21 January 2017

Pair of Air Force cyber weapons systems ready for war

By: Mark Pomerleau, 

Late last year, the Air Force declared one of its newest cyber weapons tools initially operationally capable. The tool, the Automated Remediation Asset Discovery (ARAD), is a modification to the Air Force Cyber Security and Control System (CSCS), which was itself declared IOC by Air Force Space Command in 2014.

CSCS, according to an Air Force fact sheet, is a weapons system that is designed to provide 24/7 network operations and management functions enabling key enterprise services within both classified and unclassified Air Force networks as well as supporting defensive cyber operations on those networks.

As outlined in a recent release from 24 th Air Force – home to Air Force’s Cyber – ARAD leverages leading-edge technology to comprehensively modernize and efficiently improve vulnerability management execution, defensive cyber operations, system health, asset management and situational awareness capabilities.

“ARAD brings improved speed and precision across the enterprise. We are excited about the potential ARAD holds to improve our situational awareness and cyberspace defense,” said Brig. Gen. Mitchel Butikofer, 24th Air Force vice commander.

Moreover, ARAD will improve management of vulnerability discovery and remediate them automatically in a matter of seconds to minutes, as opposed to days or weeks.

“ARAD has the ability to discover and identify adversary activity and actions within seconds; alerting at the point of the infiltration and exploitation significantly improving AFCYBER DCO ability to respond more quickly and implement response actions more effectively,” AFCYBER’s release said.

Air Force CIO Lt. Gen. William Bender described it as “the cyber platform we will fight from in the future.”

Air Force Space Command and 24 th Air Force are working to implement ARAD capabilities across all Air Force networks and eventually to all DoD networks, the release said.

The Air Force also brought online a new office aimed at cyber resiliency for weapons systems. The Cyber Resiliency Office for Weapons Systems, or CROWS, which reached IOC in December, will work to integrate activities across the Air Force ensuring weapon systems maintain mission-effectiveness capabilities in the face of adversaries, a release from the Air Force said.

“The Air Force’s ability to fly, fight and win in air, space and cyberspace is threatened by increasingly competent adversaries in the cyberspace domain,” said Dennis Miller, CROWS director. “The cyber threat is more than just network intrusion or traditional malware – it also affects our weapon systems and presents a clear and present danger to successful mission assurance.”

What has traditionally been common practice for IT systems in the past is not applicable to weapon systems given their real-time constraints and complexities, coupled with differing sustainment strategies, the release said. This requires tailoring and adoption for these systems, for which CROWS will work on integrating across Air Force communities to acquire, field, operate and sustain increased cyber-resilient weapon systems. What’s more, CROWS will work to integrate activities in the Air Force Cyber Campaign Plan, or CCP, focused on multiple strategic vectors.

Air Force Materiel Command commander Gen. Ellen Pawlikowski has previously identified seven lines of effort for both identifying and solving vulnerabilities in systems applying an engineering approach to bolstering the security of its systems and increase understanding of a cyber campaign plan.

These include mission thread analysis, baking in security to future weapon systems, develop, attract and foster proper cyber expertise, making weapon systems more capable and resilient, creating a common framework to discuss and understand security, securing older systems still in use and finally, intelligence.

No comments: