AVIANO AIR BASE, Italy -- The U.S. Air Force has been tackling cyberspace defense for two decades with Airmen serving around the globe defending air, space and cyberspace domains with defensive cyber operations and offensive cyber operations forces.
The National Military Strategy for Cyberspace Operations has outlined the need for Department of Defense organizations to begin prioritizing the cyber domain.
In 2018, the President of the United States, Donald J. Trump, reinforced this directive by signing the National Cyber Strategy--the first fully articulated cyber strategy for the U.S. since 2003.
In the past few years, the U.S. Air Force has identified that a critical gap in cyber defenses lies in the local networks on bases across the Air Force.
To combat this issue, mission defense teams were first introduced in 2014 as part of the Cyber Squadron Initiative, an Air Force-wide effort that aims to provide mission assurance through active cyber defense and preventative maintenance. The U.S. Air Force has dedicated cyber teams for OCO and DCO at the national level, and MDTs to fill gaps at the base level.
The 31st Fighter Wing MDT was formed on Jan. 1, 2019, and is growing in size and scope. The U.S. Air Forces in Europe Defensive Operations Cell visited last week to see the team’s progression.
“The 31st FW MDT identified the critical communications links and developed countermeasures and contingency plans, ultimately resulting in a successful operation,” said U.S. Air Force Capt. Angelito Aragon, USAFE Defensive Cyber Operations cell chief. “A core challenge new MDTs face is learning what ‘right’ looks like, and I believe this is exactly what the 31st FW MDT has accomplished here in Aviano.”
The 31st FW is moving from a traditional break-fix maintenance culture to a culture of proactively identifying active cyber-attacks on the network. To do this, the MDT deploys a few tactics, techniques and procedures that allows the team to survey, detect, and protect the 31st FW’s key cyber terrain.
“The first step in defending cyberspace is to know your terrain,” said Senior Master Sgt. David Smyer, 31st Communications Squadron MDT flight chief. “To accomplish this, the MDT utilizes a process called Functional Mission Analysis - Cyber. The purpose of this process is to break down the target system to its core functions to understand how they interact with each other.”
Once the team has identified the 31st FW’s key cyber terrain, they will be better equipped to find where adversaries may be hiding on the network, said Senior Airman Robert Paquette, 31st CS MDT operator.
The 31st FW MDT is also equipped with the sophisticated Cyber Vulnerability Assessment/Hunter weapon system, a tool that comes equipped with all the software needed to properly identify and assess enemy infiltration of the cyber domain. Once suspicious or potentially adversarial activity is found, the MDT springs into action to identify and deter the threat.
Cyberspace is a complex domain, and always changing, but the 31st CS will continue working and silently hunting adversaries through the network, wherever they may be hiding.