'ayant pas toutes les fonctionnalités contractuelles, comme le largage de parachutistes par les portes latérales, des équipements électroniques de défense et le ravitaillement en vol d'hélicoptères. En mars, Reuters avait révélé que l'armée allemande avait dit dans un rapport confidentiel voir un “risque important” que l'A400M n'ait pas toutes les capacités tactiques requises après 2021, au moment du retrait de sa flotte de C-160 Transall. “Chaque étape que nous passons est une étape qui se franchit avec succès et donc ceci aide chacun à être un peu patient”, a ajouté Florence Parly. L'armée française avait annoncé au printemps la réception de son 14e A400M, avec un objectif de 25 unités en 2025 et une cible de 50 à terme. Le président exécutif d'Airbus Tom Enders a fait état fin juillet d'avancées dans les négociations avec les pays clients de l'A400M pour parvenir à un amendement du contrat d'ici la fin 2018. https://fr.reuters.com/article/frEuroRpt/idFRL5N1VS3VA

All news