Nation Must Defend Cyber Infrastructure, Alexander Says

By Claudette Roulo
American Forces Press Service

WASHINGTON, June 28, 2013 – The United States must have a transparent debate on how it will protect itself in cyberspace, the director of the National Security Agency said yesterday.

“It is a debate that is going to have all the key elements of the executive branch -- that's DHS, FBI, DOD, Cyber Command, NSA, and other partners -- with our allies and with industry,” Army Gen. Keith B. Alexander told an audience at the Armed Forces Communications and Electronics Association International Cyber Symposium in Baltimore.

Everyone involved must figure out how to work together as the cyber threat grows, said Alexander, who also commands U.S. Cyber Command.

In August, the Saudi Aramco oil company was hit with a destructive attack that destroyed the data on more than 30,000 systems, he said. In September, distributed denial of service attacks began on the U.S. financial sector, and a few hundred disruptive attacks have occurred since.

In March, destructive cyberattacks took place against South Korea, the general said.

“If you look at the statistics and what's going on, we're seeing an increase in the disruptive and destructive attacks. And I am concerned that those will continue,” he said. “As a nation, we must be ready.”

Over the past few years, there has been a convergence of analog and digital data streams, Alexander said. Now, everything is on one network -- information sent by terrorists, soldiers and school teachers travels through the same digital pipelines.

The cyber world is experiencing an exponential rate of change, he said. “It's wonderful,” he added. “These capabilities, I think, are going to help us solve cancer. This is a wonderful opportunity.”

But, he said, cyberspace also has vulnerabilities. “We're being attacked,” Alexander said. “And we've got to figure out how to fix that.”

The key to the nation’s future in cyber is a defensible architecture, he said, embodied for the Defense Department by the Joint Information Environment. In that environment, mobile devices will securely connect with fixed infrastructure across the services in a way that allows the department to audit and take care of its data much better than it could do in the legacy systems, Alexander said.

The need to create one joint integrated cyber force is “a great reason for having NSA and Cyber Command collocated,” Alexander said. Both are based on Fort Meade, Md.

“We can leverage the exceptional talent that the people at NSA have to help build that force,” he added, “and that's superb.”

Old Policies Inhibit Cyber Interoperability, Official Says

By Amaani Lyle
American Forces Press Service

BALTIMORE, June 27, 2013 – Policies that inhibit interoperability in the cyber domain with coalition partners and other agencies are worthy of re-examination, a senior U.S. Cyber Command official said at the 2013 Armed Forces Communications and Electronics Association cyber symposium here yesterday.

Army Maj. Gen. Jennifer L. Napper, Cybercom’s director of plans and policy, said reassessing the purpose of information sharing comes down to setting basic standards for connectivity and operability.

Napper said the initial policies came to be during a time that predated modern technology, which now more astutely determines that only people on a “need-to-know” basis can access certain information. “We’re beyond that,” said the general told the audience. “We can do role-based identity management today. We can tag data. We can make sure we can share.”

The task at hand now, Napper said, is transitioning from legacy systems into a more open data environment that allows officials to tag data so access it is based on identity management. Getting consensus on standards and then setting and sticking to those standards will facilitate information sharing with international partners in various capacities, initiatives and operations, she added.

As cyberspace plays a more prominent role in partnerships, particularly with Russia and China, cooperation among the U.S. government, industry and other nations will become increasingly vital. “This, more than any other area, must be a team sport,” Napper said.

DOD Must Stay Ahead of Cyber Threat, Dempsey Says

By Claudette Roulo
American Forces Press Service

WASHINGTON, June 27, 2013 – In its mission to defend the nation, the Defense Department must stay ahead of the ongoing technological revolution and its attendant rise in “anywhere, any time” cyber threats, the chairman of the Joint Chiefs of Staff said here today.

“As the defense community begins to focus inward on the implications of changing resources and this thing called sequestration, I think it’s important that we force ourselves to continue to look outward, at the changing world around us,” Army Gen. Martin E. Dempsey told attendees at a Brookings Institution forum.

Computers continue to be integrated into in everyone’s daily lives, the chairman said. “By this time next year, I’m quite certain that my toaster will be connected to the Internet and probably tweeting,” he joked. “But the spread of digital technology has not been without consequence. It has also introduced new dangers to our security and our safety.”

Dempsey told the audience that in his two years as chairman, he has focused on what this revolution means for the military. He has spoken with information technology experts, major tech company security teams, and spent time with an Internet service provider. He even met with a venture capitalist, he said.

“One thing is clear: cyber has escalated from an issue of moderate concern to one of the most serious threats to our national security,” Dempsey said. Now, the entire country could be disrupted by the click of mouse, he added.

To address these threats, the military must take on new missions, the chairman said.

“Cyber incidents have steadily escalated over the past year,” Dempsey said. Banks and oil companies have been targeted by sophisticated attacks, he said, and more than 20 nations now have military cyber units.
“This is the new normal in cyberspace,” Dempsey said. “Disruptive and destructive cyberattacks are becoming a part of conflict between states, within states, and among nonstate actors. The borderless nature of cyberspace means anyone, anywhere in the world, can use cyber to affect someone else.”

It isn’t enough to just strengthen cyber defenses on military systems, the chairman said. Intrusion attempts on critical civilian infrastructure systems have increased 17-fold over the last two years, he said. “The gap between cyber defenses deployed across critical infrastructure and offensive tools we now know exist presents a significant vulnerability for our nation,” Dempsey said.

In response to the threat, the Defense Department is growing its capacity to protect its own networks, and it’s adding a new mission: defending the nation, when asked, from attacks of significant consequence -- those that threaten life, limb, and the country’s core critical infrastructure, the chairman said.

