The arrival of the digital age has created challenges for the Department of Defense (DoD) and each of the Service components; whereupon, the open, transnational, and decentralized nature of the cyberspace domain that they seek to utilize and protect creates significant vulnerabilities in Air Force networks and weapon systems. Truly, the landscape of warfare is quickly changing due to the addition of the cyberspace domain that transcends the traditional air, sea and land domains. In the past, there were large forces engaged in a focused geographic area.
Today, computer and network technologies operating in the cyberspace domain underpin U.S. military war fighting superiority by enabling the Joint Force to gain the information advantage, strike at long distance, and exercise global command and control. However, this unprecedented advantage can also be a vulnerability that can be exploited by a skilled adversary and needs protection. Is the Air Force transforming its operations to detect, deter, mitigate and protect against cyber threats? This research paper gives an overview of the top Air Force cyber security trends and explores the benefits and challenges to creating a strong cyber security posture.
As the US grapples with the new cyber domain challenges, the Air Force is planning to retool its communications and information technology (IT) corps into cyber warriors. Rather than performing traditional IT duties such as manning a help desk, the communications/computer career field is being transformed to duties as cyber warriors (Godstein, 2018). Lieutenant General Shwedo, Chief of Information Dominance and CIO for the Air Force, stated the service was moving ahead with its plan to convert IT professionals at every base into roles on Mission Defense Teams (MDT) (O’Neill, 2018).
The new teams will be arrayed across the Air Force and they will be responsible for mission assurance at the air base wing level.
The Air Force faces challenges in recruiting and retaining a trained cyber security workforce. Currently, there is a global shortage of cyber security professionals so the competition in both the government and private sectors is fierce. According to the Global Information Security Workforce Study sponsored by Booz Allen Hamilton, this shortfall is on track to hit 1.8 million by 2022. In order to build and retain a cyber corps, the USAF must understand the evolving competitive landscape, including the hiring and retention strategies of the private sector.
In the end, the AF cannot compete on the basis of benefits and salaries alone; for example, Silicon Valley startups and established technology companies are able to attract and retain cyber talent by offering amazing benefits/salaries and a culture that fits the millennial generation (Arthur MacDougall, 2018)l. However, the Air Force has advantages over the private sector through its refined recruitment and development programs. The Air Force provides new recruits, without prerequisite experience, a solid career path…core technical and cyber training through its own DoD schools. Once training is completed, Airmen must enter into a contract to serve a certain number of years based on the amount of education provided. After gaining initial skills, the Air Force employs both the enlisted and officer’s skills to use in challenging positions, often working directly on defending networks.
This real-world experience enables them to develop actual practical skills against global threats. This unique and hands-on approach gives the Air Force a distinct advantage over civilian organizations in the competition for this technical talent. Also, it becomes a strong retention tool. Further, the Air Force offers bonus programs to keep certain workforce communities healthy. These targeted offers have proven to be successful in retaining certain skillsets. Of course, a highly trained cyber warrior will always be in demand by the private sector so there will be a certain number of Airmen that will leave the Service for other opportunities once their commitment is completed; however, many will choose to continue serving as a civilian warrior in the Air Force Reserves or Air National Guard missions. In the end, the Air Force will continue to recruit, train and retain cyber warriors through its recruitment and mission-focused advantages. Now, in order to make this transformational pivot, the Air Force is revolutionizing its traditional IT processes through outsourcing.
As part of the Air Force’s cyber security transformation, as noted, IT staff are being redirected from technology maintenance and network operations to cyber security functions. In order to make this happen, the Air Force is in the midst of a major technological shift towards outsourcing IT operations to the private sector. While it will take years to complete the initiative, the project is ongoing and includes contracts with major IT vendors to manage software applications and data storage; for example, the Air Force has the biggest Microsoft Office 365 enterprise in the world and contracted Oracle for cloud storage as part of a plan to spend $1 billion over the next five years to transform its IT infrastructure (O’Neill, 2018).
Cloud computing has become a standard way for businesses and individuals to utilize the power of the Internet. In its essence, cloud computing is the virtualization and central management of data center resources as software-defined pools. The key advantage for the Air Force is the ability to apply almost limitless computer, storage, and network resources to workloads as needed and tap into an abundance of private sector-built services (Knorr, 2017).
The Service will gain the following advantages (Lionel Dupré, 2012):
While there are distinct advantages to using cloud computing, the Air Force will face the challenge of delegating data security services to a third party as part of the enterprise security architecture. In cloud computing, large amounts of customer data are stored in shared resources and causes a variety of security issues. Further, the cloud provider faces the same data security responsibilities and challenges as the organization that owns the data, including patching and managing their applications against malicious code. The Air Force will need to conduct an assessment to compare benefits from adopting cloud computing, including cost savings and increased efficiency, against associated security risks. It is critical to ensure that solutions offered by the cloud provider effectively comply with the organization’s information system security requirements, including operational and risk management policies.
The US military is at war every day in cyberspace, stopping thousands of attacks/intrusions every hour as adversaries attempt to exploit vulnerabilities in cyber defenses. Maj Gen Christopher P. Weggeman, 24th Air Force Commander, noted cyber warriors are “constantly engaged in a fight” (Grudo, 2018). For example, the Chinese military stole U.S. plans to the technically sophisticated F-35 Joint Strike Fighter, allowing Beijing to create the copycat J-31 (Shinkman, 2016). Air Force weapon systems are critically dependent on interconnectivity and highly complex software/hardware to operate and execute their missions.
The advanced technology has resulted in sophisticated capabilities like sensor fusion, multi-domain awareness, complex command and control and precision targeting. Since all of the capabilities touch on the cyber domain in one aspect or another, there is a great opportunity for adversaries to conduct cyberspace attacks to disrupt, degrade or destroy USAF weapon systems. A malicious nation state may find and exploit vulnerabilities in a fighter aircraft’s flight systems, supporting architectures or sensitive supply chain operations. Further, the potential risks aren’t limited to the Fifth Generation fighters but any system connected to the internet or reliant on computer/communications systems (Don Snyder J. D.-B., 2015).
To meet the challenge of the ever-increasing cyber threats to USAF weapon systems, the Air Force will use their developing cyber warrior corps to ensure weapon systems are resilient and robust to cyber attacks. Air Force weapon systems today are heavily reliant on complex software and high interconnectivity to perform their missions. Cyber capabilities enable many of the advanced features (e.g., electronic attack, sensor fusion, and communications) that give the Air Force its edge over potential adversaries. But they also create potential opportunities—and incentives—for adversaries to counter U.S. advantages through cyber attacks. For example, a sophisticated adversary may seek to discover and exploit vulnerabilities in an aircraft’s software, supporting systems or supply chain in order to gain intelligence or sabotage operations. The potential risks aren’t limited to the newest and most advanced systems; in fact, legacy aircraft and missions, which make up the majority of Air Force inventory, are also exposed to attack from evolving cyber threats (Don Snyder J. D.-B., 2015).
The newly built Mission Defense teams will use a tool called the CVA/H weapon system to identify vulnerabilities and provide commanders with a comprehensive assessment of the risk of existing vulnerabilities on critical mission networks. The tool is functionally divided into a mobile platform used by operators to conduct missions on-site or remotely; a deployable sensor platform to gather and analyze data; and a garrison platform which provides the connectivity needed for remote operations as well as advanced analysis, testing, training, and archiving capabilities. The MDTs will conduct red and blue force operations to find, fix, and engage cyber domain threats.
During active engagements, the CVA/H weapon system, in concert with other friendly network defense forces, provides Air Forces Cyber and combatant commanders a mobile precision protection capability to identify, pursue and mitigate cyberspace threats. The MDTs is capable of conducting a range of assessments from vulnerability to compliance and penetration testing to analysis of data to identify malicious scripts and actors. The weapon system payload is built from both government and private sector software and hardware but customized to meet the mission tasks.
As the cyber domain continues to evolve, the complexity and number of threats will increase. As detailed throughout this research paper, the Air Force cyber security trends are posturing the Service for current and future success. Truly no one solution will address all of the cyber domain challenges; however, the Air Force is implementing a layered approach to transforming it’s cyber security defense. First, the Air Force is aiming to retool the communications and information technology specialty into a cyber security skill set.
Next, to make this dramatic shift possible, the Air Force’s IT network is in the process of being outsourced to private industry. As network operations and data storage shift to a cloud structure run by industry leading companies, the Air Force can shift to cyber security of base level weapon systems, it must take a higher level perspective on the challenges or the solution will be incomplete. The strides are reactive vice proactive since the top trends address issues once a weapon system is fielded. While this is a vital step, the Air Force must harden the weapon system acquisition cycle so cyber security is baked-in throughout the entire tooth-to-tail process. The life-cycle acquisition community must ensure a full-spectrum review of cyber security threats and patches on every step of design and build. Weapon system program offices should include DoD security controls which focus on comprehensive security measures.