US OKs potential sale of air and missile defense system to Poland -Pentagon | Reuters

Sur le même sujet

• 

  25 février 2020 | International, Aérospatial, C4ISR, Sécurité

  The largest cyber exercise you’ve never heard of

  For years, the first time the Department of Defense's cyber forces faced high-end digital attacks was not in practice or in a classroom, but in actual operations. For the cyber teams that focused on offense, a playbook developed from years of National Security Agency operations guided their work. But on the defensive side, standards and processes needed to be created from scratch meaning, in part, there was a lack of uniformity and little tradecraft to follow. Because cyber leaders had focused on staffing, training opportunities for defensive cyber operators had been sparse. To help solve that problem, the Department of Defense is expected to award a contract worth roughly $1 billion later this year for a global cyber training environment. But in the meantime, some units across the joint force have gone so far as to create their own small-scale training events and exercises to keep their forces' skill sets sharp. Perhaps the best example of these efforts are the 567th Cyberspace Operations Group's “Hunt Event,” which has quickly grown to become one of the largest cyber exercises across the department. The bi-monthly exercise pits teams against each other in a competition for the coveted Goblet of Cyber trophy and bragging rights. The group aims to better train defensive hunters, improve defensive tactics, techniques and procedures and develop defensive tradecraft. “The point of this was that we didn't really have a good range space to play on that had an active and live adversary so we could, in theory, replay traffic and we could go in and generate some easy kill, low hanging fruit signatures for detection,” Capt. Reid Hottel, training flight commander at the 837th Cyber Operations Squadron, told Fifth Domain. “If we are supposed to be the primary counter to advanced persistent threats, the way that we were training was not like how we were fighting.” The exercises started roughly a year ago to teach operators how to hunt on networks. It's now evolved to where participants also work on leadership skills and build custom exploits on a large range with multiple stakeholders. In addition to the Air Force CPTs — the defensive cyber teams each service provides to U.S. Cyber Command — members from the Air Force Office of Special Investigations and Mission Defense Teams, specialized defensive cyber teams that will protect critical Air Force missions and local installations, also take part. At the most recent exercise in January, a representative from NASA participated. Now, the exercises have become so popular Hottel said other services are interested in participating in the future. This includes a Marine Corps CPT at Scott Air Force Base. Building better leaders and hunters To be the best, cyber leaders recognized their teams would have to beat the best and that meant training against the world's most advanced cyber threats. Some other forms of training — such as the popular capture the flag game, which involve teams trying to find “flags” such as files or scripts inside a network — are not always the most realistic form of training. “When we were fighting, we're up against advanced adversaries. We're up against adversaries that are using tactics, techniques and procedures that are just above and beyond what simple little [scripts] ... we were using in the past,” Hottel said. “This hunt exercise allows us to do that, whereas in the past, particularly in other flag exercises, we are not training at the APT level. We [were] training at the script kiddie kind of level and here we're training at a much higher difficulty, which stretches and grows our operators into being true hunters.” He added that the exercises are also helping develop tradecraft. “That's one thing that nobody really teaches, there's no commercial course that you can go buy that teaches tradecraft, that teaches the military away, that teaches the way that we use to find the APT, which in theory, should be ever evolving because our adversary is as well,” Hottel said. “These exercises have been really eye-opening to provide tradecraft development, to become hunters, to understand what it means to be a cyber protection team.” The exercise has evolved to include custom exploits, custom root kits, custom attacks and zero-day exploits within a real-world mission where in some cases hunters don't have any indictors of compromise that exist in the public domain. This means that there is no public reporting available on the exploits or tactics the adversary is using. Participants can hone their skills, by actively hunting on a network in order to find anomalies that could lead to trouble. “As hunters,” he said, “we don't necessarily have singular methodology, we don't necessarily have a unique way that we can go about finding advanced threats mostly because we haven't really been training like that.” The training is also helpful for new mission defense teams, which are just being officially resourced within the Air Force around local installations. By having those teams sit next to CPTs, who are using generally the same tools, they can learn about tradecraft and what to look for at the local level. During the most recent exercise, officials said it was the first time they intentionally tried to trip up participants. Organizers created fake attack chains to see how the players scoped an investigation into a network and deducted points for the amount of time they wasted following that lead. This technique helps teach teams how to scope investigations without going down “rabbit holes,” and not adequately planning, Lt. Christopher Trusnik, chief of training at the 835th Cyberspace Operations Squadron, told Fifth Domain. Beyond the technical hunting, this approach helped team leader to flex leadership muscles. “It was more of teaching that leadership technique of you plan for this, how do you investigate quickly and how do you triage your investigation,” Trusnik, whose unit ran the January exercise, said. Hottel explained that following this most recent event, teams focused on leadership and organization. At one point, someone on his team previously had been coached on what they needed to include such as specific indictors that might be valuable to their mission partners to understand. At this exercise, they included those indicators. In another instance, one team member who had never run a hunt mission struggled at first. Hottel stepped in and with just a little guidance, the leader became more disciplined and was able to find things much better in the last three days. Benefits of cyberspace in training Training in cyberspace has benefits that other domains don't offer. For one, forces don't need a dedicated battlespace such as the Army's National Training Center or the range used at Nellis Air Force Base for the Air Force's Red Flag. With cyber, a custom range can be built and forces from all across the world can come in and participate. The range used for the hunt exercises stays up weeks after the formal event so individuals or teams can try their hand, though they obviously won't be eligible for the Goblet of Cyber trophy. All of this could change with the Persistent Cyber Training Environment (PCTE). PCTE is a major program being run by the Army on behalf of Cyber Command and the joint force to provide a web-based cyber training environment where cyber warriors can remotely plug in around the world and conduct individual training, collective team training or even mission rehearsal — all of which does not exist on a large scale currently. Hottel said that his forces haven't been limited thus far without PCTE. Though, once the platform is online, they can upload the range they used for a competition and it can be accessed by anyone across the joint cyber mission force. Testing new concepts But in the meantime, smaller, unit level exercises like those run by the 567th allow forces to test concepts and learn from others. Unlike larger exercises that have requirements and stated objectives, smaller exercises can serve as a proving ground for staying sharp and pushing the envelope. This allows local units more control over what their personnel do but can also allow teams to test new concepts in a relatively risk-free environment. “Let's say that a national [cyber protection] team wants to test out ... whatever they're currently using because they feel like it would provide them an advantage so they want to test out something,” Hottel said. “We can throw that on the range as well and they can utilize an entirely defensive tool set. We're not trying to make people tool experts, we're trying to make them tradecraft, defensive hunters.” Hottel also said that personnel playing on the archived range can bring new ideas, which can then be tested during the next exercise. In some cases, they may come up with an idea on their own and bring it to the next exercise to see if it actually works. Ultimately, the event is designed to create better cyber warriors. “We're not trying to make people tool experts, we're trying to make them tradecraft, defensive hunters,” Hottel said. https://www.fifthdomain.com/dod/air-force/2020/02/21/the-largest-cyber-exercise-youve-never-heard-of/

• 

  20 février 2018 | International, Aérospatial, Terrestre

  Germany's Bundeswehr 'lacks basic equipment' for NATO mission

  The German army reportedly lacks the tents, winter clothes and other essential equipment needed for its deployment in a NATO rapid reaction force. The German defense ministry pledged that the items would be procured. German soldiers do not have enough protective vests, winter clothing and tents to head NATO's 'spearhead force,' the newspaper Rheinische Post reported on Monday, citing a paper presented to the Defense Ministry. The news comes as Germany prepares to take over the leadership of the multinational Very High Readiness Joint Task Force (VJTF) Army Command at the start of next year, with Defense Minister Ursula von der Leyen (top picture) under intense pressure to bring equipment up to scratch by then. Read more: Defense Minister Ursula von der Leyen: Germany will spend more on its military Commenting on the article on Monday, Germany's Defense Ministry said that combat readiness of German troops would be ensured. "Currently, the selected troops are going through the phase of preparation and mobilization," spokesman Jens Flosdorff said in Berlin. During this phase, the ministry is checking which equipment is already available, and "what is still needed," he said. The authorities are set to complete the process by the end of 2018, at the latest. Flosdorff also said that "Bundeswehr is ready and able to fulfill its commitments," and that the missing items "are being procured." Sleeping cold The Monday report cites the internal paper by Germany's Army Command as stating that the army would lack sufficient tents until at least 2021. According to the Army Command report, 10,282 mobile "accommodation units" are needed for the army's deployment in the VJTF for the period 2018 to 2020, but only 2,500 are currently available — and even these are not fit for purpose. Protective vests and winter clothing were also in such short supply that it would be "impossible" to ensure that demands were met, it said. Last week, German media reported that the Bundeswehr was also lacking sufficient tanks and operational aircraft to fulfill its duties as VJTF leader, along with other equipment shortfalls such as night-vision equipment and automatic grenade launchers. Read more: German military short on tanks for NATO mission 'Scandalous situation' The Rheinische Post said German parliamentarians reacted with outrage to news of the latest deficiencies. "We cannot and will not accept" such supply gaps, said defense expert Fritz Felgentreu from the Social Democratic Party (SPD). The Free Democrat (FDP) politician Marie-Agnes Strack-Zimmermann found even stronger words. "The fact that even basic equipment such as protective vests and winter clothing is in short supply shows what a miserable state the Bundeswehr is in as a result of cutting costs," she said, adding that her party would set up a subcommittee to "look into this scandalous situation" at the next meeting of the Bundestag's Defense Committee. The VJTF is a 5,000-strong force initiated by NATO in 2014 to counter the threat of Russian military aggression against Baltic member states. The force is supposed to be capable of going into action within 24 hours. http://www.dw.com/en/germanys-bundeswehr-lacks-basic-equipment-for-nato-mission/a-42638910

• 

  27 mai 2020 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

  Will defense budgets remain ‘sticky’ after the COVID-19 pandemic?

  By: Eric Lofgren Congress' unprecedented fiscal response to COVID-19 has many in the defense community wondering whether belt tightening will hit the Pentagon. On May 19, the Congressional Progressive Caucus wrote a letter arguing for substantial defense budget cuts to support additional spending on the pandemic. Nonprofit progressive supporters have been asking to cut a much larger $350 billion each year from the Pentagon in their “Moral Budget” proposal. What the progressives perhaps do not fully appreciate is the “stickiness” of defense budgets. In economics, stickiness refers to rigidity in the movement of wages and prices despite broader economic shifts pushing for new equilibrium. The phenomenon is apparent in defense budgets as well. Most expectations are that the fiscal 2021 budget will remain over $700 billion. Consider an analogy: the 2008 financial crisis. Lehman Brothers collapsed just a couple weeks before fiscal year 2009 started, leaving that $666 billion defense budget largely beyond recall. The following years' budgets were $691 billion, $687 billion, $646 billion and then finally in FY13 a more precipitous 10 percent fall to $578 billion. It took four years for the Pentagon to really feel the squeeze of the financial downturn. The uninitiated may believe COVID-19 happened with enough of lead time to affect the FY21 budget. Congress received the president's budget in February 2020 and has until the start of October to make targeted cuts without encountering another continuing resolution. The defense budget, however, represents the culmination of a multiyear process balancing thousands of stakeholder interests. It reflects a vast amount of information processed at every level of the military enterprise. The Pentagon's work on the FY21 budget request started nearly two years ahead of time and includes a register of funding estimates out to FY25. Moreover, defense programs are devised and approved based on life-cycle cost and schedule estimates. Cuts to a thorough plan may flip the analysis of alternatives on its head, recommending pivots to new systems or architectures and upsetting contract performance. Not only are current budgets shaped by many years of planning, but they get detailed to an almost microscopic level. For example, the Army's FY21 research, development, test and evaluation request totaled $12.8 billion, less than 2 percent of the overall Pentagon request. Yet the appropriation identifies 267 program elements decomposing into a staggering 2,883 budget program activity codes averaging less than $10 million each. Congressional staff is too small to understand the implications of many cost, schedule and technical trade-offs. To gather information on impacts, the Pentagon is thrown into a frenzy of fire drills. More draconian measures, like the FY13 sequestration, leading to indiscriminate, across-the-board cuts can sidestep hard questions but comes at a significant cost to efficiency. Targeted cuts at a strategic level, such as to the nuclear recapitalization programs and other big-ticket items, can expect stiff resistance. First, there is real concern about great power competition and the damage that may be wrought by acting on short-term impulses. Second, targeted programs and their contractors will immediately report the estimated number of job losses by district. Before measures can get passed, a coalition of congressional members negatively impacted may oppose the cuts. Resistance is intensified considering the proximity to Election Day. Budget stickiness is built into the political process. The FY22 budget is perhaps the first Pentagon budget that can start inching downward. More than likely, severe cuts aren't in the offing until FY23 or FY24 at the very earliest. That gives time for policymakers to reflect on the scale of the rebalancing between defense and other priorities. In some important ways, congressional control of the Pentagon through many thousands of budget line items restricts its own flexibility. For example, continuing resolutions lock in program funding to the previous year's level until political disagreements can be resolved. The military cannot stick to its own plans, much less start new things. If budget lines were detailed at a higher level, such as by major organization or capability area, then the Pentagon could make more trade-offs while Congress debates. Similarly, if the Pentagon had more budget flexibility, then Congress could more easily cut top lines and allow Pentagon leaders to figure out how to maximize with the constraint during the year of execution. Congress could gain the option to defer the hard questions that can make cuts politically difficult. The Space Force recently released a proposal for consolidating budget line items into higher-level capability areas. It reflects the idea that portfolio-centric management is an efficient method of handling rapid changes in technologies, requirements or financial guidance resulting from economic shocks. Until such reforms are pursued, expect defense budgets to remain sticky. Eric Lofgren is a research fellow at the Center for Government Contracting at George Mason University. He manages a blog and podcast on weapon systems acquisition. He previously served as a senior analyst at Technomics Inc., supporting the U.S. Defense Department's Cost Assessment and Program Evaluation office. https://www.defensenews.com/opinion/commentary/2020/05/26/will-defense-budgets-remain-sticky-after-the-covid-19-pandemic/