Over the next four years, 4,000 cyber operators will join the ranks of U.S. Cyber Command, and $23 billion will be invested in cybersecurity, he said.

Three types of teams will operate around the clock at Cyber Command, Dempsey said. National mission teams will counter adversary cyberattacks on the United States. “A second and larger set of teams will support our combatant commanders as they execute military our missions around the globe,” Dempsey said. “The largest set of teams will operate and defend the networks that support our military operations worldwide.”

The most immediate priority is securing the “dot-mil” domain, the chairman said. “But in the event of a domestic cyber crisis,” he added, “our cyber forces will work in support of the Department of Homeland Security and the FBI, who lead our nation’s response in the dot-gov and dot-com domains.”

To ensure this force is able to operate quickly, the Defense Department now has a “playbook” for cyber, Dempsey said, noting that a presidential directive codifies how each part of the government will respond in the event of a serious cyberattack. Under this directive, the department has developed emergency procedures to guide its response to imminent, significant cyber threats, the chairman said.

The Defense Department is updating its cyber rules of engagement for the first time in seven years, he added, and also is improving mission command for cyber forces.

While cyber may be the nation’s greatest vulnerability, Dempsey said, it also presents the military with a tremendous asymmetric advantage. “The military that maintains the most agile and resilient networks will be the most effective in future war,” he told the audience. “This is the kind of force we are building for the future.”

Each branch of the military is doing its part, the chairman said, by investing in equipment and personnel that will ensure the joint force can operate in cyberspace as capably as it can on land, sea, air, and space. The next step is the planned Joint Information Environment, he said -- a single, easy to secure, joint network delivering data to the department’s personnel wherever and whenever they need it.

“As part of this new Joint Information Environment, we’re building a secure 4G wireless network that will get iPads, iPhones and Android devices online in 2014,” the chairman said. “With tools like this, the smartphone generation joining our military will help us pioneer a new era of mobile command and control.”

Although the Defense Department has made significant progress in embracing cyber, the nation’s effort to protect critical civilian infrastructure is lagging -- a worrisome vulnerability, the chairman said. Sharing information about cyber threats is one of the most important ways to strengthen cybersecurity across the private sector, he added, but threat information primarily is shared in only one direction: from the government to critical infrastructure operators.

“That has to change,” Dempsey said. “We can’t stop an attack unless we can see it.”

The country is debating the proper purpose and limits of intelligence collection for national security, the general said, but these are two entirely different issues, and it is a mistake to combine them.
“One is collecting the intelligence necessary to locate foreign terrorists and their potential domestic co-conspirators,” he explained. “The other is sharing information about malware to protect our critical infrastructure from a different kind of attack.”

Ultimately, he said, “it will take legislation to significantly strengthen our ability to withstand cyberattacks while safeguarding civil liberties.”

Information sharing is just one path to safer network operations, the chairman said. Others include improved cybersecurity standards and the establishment of internationally recognized rules for responsible behavior in cyberspace.

“The rise of cyber is the most striking development in the post-9/11 national security landscape,” Dempsey told the audience. “We are doing everything we can inside the military to be ready to operate in cyberspace. I call on our elected officials and the private sector to match the urgency. Together, we must place this nation on surer footing against the cyber threat.”

Official Shares DOD Brain Injury Trends With Civilian Nurses

By Terri Moon Cronk
American Forces Press Service

BALTIMORE, June 25, 2013 – When symptoms of traumatic brain injury began to surface among service members in combat, the Defense Department had to ensure the injuries were fully understood and pathways to cures were planned, the deputy director and acting national director of the Defense and Veterans Brain Injury Center said here yesterday.

Addressing the Maryland Nurses Association 2013 neuroscience nursing symposium at Sinai Hospital, Kathy Helmick presented an overview of DOD’s policies and programs for TBI diagnosis and treatment. The center performs clinical care, research and education on TBI.

“Close to 20 percent of TBIs occur in the reserve components, and … these are folks who sustain injury while in service and then go back to our communities,” Helmick told the civilian nurse audience.

Many TBIs occurring in combat went undetected for months, Helmick said, and officials stepped up efforts for early detection. Undetected and untreated TBIs can affect unit readiness when service members have substandard reaction time, decreased awareness and difficulty multitasking, she noted. “We also had to think about how we delivered care in a [combat] theater environment like Afghanistan,” she added.

In developing standards of care for TBI, Helmick said, DOD officials had to examine where such injuries occurred, how soon patients were seen by medical staff in the field, and contingencies for battlefield medicine. To make sure injured troops were medically evaluated, DOD issued a policy in June 2010, she said, describing it as “symptom-driven.”

“If you’re involved in a blast in a vehicle, or if you’re within 50 meters of a blast, you have direct blow to your head, or are exposed to more than one blast event, you are mandated by this policy to go get checked out to see if there’s been a concussion,” Helmick said. Exposure to blasts results in TBIs in service members about 15 percent of the time, she noted.

DOD’s main tool to evaluate concussion is called MACE -- the Military Acute Concussion Evaluation -- and is performed by an Army medic or Navy corpsman, she said.

“It’s a simple tool to test symptoms and [get a] cognitive score,” Helmick explained. “MACE helps us determine if a concussion occurred. It really is the hallmark tool that guides us to further assessment.”
The onsite evaluations, using manuals and even cellphone applications as guides, help doctors treat the injured service member, she said.

If a TBI is detected early, service members have a better chance of returning to duty, Helmick said.
“If not, they’re going to get some rest and go through standardized care to ensure they’re safe to go back to duty,” she added.

