Defensive Teams Help Protect the Air Force Mission
Specialized cyber warriors provide another layer of cybersecurity for airmen.
On top of other defenses, the U.S. Air Force is turning to a persistent cybersecurity model to guard its major weapon systems. Led by the Air Combat Command, which took on the service’s Cyber Mission from the Air Force Space Command last year, the service’s integration of cybersecurity includes deploying protective crews to its key airborne platforms and infrastructure.
These so-called mission defense teams, known as MDTs, will work closely with weapons operators and intelligence leaders to form a specialized cybersecurity platform, states Brig. Gen. Chad Raduege, USAF, director, Cyberspace and Information Dominance for Air Combat Command (ACC), who is also known as the command’s A-6.
The Air Force’s transfer of the Cyber Mission was accompanied by the move into the ACC of the 24th Air Force, which specializes in cyber operations, to merge with the intelligence, surveillance and reconnaissance (ISR) capabilities of the 25th Air Force and ACC operations. Subsequently, the conglomeration is anticipated to become part of the new Numbered Air Force (NAF)—the 16th Air Force—under the ACC this fall when the service stands up the Information Warfare NAF in San Antonio. These moves signify the Air Force’s emphasis of putting cybersecurity into everyday operations, says Gen. Raduege.
As part of the service’s protective efforts, the MDTs will offer a more targeted approach. “Mission defense teams are a new concept,” he states. “We have moved away from an approach where we say we’re going to try and protect the entire Air Force Network, all the different points and places where we have entry points, and all the people that are interacting with the network. We’re moving away from that model because it’s just too big. It’s too daunting. And instead, we’re saying we’re going to focus on our most important warfighting components, our weapon systems.”
Each MDT will provide persistent cybersecurity defense of a particular weapon system, Gen. Raduege explains. A weapon system could be an aircraft, such as an F-22 or an F-35, or a key infrastructure component, such as an air operations center or Distributed Common Ground System. “It could be any of those things,” he points out. “The idea with the mission defense teams is to apply a persistent cybersecurity presence with the weapon systems.”
For the squadrons, groups and wings that employ the weapon systems, the ACC has a design to provide an MDT with trained cyber operators, tools and capabilities to protect those systems. “For wing commanders charged to launch, fly, fight and win with F-22s, for example, we have to give you the cyber capabilities to assure the mission to allow you to do just that,” the A-6 notes.
To form the MDTs, the ACC will take airmen familiar with particular missions. The teams will conduct full functional mission analyses and interact with operators of the weapon systems to find the most beneficial application of cyber protections. “Our young airmen on the MDTs are now having conversations with the pilot of an F-22, saying, ‘In order for you to take off, what are the things that you do?’” Gen. Raduege states. “I call that the transactional path. You get in, you start your jet, you get gas, you get your air tasking order, you get your bombs loaded, you get your mission specifics. What do you look for? What systems do you interact with? That’s the functional mission analysis that these MDT teams are going after. They’re building the rapport with the operators that employ weapon systems, and they’re figuring out how to integrate [cyber protections] with their mission.”
Additional conversations with intelligence analysts provide information as to what the threats are to a weapons system, from an intelligence perspective, the general says.
Presently, the ACC is in the process of formalizing the MDT program and its role. That examination includes defining the need for MDTs throughout the service and developing concept of operations, including how the teams will be employed and scoping appropriate crew sizes. “We’re pulling it together and we’re saying, ‘What are the right priorities?’” Gen. Raduege shares. “‘Which weapons systems are we going to prioritize for funding and manning? How are we going to get after that?’”
That formalization process also includes aligning the cybersecurity platform utilized to defend the traditional weapon systems. “So an MDT operates a cyber weapon system to help a normal weapon system get off the ground,” the general explains. “And so we have to standardize on a specific cyber weapons system. That means that we have to standardize a specific training plan so that our young airman can go through the training and get the knowledge necessary to employ that cyber weapon system.”
To instruct the MDTs, the ACC is looking outside of its traditional cyber training model. Hurlburt Field in Florida houses the 39th Information Operations Squadron, which provides the service’s cyber and information operations formal training. “What we’ve recognized is they don’t have enough capacity,” he acknowledges. “They don’t have enough classroom space. They don’t have enough instructors.”
