Joining Networks: Joint and Coalition Tactics in Cyber Warfare

You were awarded the "Best in the Air Force" for "Info Operations Team of the Year" and "Electronic Warfare Team of the Year" in 2012. Could you shed some light into how your aviation and cyber warfare experience has equipped you with the skills to meet new challenges and exceed goals?

As the Air Force’s Information Operations Team Chief, in South Korea, my team was located within the Strategy Division of the 607th Air Operations Center. My responsibilities included managing the Electronic Warfare Cell, Influence Cell—or psychological warfare as it used to be called – and the Cyberspace Warfare Cell. Those three cells were responsible to not only getting our U.S. and Alliance messages disseminated out to the battle space during exercises, but also the planning effort against any adversary aggression on the peninsula. We were charged with attempting to influence—directly effect—enemy communications so that the adversary’s leadership could not hear, see or talk.

The aviation experience I have from flying the electronic attack (EA) COMPASS CALL aircraft really helped solidify my approach to Information Ops warfare; the EC-130 COMPASS CALL aircraft specializes in denying the enemy the ability to communicate, particularly in the Command & Control (C2) realm; i.e., leadership’s ability to talk with their forces and frontline troops’ ability to do their jobs.

Therefore, my background and understanding of the importance information, or lack of information getting to enemy forces and their leaders in this case, helped my team focus on the critical nodes of our potential adversaries’ modes of communication or ability to get information. We were able to shape cyber targeting in the Korean theater and played a pivotal role in the contingency planning in case of North Korean aggression towards the Republic of Korea.

[inlinead]

What I felt made our team stand-out was the ability to use the latest nodal cyber analysis tools to vastly improve support to our U.S. and Alliance participants during exercises and military planning. For the first time we incorporated U.S. Cyber Command into our planning and exercise support, which drastically improved our ability to synchronize our information operations support to planning kinetic and non-kinetic strike packages. This new emphasis on cyber planning, using the most state-of-art capabilities available, as well as having U.S. Cyber Command’s involvement and expertise really allowed our efforts to meet new challenges and exceeded goals that many didn’t believe we’d be able to do—particularly in such a short period of time.

Could you share your daily duties as a crisis leader and on-site program manager of operations, projects and programs?

My daily duties include managing the flight operations of our EC-130H COMPASS CALL aircraft at Davis-Monthan Air Force Base in Tucson, Arizona. This involves the wide-ranging program management of aircraft system upgrades and daily aircrew training of 157 flyers. The crisis manager duties I perform incorporate the emphasis on safe flight operations and handling of any in-flight emergencies of aircraft I’m flying or helping other aircrews aboard the COMPASS CALL that are currently up in the air flying, to recover safely with malfunctions.

Probably the biggest crisis management I perform is giving support to our EC-130H aircrews and maintenance personnel deployed down range in Afghanistan, supporting Operation ENDURING FREEDOM. Our electronic combat group of COMPASS CALL aircraft has been continuously deployed to Afghanistan for more than 10 years. Thus, we’re constantly rotating new flight crews and aircraft into that theater of operations to support the on-going commitment and flights. Our efforts there are vital to supporting and providing electronic warfare (EW) to U.S. and Coalition air, ground, naval and special operations forces.

Since cyber defense is a team effort, what are some of your tips for achieving tactical networking between joint and coalition networks?

Well, you’re 100% correct that cyber defense is a team effort. Everyone must work diligently to ensure safe COMSEC (communications security) practices while continuing to upgrade and install the latest computer protections for networks and systems. Our ability to network with our sister-services, particularly coordinate and information-share, has drastically improved in the past three to four years. We’re much more equipped to be able to email and communicate with others in a secure environment. I’d say that we still have some hurdles to cross in order to make networking with our coalition partners’ on-par with the communications we have with our sister-services. Part of that problem resides in the difficulty of getting the systems our coalition partners use to talk to our systems. But again, some strides have been made here too.

Additionally, I believe that in order to have good cyber defense it’s important to have an effective cyber offensive capability; therefore, any intrusions or alerts can be handled in a timely manner and mitigate risks and exposure. But the bottom line is that cyber defense takes everyone’s effort; good cyber defense and practices must be emphasized and understood that it’s imperative to being able to continue to do our jobs if the balloon goes up (hostilities). Lastly, it must continue to be stressed that a large part of cyber defense rests with keeping upgrades, or patches, up-to-date and monitored.

The public and private sectors both struggle with insecure web environments. What are your best practices for establishing the security of a tactical network?

The same struggles the public and private sectors have in securing websites, or emails, and even on-line operations (especially Wi-Fi) we have too in the tactical spectrum. Again, proper COMSEC and protocol on computers is the best security. Make sure your computer systems filter spam. Maximize encryption. Don’t trust unsolicited email. Be leery of every mail and attachment. Install antivirus software and make sure it’s kept up-to-date. Also, install a personal firewall and make sure that’s up-to-date, too. The same phishing and social engineering techniques that pose a serious concern to the public and private sectors—pose the same risks to our networks from malware and identity theft.

The younger generation is very good at not answering phone calls from people (and parents!) they do not know or recognize. Kids, for the most part it seems to me, let those calls go to voicemail. However, our society (especially kids) is very quick—perhaps too quick—to jump on text and email messages.

It’s in everyone’s best interest to make a moment and check whom the message (especially email) is from, before opening it. The same goes for attachments and links within emails. If a friend has emailed a joke as an attachment and they’ve included all their friends on the email, your computer is more at risk to malware or a Trojan horse virus.

It comes down to being vigilant and taking the time to look at the risk factors associated with the web environment you’re operating in. VPNs provide a better level of security. Smartphone security has not kept pace with traditional computer security on measures such as antivirus, encryption and firewalls. Smartphones are getting better, though, with features now such as the ability to wipe the device clean remotely, or delete known malicious applications remotely, and inclusion of authentication features now, such as device access passwords.

What does the future of Mission Command look like to you?

The Mission Command future looks very bright and will only continue to grow in importance as our society (and the world) increase dependence on technology. The use of technology in our lives--and our reliance on technology--is only going to get bigger and bigger. With that reliance is societies’ dependence on networks, computers to function, and thus, maintain order. Our banking and infrastructure are big targets. We have to make sure it’s protected. Intelligence protection—safeguarding personal information, business secrets, banking accounts, etc., is paramount. Leaders must continue to devise, plan and execute strategy that protects the networks as our technology gets more sophisticated. Mission Command’s ability to focus and network amongst intelligence, technology and strategy experts is key to ensuring that our civilian infrastructure and military power will be able to defend against, and defeat, any cyberspace attacks in the future.