When service members suffer multiple concussions –- three or more injuries within 12 months –- they go through several evaluations, such as neuropsychological testing; neuroimaging, such as MRI; and functional outcome measures to determine how they’re functioning after several concurrent concussions, Helmick said. “If they can’t go back to duty, they go to comprehensive rehabilitation to address those issues,” she added.
In determining whether a service member has had a TBI, medical staff members consider the obvious signs of concussion: a change that can leave a service member temporarily dazed and confused, the inability to assimilate the environment through smell, visual and tactile means, and the inability to process information, Helmick said. Medical professionals also look for signs of post-traumatic amnesia, memory loss and a lack of consciousness. Witnesses to injuries also are critical.

More than a single test could be inevitable in the future, she said.

“We think we will have an arsenal, maybe two or three tests, to [determine] if a person had a concussion from an objective standpoint,” Helmick told the nurse audience. “We’re trying to promulgate policies within DOD to make sure we detect concussion, have the science related to it, and that we’re getting that [information] out to the mainstream [community]”.

Other future endeavors at the center include a comprehensive look at dizziness symptoms, Helmick said.
“The No. 1 reported concussion symptom is headache, followed by dizziness,” she said. A guideline on sleep disturbances from TBI also is expected to be available next month, she added.

And because tests such has MRIs are not always indicated and are determined on a case-by-case basis, military medical professionals soon will have a standardized approach on who should have MRIs, Helmick said.

After 12 years of war, DOD has “copious amounts” of TBI research, Helmick said. The question that remains to be answered is the long-term effects of TBI, she added.

ASTS to Lead SpaceX Certification Activities at Vandenberg

by Lt. Col. Joseph Imwalle
1st Air and Space Test Squadron commander

6/14/2013 - VANDENBERG AIR FORCE BASE, Calif. -- Space Exploration Technologies Corporation and the U.S. Air Force reached an agreement June 7 that will allow the company to compete for national security space payload contracts after it completes a certification process that will be led, at Vandenberg, by the 1st Air and Space Test Squadron.

"I'm proud of the 1 ASTS team for the role they played in pioneering this new process," said Col. Shahnaz Punjani, 30th Launch Group commander. "They helped design the roadmap to certification, and I'm confident that, as they lead related activities here at Vandenberg, they'll continue to represent Air Force space launch trailblazing at its best."

While the official agreement signing ceremony was held at SpaceX headquarters in Hawthorne, Calif., the 1 ASTS and Vandenberg SpaceX team held a local event at Space Launch Complex 4 to mark the start of the certification process.

The SLC-4 ceremony included remarks by 1 ASTS commander Lt. Col. Joseph Imwalle and 1st Lt. Jonathan Denton, 1 ASTS certification mission manager, and a tour of the new 1 ASTS administrative office in Building 730.

The inaugural SpaceX Falcon 9 v1.1 rocket is scheduled to launch this year from Vandenberg. 1 ASTS will lead all launch site certification activities at the base under the authority of the Space and Missile Systems Center.

"This is an exciting time to be in the launch business," Denton said. "Commercial launch service providers like SpaceX promise to invigorate U.S. spacelift operations. This influx of fresh talent and enthusiasm should challenge the status quo and unleash greater potential for assured access to space."

The squadron will evaluate SpaceX launch systems, processes and procedures with technical oversight and approval by the 30 LCG Technical Director, Tom Stevens. Locally, SpaceX and 1 ASTS have been interacting during SpaceX launch site activation work for months in anticipation of the formal agreement being signed.

The end result of this Evolved Expendable Launch Vehicle New Entrant certification process will be a formal flight worthiness determination by the SMC commander as to the capability of SpaceX to successfully launch EELV-class missions using the Falcon 9 v1.1.

Once certified, SpaceX will be permitted to compete for EELV launches and potentially help drive down the cost of space lift for the Department of Defense.

Midshipmen Intern, Mentor with NPS Cyber Academic Group Faculty

MONTEREY, Calif. (NNS) -- A small cadre of midshipmen from the U.S. Naval Academy in Annapolis are wrapping-up a weeks-long internship with Naval Postgraduate School Cyber Academic Group (CAG) faculty, June 18.

Sponsored by the National Reconnaissance Office, the interns traveled to the West Coast during their school's summer break to get hands-on experience in software engineering, cloud computing and computer-controlled systems.

Midshipmen Aaron Fleming, Kyle Hawkins, Ethan Genco and Victor Bowen are all computer science students at the academy, and each were assigned specific tasks to incorporate what they have already learned upon arrival in Monterey. At the same time, faculty challenged the interns to learn computer coding language and objects that deal with cyber security and smartphone application development - work they would not ordinarily be doing during their studies back in Annapolis.

"Aaron and Victor are conducting research that they normally wouldn't be working on at the academy," said CAG Chair Dr. Cynthia Irvine. They have been challenged, and the outcome has been a unique contribution to NPS' research in cyber security because of their fresh sets of eyes to a problem, she added.

With Irvine's mentorship and oversight, two of the four midshipmen are working with computer science Associate Professor Craig Martell in ongoing biometrics research, while the other two are working with research associate Thuy Nguyen on cloud computing and systems security.

Bowen, who hails from Valley Center, Calif., and the son of a Marine, has been working with a robotic arm that was part of a master's thesis project from a previous NPS student. He is using the tool to learn about Supervisory Control and Data Acquisition, or SCADA, systems.

"After getting it working and understanding it, I was sent hardware from the Naval Sea Systems Command, used on Navy ships, to begin understanding and then building up the new hardware for future thesis work," said Bowen. Through the exercise, Bowen's overall goal is to analyze and understand the essentials of security in SCADA systems.

Bowen noted that he is contemplating becoming an Information Warfare Officer in the Navy or to follow in his father's footsteps and choose the Marine Corps.

Fleming, a computer science/information technology double major at the academy, is also working solo on a specific mission.

"I am working on a project relating to cloud computing which focuses on the idea of having multiple security levels of data on the same cloud," he said. Fleming is developing a test suite to check the different capabilities of security-enhanced Linux to make sure that the multi-level security policies are being enforced.

"This will ensure that a user, and the process running at the unclassified level, cannot read data at the top secret level, and so on," added Fleming.

From Newport Beach, Calif., Fleming says he is very interested in the cyber areas of the Navy. " I would love to go into the field of information warfare (IW)," he said. After graduating from the Academy, he says he may choose to become a Surface Warfare Officer (SWO) and later make a lateral transfer to the IW community.

The other two interns, Hawkins and Genco, are working with Martell on the creation of Android apps using a framework called Funf.

"This framework helps app developers create apps that collect data from the built in sensors and probes on Android cell phones, such as GPS, the accelerometer, the gyroscope, etc.," says Hawkins. "Hopefully, our apps will contribute to the research being conducted by Prof. Martel."

Martell is quick to add that their efforts will indeed be of direct benefit to the future graduate studies of NPS students.

"The work that Ethan and Kyle are doing has a direct effect on our research. The apps they write in Funf will be directly usable by NPS students in my lab to conduct higher-level biometric-authentication experiments. At the same time, they are getting hands-on experience in both programming Android phones and in experimental design," said Martell.

Midshipman Kyle Hawkins is from Lonetree, Colo., and Ethan Genco is from River Falls, Wis.

DOD Establishes Tissue Bank to Study Brain Injuries

American Forces Press Service

WASHINGTON, June 14, 2013 – The Defense Department has established the world's first brain tissue repository to help researchers understand the underlying mechanisms of traumatic brain injury in service members, Pentagon officials announced yesterday.

The announcement follows a symposium that Defense Secretary Chuck Hagel convened, in which a group of senior defense officials and experts in the medical field and from outside organizations discussed advancements and areas of collaboration regarding traumatic brain injury.

"We have been at war for more than a decade, and our men and women have sacrificed," said Dr. Jonathan Woodson, assistant secretary of defense for health affairs. "The military health care system is bringing all the resources it can to better understand how to prevent, diagnose and treat traumatic brain injuries and to ensure that service members have productive and long, quality lives.

“Our research efforts and treatment protocols are all geared toward improving care for these victims,” Woodson continued. “And that will have benefits to the American public at large."

The Center for Neuroscience and Regenerative Medicine Brain Tissue Repository for Traumatic Brain Injury was established at the Uniformed Services University of the Health Sciences in Bethesda, Md., with a multiyear grant from the U.S. Army Medical Research and Materiel Command to advance the understanding and treatment of TBI in service members.

"Little is known about the long-term effects of traumatic brain injury on military service members," said Dr. Daniel Perl, a neuropathologist and director of the brain tissue repository. "By studying these tissues, along with access to clinical information associated with them, we hope to more rapidly address the biologic mechanisms by which head trauma leads to chronic traumatic encephalopathy."

CTE is a neurodegenerative disorder that involves the progressive accumulation of the protein tau in nerve cells within certain regions of the brain. As the tau protein accumulates, it disturbs function and appears to lead to symptoms seen in affected patients such as boxers and, more recently, football players with multiple head trauma.

Defense Department researchers will look at the brain tissue samples to characterize the neuropathologic features of TBI in service members. Important questions to be addressed include "What does blast exposure do to the brain?" and "Do the different forms of brain injury experienced in the military lead to CTE?"

Service members exposed to blasts "are coming home with troubling, persistent problems and we don't know the nature of this, whether it's related to psychiatric responses from engagement in warfare or related to actual damage to the brain, as seen in football players," Perl said. "We hope to address these findings and develop approaches to detecting accumulated tau in the living individual as a means of diagnosing CTE during life -- and, ultimately, create better therapies or ways to prevent the injury in the first place."

"We are learning though the process of discovery the effects of repetitive mild traumatic brain injury, and also how to prevent this issue of chronic traumatic encephalopathy," Woodson said. "The brain tissue repository will enable us to learn even more about how we can treat injuries and prevent future calamity for service members."

For Navy, Cyber Has Inherently Military Operational Aspect

By Cheryl Pellerin
American Forces Press Service

WASHINGTON, June 12, 2013 – For the Navy, cyber has an inherently military operational aspect, and the service is shaping its dedicated workforce to be 80 percent uniformed and only 20 percent civilian employees and contractors, the Navy’s top cyber officer said in a recent interview.

Navy Petty officer 2nd Class Jessica Cummins performs her duties at the U.S. Fleet Cyber Command Maritime Operations Center at Fort Meade, Md., Oct. 3, 2012. Fleet Cyber Command serves as the Navy component command to U.S. Strategic Command and U.S. Cyber Command, and is the Navy's central operational authority for cyber, networks, cryptologic/signals intelligence, information operations, electronic warfare, and space capabilities. DOD courtesy photo   (Click photo for screen-resolution image);high-resolution image available.

Navy Vice Adm. Michael S. Rogers, commander of U.S. Fleet Cyber Command and U.S. 10th Fleet, spoke with American Forces Press Service about the foundational importance of the cyber domain to the Navy, the joint force and U.S. Cyber Command.

 

“There’s a reason why, for example, if you go on that air wing on that carrier, you don’t see civilians flying those aircraft,” Rogers said. “If you go on board that ship or submarine, go down to where those weapons systems are and where those radars and tools [are] that give you situational awareness of what’s going on. You don’t see civilians manning those.”

Rogers said the joint model most services are working toward is 80/20, and the Navy probably is at 77 percent today with its dedicated cyber workforce of about 5,000, plus contractors.

“Like the other services, we’ve had our workforce engaged in cyber for a long time,” the admiral noted.

Navy officials concluded seven or eight years ago that cyber was of such foundational importance to the service’s future that they created a dedicated workforce to do cyber, particularly on the high-end side, Rogers said. He defined the high end as “implying in-depth understanding of network structures and the ability to operate in relatively complex networks.”

At the same time, he added, it was becoming clear that the Navy’s traditional electronic warfare mission and cyber were increasingly converging.

Chief of Naval Operations Adm. Jonathan W. Greenert made that point in an April 3 op-ed article in the Breaking Defense online magazine. “With wireless routers or satellites part of almost every computer network,” he wrote, “cyberspace and the [electromagnetic] spectrum now form one continuous environment.”

“We’ve been thinking about this for a long time,” Rogers told American Forces Press Service, “and it’s nice to see that it’s playing out in some ways as we thought it would.”

Fiscal year 2013 is the first year the services are contributing to Cybercom’s national and cyber combat mission forces and its Cyber Protection Force, Rogers said, and the Navy is bringing on more capability than any other service.

“In 2010 and 2011, we bought as a service almost 800 billets that we dedicated to cyber,” the admiral said. “We said, ‘We realize the workforce hasn’t been fully defined, but we think this is enough. We see the trends. We think we need to make the investments now.’”

This year, Navy cyber will bring 800 cyber service members online to form a series of dedicated teams for Cybercom, Rogers added, and in the subsequent three years, the Navy cyber organization will bring on nearly 1,000 more.

The cyber workforce represents a range of capabilities and specialties, Rogers said.

“Our view is that you need to bring together three or four core ratings to work the cyber piece,” he explained, “some of them in areas you don’t necessarily directly associate with cyber -- things like language. As we got into this, we came to the conclusion that we needed the ability to work in multiple languages if we’re going to work cyber from a global perspective.”

Intelligence, information technology and cryptologic technician-networks ratings also are considered core cyber capabilities, he added.

Most of the service cyber commanders have said there are similarities and differences in the way each service approaches its cyber mission, and Rogers said each service adopted its own structures and organizational construct.

“So we’re all organized a little differently,” he said.

“In the case of the Navy, we replicated the joint model in many ways,” Rogers said. “Just as Army Gen. Keith Alexander is both the commander of the U.S. Cyber Command with Title 10 [armed forces] authorities, as well as director of the National Security Agency with Title 50 [national security and intelligence] authorities, I am commander of Fleet Cybercom and have operational control over the majority of forces and capabilities within my service that operate and defend the networks, as well as the service’s offensive capabilities.”

Rogers said he also wears a Title 50 hat as the Navy’s cryptologic commander, so the Navy’s signals intelligence, or SIGINT, resources also are under his operational control.

SIGINT is intelligence gathered from electronic signals and systems -- such as communications systems, radars and weapons systems -- used by foreign targets.

“The reason we went this way was we believed the SIGINT capability -- the ability to see the cyber battle space as well as to gain insights into opponents’ use of cyber -- was a real plus in the cyber world,” the admiral said.

“It’s the same thing that led the joint world to … align the traditional service operational command, U.S. Cyber Command, with the SIGINT situational awareness and knowledge of the battle space of NSA,” he added. “We liked that model. We came to the same conclusions.”

Another difference in the Navy’s approach, the admiral said, “is we believe that if you’re going to successfully defend your networks then you can’t separate operation of the networks from the defensive side -- you can’t treat them as totally separate, unrelated activities.”

The Navy is the only service, he added, that has decided one entity should operate the networks and defend them, as well as control the offensive cyber capabilities.

“I think that gives us great agility. … It enables us to make very smart, very fast tradeoffs,” the admiral said. “It’s a real source of strength. … We operate them, we maintain them, we structure them, we control them.”

One of the things that makes cyber different from the land, sea, air and space domains, Rogers said, is that it’s the one in which every member of the organization is an operator.

“If we’ve given you access to a keyboard, you’re operating in our domain,” he added. “You can’t really say that about the air or the maritime or the subsurface. Elements of our force are operating in those domains -- don’t get me wrong -- but not everybody is an operator all the time.”

This reality, the admiral said, “represents to us [not only] an opportunity to gain advantage, but also a potential opportunity for vulnerability for others to exploit, whether it’s intentional or unintentional.”
Adapting to this challenge and succeeding in the cyber domain means changing the mindset of everyone in the Navy who uses a keyboard, Rogers said.

“We have to think much more broadly about this,” he added. “If you think Vice Admiral Rogers and 5,000 highly motivated individuals are all it’s going to take to achieve success and operate in an agile and effective manner in this domain, you don’t get it. It’s bigger than that.”

It doesn’t matter, he said, “whether you’re sitting on shore duty in the middle of the United States or you are out on the USS Eisenhower in the Strait of Hormuz. You’re an operator in this domain.”

Security a Priority in DOD Move to Mobile Devices

By Cheryl Pellerin
American Forces Press Service

WASHINGTON, June 7, 2013 – The Defense Department wants to provide secure access to information from any device, anywhere and anytime, but the priority is security, the department’s principal deputy chief information officer said here yesterday.

At a defense systems seminar, Robert Carey spoke about mobile device security and architecture before an audience of military, government and industry experts.

“It’s an exciting time for the mobile space, and I will tell you as we march into it and into choices and … into smart phone utilization in the DOD, it is not without the requisite security,” Carey said.

“Many an industry and federal agency that are leaping into it a little faster than the security apparatus is willing to catch up with, but we are not,” he added. “We are trying to leap in it with the security apparatus attached.”

Today, DOD has more than 600,000 commercial mobile devices in operational and pilot use, including about 470,000 BlackBerry phones, 41,000 Apple operating system devices and 8,700 Android devices.

Last June, the department released a mobile device strategy that identified information technology goals and objectives for making the use of mobile devices possible from the hallways of the Pentagon to battlefields and secured spaces worldwide.

The strategy focused on improving wireless infrastructure and mobile devices and applications. The steps it proposes are designed to keep these areas reliable, secure and flexible enough to keep up with the pace of technology.

Then in February the department released a Commercial Mobile Device Implementation Plan with goals and objectives for allowing the secure use of mobile devices.

A key objective is to establish a departmentwide mobile enterprise plan that permits the use of smartphones and tablets from different vendors and to develop an enterprise mobile device management capability and app store to support about 100,000 devices from multiple vendors.

Carey said the Defense Information Systems Agency “is leading the charge for DOD to centrally provide and provision an infrastructure that we can then all use.”

DISA is rolling out unclassified and classified devices in phases that began this year and continue until fiscal 2014.

A slide from Carey’s presentation indicated that in March DISA rolled out 500 devices at the Secret classification, and in April, 1,500 unclassified devices.

The next phase begins in September, when DISA will roll out 5,000 unclassified devices and 1,500 devices at the Top Secret classification. In fiscal 2014 it will roll out up to 100,000 unclassified devices and have enterprise capability for devices at classified levels.

“We’re doing both [unclassified and classified] simultaneously right now and we’ll expand both as the demand signal requires,” Carey said.

“But we’re moving out on the unclassified with [vendor] choices with the secure architecture up at DISA, engaging Internet service providers, creating mobile device management solutions that meet security requirements of the Federal CIO Council, and other things,” he added. “So we’re out on-point with the federal government, doing work that keeps the unclassified devices secure.”

On the federal mobility effort, the department is working with the National Institute of Standards and Technology, the Department of Homeland Security, the Department of Justice and the Federal CIO Council “to ensure that the standards we use for an unclassified phone are the same. That’s really important,” he noted.

Carey said DISA also is working to define the way forward on public key infrastructure, or PKI authentication solutions for mobility. A PKI is a system that’s required to provide public-key encryption and digital signature services.

“Our identities have to be lashed to these devices, tactical or not, so that as we engage data and the network it is with approved identity credentials and our PKI that we’ve all been given when we get our common access cards,” he said.

Carey said engaging the network with user ID and password is old school computer security.
“You have to get into PKI and cryptography in this day and age,” he said.

Of the several high bars to commercial mobile security, the largest is PKI authentication, he said.
“If I can’t authenticate your identity through this device to the network -- game over,” Carey added.
The reason is that all DOD websites today are required to be PKI-enabled anyway, he said.

“And if you’re going to conduct a transaction you have to have this flow through the phone,” Carey said. “There are a couple different ways to do it, but nevertheless it’s got to be done.”

Woman Becomes Air Force’s Chief Scientist

By Senior Airman Carlin Leslie
Secretary of the Air Force Public Affairs

WASHINGTON, June 6, 2013 – The Air Force has appointed the service's first female chief scientist to lead the way in the technology and science fields.

The Air Force appointed Dr. Mica Endsley as its first woman chief scientist to lead the way in the technology and science fields. U.S. Air Force photo   (Click photo for screen-resolution image);high-resolution image available.

Dr. Mica Endsley assumed her new duties and responsibilities as the Air Force’s 34th chief scientist June 3 in support of Air Force senior leaders and airmen across the service.

"Having served on the Air Force Scientific Advisory Board for many years, I've had the pleasure of working closely with the current and several former Air Force chief scientists," Endsley said. "I know this is a tremendous opportunity to help the Air Force excel in its goal of maintaining the critical technological edge that gives our airmen a strategic advantage."

Air Force Chief of Staff Gen. Mark A. Welsh III emphasized the important role Endsley will play in continuing the Air Force's legacy of innovation.
"I'm pleased to have Dr. Endsley as a part of the Air Force team," Welsh said. "She follows in the footsteps of many superb minds that have advanced our technological edge and provided much-needed capabilities to our airmen. Although she arrives at a very challenging time, I'm confident she'll continue a proud legacy of chief scientists who use innovation and strong leadership to keep our Air Force the world's finest."

Successfully maintaining that technological edge Welsh mentioned is a key job, Endsley said, and she plans to use every available resource to effectively and cost efficiently get the job done in support of airmen.

"This involves working with the top scientists and engineers within the Air Force as well as in academia, industry and the other armed services," she said, noting this will "ensure that the Air Force's research and development efforts are being directed at the right problems."

Endsley said she plans to ensure the Air Force continues to develop technologies and systems that will truly support airmen and their missions.

"I know that in many cases, we can dramatically improve our mission effectiveness by using the science of human performance to design technology," she said.

This, she added, will "better support the way people work."

As Endsley takes the helm of an office that has made large strides over recent years, she’s motivated to push the envelope even further.

"My goal will be to continue with these efforts, making sure that we are implementing their recommendations and achieving the needed milestones in our science and technology portfolio," she said. "To stay competitive in the future, we need to make sure that Air Force systems keep up with this rapid pace of change, particularly in computers, cyber and all across the information spectrum."

Endsley feels that along with the growth of the organization, she has a duty as the first female chief scientist to reach out to the younger generation, speaking on the advantages of a career in science, technology, engineering, and mathematics fields.

"I want to share with the young women I speak to, the many advantages of a science, technology, engineering and math career," she said, and that it will "make many more interested if they knew how very creative and team-oriented engineering work is and how satisfying it is to be able to solve real problems that affect people's lives."

Endsley said she is excited to begin looking across the Air Force, ensuring the needs of airmen are understood and met. At that point she can help bring technology to bear in the right ways to solve the problems they face.

"I deeply respect the challenges and sacrifices that all of our airmen, at every level, make daily in service to our nation," she said. "To be asked to join them and do what I can to support them was simply an opportunity I could not pass up."

NOAA Unmanned Aerial Systems

by Senior Airman Shandresha Mitchell
6th Air Mobility Wing Public Affairs

6/6/2013 - MACDILL AIR FORCE BASE, Fla. -- While the National Oceanic and Atmospheric Administration Aircraft Operations Center is most often associated with the NOAA Hurricane Hunters, many other important missions are also conducted from MacDill, especially with the new addition of Unmanned Aerial Systems.

"The arrival of Unmanned Aerial Systems marks a definite transition into the next generation of aviation platforms that are becoming available to the public and civil sectors," said Lt. Cmdr. Jason Mansour, AOC's UAS section chief.

The missions of the UAS include marine mammal surveys, sea bird surveys, marine debris and living marine resources.

While NOAA is in the early phases of conducting UAS operations, platforms such as Global Hawk, PUMA All-Environment, Quadrocopter and Hexacopter are being demonstrated and analyzed for their use in collecting environmental intelligence.

Masour explained that "NOAA is relatively new to the UAS spectrum; we are rapidly gaining experience assisting with our federal partners in understanding what the systems are capable of, and also obtaining a proficiency in using the technology appropriately. The opportunity to leverage the unique capabilities of the UAS is truly exciting."

As of now, NOAA AOC has three UAS. The fixed wing PUMA A-E is a battery powered UAS capable of flying up to 10,000 ft. It gives a bird's-eye view of areas of interest and is used for sensitive studies that are problematic to low flying manned aircraft. To date, the PUMA A-E platform has been utilized more than any UAS in NOAA's inventory.

"The PUMA A-E provides our scientists access to an aerial asset for data collection in remote locations and in unfavorable conditions where normally it is very difficult to operate manned aircraft," said Lt. (JG) Tanner Sims, AOC PUMA program manager.

Aside from fixed-wing operations, Vertical Takeoff and Landing platforms are becoming more frequently requested by principal investigators. The Quadrocopter and the Hexacopter are used for rugged terrain and rough sea patches. They can hover for long periods of time to photograph areas of interest.

"With such excellent stability and handling characteristics, the Quadrocopter and the Hexacopter can move almost silently in tight operating areas, making them ideal for projects ranging from marine mammal observations to disaster site monitoring after natural disasters," said Lt. Chris Daniels, AOC UAS VTOL manager.

Another UAS VTOL asset is the WMD59.

"I created a NOAA asset for a NOAA demand," said Mark Rogers, AOC UAS lead technician.

Rogers built the WMD59 as an on-base trainer for the Quadrocopter. The WMD59 helps improve the proficiency in controlling VTOL and their platforms. It will assist the AOC UAS section in meeting the requirements for targets that require VTOL.

"NOAA's AOC will continue to pair the right aerial platform to meet the mission requirements and exceed customer expectations," Mansour said. "It is my job to work with my team of federal, state and local partners to enable scientific research, promote safety and ensure that we coordinate the right assets to every mission.

"It is very gratifying to use cutting-edge technology to help the population at large understand what our planet is doing, how it is impacting our lives and what options we have to protect it."

Airmen Must Understand Business of Cyber, General Says

By Cheryl Pellerin
American Forces Press Service

WASHINGTON, June 5, 2013 – As U.S. Cyber Command gains strength and steadily extends its range across the newest warfare domain, it has called on all the services over the next five years to contribute trained-up teams of cyber operators to ensure U.S. military freedom of action, defensively and offensively, in cyberspace.

An April 30, 2013 ceremony in San Antonio marks the official opening a new 46,000-sqare-foot headquarters and operations center for 24th Air Force and Air Forces Cyber. U.S. Air Force photo   (Click photo for screen-resolution image);high-resolution image available.

For the Air Force, this means adding more than 1,000 cyber professionals between fiscal years 2014 and 2016, the commander of Air Force Space Command, Gen. William L. Shelton, said during a news conference here in January. This is a 15 percent increase over the 6,000 or so cyber experts now working at 24th Air Force, the service’s operational cyber organization.

Air Force Maj. Gen. Suzanne M. Vautrinot is in charge of the Air Force cyber enterprise. She commands the 24th Air Force and Air Forces Cyber, called AFCYBER, at Joint Base San Antonio-Lackland in Texas.

“I wear two hats,” the general told American Forces Press Service during a recent interview. “One is organizing, training and equipping the 24th Air Force under Air Force Space Command, making sure that we provide cyber resources for the Air Force and for U.S. Cyber Command.”

Her 24th Air Force units are the 67th Network Warfare Wing and the 688th Information Operations Wing at Joint Base San Antonio-Lackland and the 689th Combat Communications Wing at Robins Air Force Base, Ga. It’s also a virtual command, Vautrinot said, with locations and people at about 40 different places around the globe and “groups and squadrons all over the place.”

“On the other side is Air Forces Cyber, the component to U.S. Cyber Command,” the general explained. “We need to provide those trained and ready and capable folks to conduct the missions that Cyber Command delegates to us or involves us in.”

One indication of the growth of Air Force cyber was the official opening April 30 of a new 46,000-sqare-foot headquarters and operations center. The new space allows for the expansion of AFCYBER strategy, plans and operations capabilities and integration of counterparts from law enforcement, the Defense Information Systems Agency and industry.

Another sure sign of growth in Air Force cyber is the amplified pace of hiring and training, both of which the service is handling precisely. “The first part of hiring Air Force professionals is about finding the very best in the nation who want to serve,” Vautrinot said.

Cyber candidates -- active duty, National Guard, Reserve and civilians -- must pass a battery of tests, the general said, focused on certain degree programs for certain career fields.

“What you want is talented people, and in part that talent has to do with science, technology, engineering and math skills -- not necessarily degrees, but a proclivity to operate in that kind of manner, to enjoy that kind of mindset,” she said.

The next step involves a vision articulated early this year by Air Force Chief of Staff Gen. Mark A. Welsh, of the organization as the greatest air force in the world, ‘powered by airmen, fueled by innovation,’ Vautrinot added.

“If you’re going to fuel the innovation of cyber and have that be the power of airmen, that means every airman has to understand the business of cyber,” the general said, noting that Air Force cyber professionals can be found in any number of specialties.

“It’s our cyber operators, our intelligence professionals, our engineers, space professionals, law enforcement” and many others, she added.

The 24th Air Force has also formalized and stepped-up cyber training for the Total Force -- a term the Air Force uses in referring to its officers, enlisted personnel and civilian employees, as well as Air National Guard and Air Force Reserve members.

Vautrinot said the Air Force has developed a pipeline for training airmen at the Air Force and Joint levels, led by the 688th Information Operations Wing. Cyber education starts as part of basic military training and continues over an Air Force career through annual training, professional development education and targeted courses, she said.

When the 24th Air Force stood up in 2010, Vautrinot said, “we had to create processes, procedures and training … so they were stabilized and scalable, so you could create a larger force to do all these different mission areas.”

With help from industry and other partners, the Air Force created a “cradle-to-grave” training and education continuum that has basic, intermediate and advanced positional and mission training, the general explained.
“Cyber is not unique to the military; it’s a partnership,” Vautrinot said, “so in order to build the right stuff for the skilled workforce, there’s a lot of external partnering.”

Vautrinot quoted a congressman as citing James Gosler, the first director of the CIA’s clandestine information technology office, who in October 2008 said, “The U.S. has no more than 1,000 people with the advanced security skills to compete in cyberspace at world-class levels -– we need 20,000 to 30,000.”

“We took that to heart and partnered with industry to leverage best practices,” she said, “both because it’s a shared problem and industry is leading the way, and there’s no reason to duplicate.”

The nation doesn’t need “silver bullets,” the general said. It needs capability and capacity, she added, defining capability as “the number and kinds of things you can do” and capacity as “how many people you can do those things for simultaneously.”

“What we’re all trying to do as a nation is make sure that we can all scale,” she added. “So we take the capacity that’s in industry, the capacity that’s in government, the capacity that’s in the academic world, the capacity that’s in our international partners and we partner, because this is a shared problem.”

The 24th Air Force uses cooperative research and development agreements to collaborate with big and small companies and organizations in industry, academia, other government organizations and research institutions.

“What we do,” Vautrinot explained, “is … share information and understanding about the threat and the environment, or information on what kinds of technologies and innovations are in the realm of the possible or just now emerging so we can put those together.”

The general also works closely with international partners, she said.

“There are all kinds of concerted efforts at the level of the Office of the Secretary of Defense and within Cyber Command and in each individual combatant command to expand international partnerships,” Vautrinot added.

“We have a United Kingdom embed on our staff, and we’ll have an Australian coming soon,” she added. “When I work with my counterparts in other countries, the 5th Air Force is in Japan and they work with the Japanese in different mission areas, so they reach out to me to help with respect to understanding cyber implications for those particular missions.”

The 24th Air Force also is a collaborative element in the whole-of-government approach, Vautrinot added, so she works through the Air Force’s Office of Special Investigations, through law enforcement by way of the FBI and local law enforcement agencies, and with the departments of Treasury, Homeland Security and Commerce.

“We are partners with them, because we’re all defending the same nation in different ways,” the general said, “and we are all dependent on cyber and networks, so we share and collaborate.”

Cyber May Be Biggest Threat, Hagel Tells Troops

By Karen Parrish
American Forces Press Service

HONOLULU, May 31, 2013 – The devastatingly destructive potential of cyberattacks has become the security challenge of our age, Defense Secretary Chuck Hagel told U.S. troops here yesterday.

Defense Secretary Chuck Hagel answers questions during a May 30, 2013, visit with troops in Honolulu on the first leg of a trip that will take him to Singapore and Brussels. DOD photo by Erin A. Kirk-Cuomo   (Click photo for screen-resolution image);high-resolution image available.

Hagel stopped in Hawaii on the first leg of a trip that also will take him to Singapore and Brussels, Belgium. The secretary stood in a hangar at Joint Base Pearl Harbor-Hickam with an F-22 Raptor fighter jet behind him and about 200 service members in front, representing the Army, Navy, Air Force, Marines, National Guard and Coast Guard.

Hagel thanked the troops for their service, offered a few remarks and took their questions, one of which centered on cybersecurity. The secretary noted cyber is “one of the very few items” pegged to receive more money in the current budget request now before Congress.

“Cyber warfare capabilities: we are increasing that part of the budget significantly,” he said, noting that means the department can devote more people and more sophisticated approaches to defending U.S. networks and information.

Hagel said interconnected cyber efforts across government also will grow. U.S law enforcement agencies, the National Security Agency, U.S. Cyber Command and the Department of Homeland Security all work together on the issue, he noted. He added that allied contributions also are key to the fight.

“We live in a world -- and you all know this -- where one country’s just not big enough … [or] wealthy enough to handle it all,” he said. “Can’t do it -- especially cyber.”

Cyberattacks are a fundamentally different threat because, with no shots fired, they potentially can disrupt utilities, banking, business and military networks, yet remain essentially untraceable to a country or an agent of origin, the secretary noted.

“Cyber is one of those quiet, deadly, insidious unknowns you can’t see,” Hagel added. “It’s in the ether -- it’s not one big navy sailing into a port, or one big army crossing a border, or squadrons of fighter planes. … This is a very difficult, but real and dangerous, threat. There is no higher priority for our country than this issue.”