To bridge the gap, the general notes, the ACC is relying on the total force, including the U.S. Air National Guard and U.S. Air Force Reserve. “I think this is a perfect example of where MDTs are emerging and where we’re leveraging the relationships that we have with the Guard and the Reserve,” Gen. Raduege notes.
The ACC has partnered with Reserve units at Little Rock Air Force Base, Arkansas, and the Guard in Savannah, Georgia, to stand up specific schoolhouses for MDT-related training and curriculum development. At Little Rock, MDTs will learn the cyber weapon systems. “We’ve already activated the unit, and they’ve started putting folks through,” the general offers. “It’s a very exciting time.”
In Savannah, the ACC is employing a field training unit to pull in airmen from all over the Guard, Reserve and active duty—from an expeditionary communications standpoint. “We give them a baseline of training and then launch them out to tactical units,” he says.
The final piece the ACC is considering in its MDT approach, the general notes, is how to bring all of the components together into “some sort of central hub, where we understand all of the cyber threats that are out there against our weapons systems,” Gen. Raduege states. “And so we’re developing the command and control and who will be responsible for that. Those are the things that we’re working on right now.”
The idea for the ACC to use MDTs came from the Air Force Space Command, the general continues. “We started this in a very unique way,” he shares. “Air Force Space Command led the charge on standing up some MDTs, and they put some functional mission analysis against how they fly satellites and what the vulnerabilities were. As the Air Combat Command came on board a year ago, and we took over the cyber mission as the lead MAJCOM [major command], we [recognized] that MDTs were the future.”
Gen. Raduege emphasizes that the MDT effort is designed to enable a level of creativity and independent decision making. “What we’ve promised all along is, hey, we’re going to kind of give you a bit of leeway,” the general says. “We’re going to give you some commanders’ intent and say that we want you to protect your weapon system. We are going to get out of your way, and then we’re going to see what you come up with … but then we’re going to circle back.”
So far, the ACC has seen initial success with the MDT model, the general attests. “We now have these pockets of excellence that are out there across the Air Force,” he continues. “We have had some pockets of unbelievably smart airmen that have adjusted easily and really dove at this mission. And they’re integrating with the operations.”
One such application is at the 557th Weather Wing at Offutt Air Force Base, Nebraska. The wing’s Col. Patrick Williams, USAF, commander, 2nd Weather Group, is using an MDT to help protect the weather data that the wing sends out. (See sidebar.)
“That’s part of the innovation that’s taking place,” Gen. Raduege notes. “I have been out to visit that particular unit, and they’re doing exactly what we had hoped for. They’re taking the understanding that they have about the mission and, from a weather perspective, have identified the cyber threats against the weather enterprise. That MDT is born out of a commander saying, ‘I need to protect my weather data, and how do I do that?’ And now they’re one of our pockets of excellence.”
In addition, the general notes that the Air Force’s new Information Warfare NAF will play a role in the MDT operations. “We anticipate that some of that development we’ll build down into our new Information Warfare NAF, where they will pull pieces and parts from across the Air Force, with our ISR [intelligence, surveillance and reconnaissance] experts and with our cyber professionals,” he offers. “And we will figure out the threats at a specific base on a specific weapon system and what we need to do to respond.”
Although the general could not comment on the number of MDTs that will be or have been put into place, he did confirm that the ACC is starting by scoping the requirements across the Air Force. “What we have worked very hard to do is establish the need, and the need is that we have a weapons system that we have to employ, and there are cyber vulnerabilities that are coming against our weapons systems,” he emphasizes. “There is a need for us to have cyber professionals inside that weapon system component to make sure that we can employ our weapon systems to fly, fight and win in any domain.”
After that, the ACC will present the defined scale to the Air Staff on how many people and what amount of funds will be needed to build out the MDT program for the service and an implementation approach. “Part of what Air Staff is asking for is, ‘OK, we understand the need, but where would we start?’ And so that’s where the prioritization comes in,” Gen. Raduege concludes.
“We’re going to establish MDTs across the entire Air Force, and they will tie in very well with what we’re already doing with the Air Force’s existing cyber protection teams. The MDTs really are the way forward. They will help us better execute our mission.”