2 January 2020

What happens if the Air Force’s command center for all its tankers and cargo planes gets hacked?

By: Valerie Insinna  
Members of the 618th Air Operations Center gather for a morning meeting during a Dec. 11 exercise simulating an emergency that has knocked out network connectivity. The 618th AOC, located at Scott Air Force Base, Ill., is responsible for planning, tasking and controlling air mobility missions worldwide. (Capt. Krystal Jimenez, U.S. Air Force)

Suddenly, everyone’s computer screens go blank, as does the massive wall-sized projection that tracks air mobility missions worldwide. Classified and unclassified networks are down, leaving landline phones as one of the only communications means available to airmen needing to pass on vital information to squadrons.

The execution floor, once almost silent, erupts into chatter as members of the 618th try to make sense of how to do their jobs without the tools they depend on most.

This scenario is a drill, a 24-hour exercise meant to test the ability of the 618th’s operations center to respond to degraded communications that could arise from situations ranging from a power outage to a coordinated cyber attack by an adversary nation. (Defense News, which embedded with members of the 618th to observe the Dec. 11 exercise, was not permitted to disclose the exact nature of the scenario for security reasons.)


Although the U.S. military has a host of resources, including U.S. Navy ships and commercial railways, that it can use to position forces and equipment around the globe, the Air Force’s cargo planes and aerial refueling tankers can fulfill these missions more quickly than any other approach, said Lt. Gen. Jon Thomas, Air Mobility Command’s deputy commander.

Mobility aircraft regularly provide fuel to bombers in the Asia-Pacific, carry Army battalions to deployments in the Middle East and transport patients to receive medical care. The operations center manages about 134 sorties per day.

The U.S. Air Force is embracing the suck as it considers how it might fight in a war against near-peer adversaries.

Should such an outage at the 618th persist, pilots and aircrew could be left without weather data, diplomatic clearances, maintenance information, or detailed routes to their destinations. And the impact could ripple across the entire U.S. military, with the other services unable to immediately move troops or equipment as needed.

"If [aircrews] are out there flying right now, typically they will call back to us and say, 'Hey, by the way, I need the information for my next mission,’” said Brig. Gen. Jimmy Canlas, who commands the 618th Air Operations Center.

"If no one answers, what happens? What are they going to do? Are they just going to stop? And if they stop, what is the impact? ... If it's a high priority mission, someone may not be getting their food. Someone may not be getting their bullets. Someone might not be getting the personnel that was scheduled for a rotation.”

Beyond surviving 24 hours of degraded communications, the 618th will need to prove through this exercise it can regain control of its missions and recover from the crisis, Thomas said.

“That is as difficult a task, I would submit, as transferring it off to other command-and-control agencies to begin with,” he said. “We have to work that whole process.”
Lt. Col. Nicholus Costanzo, a Theater Direct Delivery Planner on the 618th Tanker Airlift Control Center's operations floor, coordinates a C-17 Globemaster III mission scheduled to deliver supplies to troops in Afghanistan in 2009.The 618th TACC is 18th Air Force’s 24-hour Air and Space Operations Center, located at Scott Air Force Base, Ill. (Capt. Justin Brockhoff/U.S. Air Force)

Early hours

At Scott, the center’s leadership met on the execution floor at 6:30 a.m. for an update on the day’s missions and to share intelligence about the simulated threat.

With computers down, no electronic records were available. The PowerPoint slides and print outs used for daily presentations saved the day, providing the operations center a written record of the missions planned for the next 24 hours and beyond and giving its members a starting point for managing the day’s tasks.

“The ability to survive and operate is the name of the game. That’s where we are,” Col. Robert Stanton, the 618th’s director of operations and the senior officer, said as the meeting came to a close.

Today’s exercise was the first time that the 618th has simulated how it would respond to a catastrophic event that knocks much of its communications equipment out, Canlas said.

“I wanted to test our systems, our plans that we have in place to make sure they’re all survivable, if they are realistic,” he said during an interview later in the morning.

“Not much has been different just yet, other than I feel some tension from some of the folks that I ran into in the hallway, as they scramble trying to figure out what they’re going to do to overcome this,” he said. “If you ask me four hours from now, I think I’ll give you a much different answer.”

The 1970s era Strategic Automated Command and Control System is slowly becoming more modern, and a replacement could be on the way.

One issue Canlas anticipated is whether it might be wise for the 618th to invest in backup communications methods such as walkie-talkies, high-frequency radios or fax machines that, due to being stovepiped from the rest of the Air Force’s communications enterprise, might be more survivable in a cyber or electronic warfare-style attack.

"We used to have antennas on top of this building that we were able to talk to our aircraft over HF radios. Very archaic system, right?" he said. "But it was still a means. Coming out of this we'll probably need to evaluate whether the juice is worth the squeeze."

Within the first few hours of the exercise, the “white cell” planners responsible for executing the exercise had already identified one lesson learned. The 618th is often responsible for obtaining diplomatic clearances that allow U.S. aircrews to fly through other countries’ airspace, as other air operations centers sometimes do not have personnel on staff with the authorities needed to perform that task, said Lt. Col. Benjamin Carroll, deputy director of the strategy directorate.

But with the 618th unable to start the process on clearances, Carroll said it may make sense for the Air Force to create processes for other air operations centers to request diplomatic clearances in a contingency, thus reducing dependence on the 618th.

“You make a plan, and no plan survives first contact,” Carroll said. “Maybe we thought through the first problem, but we didn’t think through the second problem. I think we’re going to find a lot of that stuff.”
Senior Master Sgt. Donna Crone, pictured here at the 618th Air and Space Operations Center's 24-hour operations floor, works on the execution floor in 2010. (Capt. Justin Brockhoff/U.S. Air Force)

“Waiting for the other shoe to drop”

By 1 p.m. there have been no major problems, said Master Sgt. Samantha Lanier. Normally the duty officer for the global operations division, Lanier on this day was working on the “purple team,” which had been granted special permission to use the unclassified and classified networks as usual to manage high priority, “no-fail” missions that have been exempt from the exercise.

Lanier predicted the situation will soon become more complicated for everybody on the execution floor. The pace of operations was set to pick up over the next few hours, and the operations center is expecting phone calls from squadrons that have not been given the crew papers containing critical information about takeoff timing, weather, routing and diplomatic clearances.

"We’re waiting for the other shoe to drop,” she said. “We’re at the that timeline now where aircrews are going to wake up and realize they don’t have crew papers because we’re in the dark.”

That problem shouldn’t be insurmountable for aircrews, she added. They can refer to their special instructions for guidance, which would likely refer them to a regional air operations center for flight information or provide other information about how to operate during a contingency.

Airmen from the 618th are also doing what they can to manually control mobility missions, said Lt. Col. Todd Matson, deputy chief of the global operations division.

“[They] pulled out the whiteboard and started manually tracking [sorties] and making calls to the stations that we could to get statuses on every departure,” he said. “We’re getting updates line by line, basically, and going back to a pen and paper tracking method.”

Another major challenge will happen as operations shift back to the 618th, Lanier said.

“There is going to be a ripple effect,” Lanier said. “I think the biggest impact will be tomorrow — how we recover, how easy it is to recover.”

No comments: