The Air Force is standing up new “cyber squadrons” and working vigorously to widen the aperture of its cyber-security focus.
“We do a good job with our networks. Our weapons systems are also IT related, so we are working within the Air Force to get those systems to a better place with regard to cyber security,” Peter Kim, Air Force Senior Information Security Officer, told Scout Warrior in an interview.
In order to bring this effort to fruition, the service has begun establishing “cyber-squadron” pilot programs. These programs task specific units at bases to go on cyber-patrols to protect mission systems and core networks, Kim explained.
Rapidly emerging computer algorithms as well as sensors and weapons systems linked by computer processors also pose a growing and unique cyber-security challenge, Kim explained. As a result, the Air Force continues to prioritize being adaptive and inclusive so that drone feeds, fire-control systems and computer-integrated avionics are secured against rapidly-evolving cyber-threats.
While Kim did not mention any weapons systems in particular, there are a wide range of current and emerging Air Force weapons which depend heavily upon IT-related developments. The F-35, for instance, utilizes early iterations of artificial intelligence applications wherein computer algorithms help acquire, organize and present information to the pilot without requiring as much human intervention.
Often referred to as easing the cognitive burden upon pilots, the effort is geared toward systematically presenting information from a range of disparate sensors on a single screen. The F-35s widely-discussed sensor fusion, for example, is evidence of this phenomenon, as it involves using computer algorithms to consolidatie targeting, navigation and sensor information for pilots.
Protecting drone feeds from enemy hacking attempts is yet another example of a focus by the Air Force to maximize its information assurance efforts. Technologies aimed at intercepting, interfering with or jamming real-time drone video transmission is an area of growing concern for Air Force ISR developers.
Overall, the networked or interconnected elements of these technological phenomena increase capability while simultaneously introducing new areas of vulnerability.
“Our flight lines have so many interconnections between portable devices, flowing data, mission systems, hard drives and software being downloaded,” Kim said.
Computer technology and data bases are also central to Air Force air and space superiority, command and control, global strike and intelligence, surveillance reconnaissance missions.
Referring to cyber-defense as a man-made “team sport,” Kim explained how successful methods of increasing security often rely upon simple practices and behaviors which lessen the likelihood of a successful intrusion.
Kim praised ongoing Air Force progress when it comes to broadly implemented cyber-security techniques currently in place, however he did emphasize that wide-spread education about cyber-defense practices across the service would go a long way toward further strengthening the effort.
“At the end of the day, we want to be sure that everyone is practicing cyber-secure practices,” he added.
Naturally, many cyber-security practices involve sophisticated technological methods of protecting routers, servers and networks. Alongside these efforts, the service is pushing to make sure service members remain cautious about clicking on attachments in order to avoid “phishing” and “watering hole” attacks.
Nevertheless, many of the most effective measures involve simple, basic cyber-hygiene practices such as being careful not to connect to unauthorized devices or seek to network personal non-military hand-held devices with Air Force networks. Keeping computers up-to-date and ensuring that needed “patches” are added when necessary are also key aspects of the broader cyber-security calculus.
“We have to be aware that there are dangers out there. The adversary is constantly evolving, changing and trying to get into our systems and exfiltrate information. Airmen who touch information technologies that enable us to do warfighting have to be disciplined in what they are downloading and clicking on. They can’t use a maintenance computer to power up a personal iPhone, they can’t use a USB from home and need to stop and think before they download anything,” Kim explained.
These practices not only pertain to securing networks but also expand to engineering weapons systems that are more resilient to cyber-attack
“This is a new way of thinking about information technology and domain.”