The Complex

The Air Force's aggressive cyber defenses

While Defense Secretary Leon Panetta announced last night that the United States military is developing the capabilities to strike back against destructive attacks, U.S. Air Force officials shed some light on the aggressive tactics the service is taking to protect its networks.

As this blog has mentioned before, the air service has realized that it cannot built a cyber Maginot line in an attempt to keep cyber attackers out of its networks. Instead, the Air Force is working to develop networks that can operate while under attack and is starting to hunt its potential cyber attackers.

"Our cyber airmen lead hunter teams on the network in search of our adversaries," said the Air Force's Chief Information Officer, Lt. Gen. Michael Basla during a speech in Virginia yesterday. "They employ active network defense measures while engaged with unknown and potentially dangerous actors."

So, what does active network defense mean?

"Our defensive strategy will also expand into counter cyberspace operations, we will develop more focused and robust cyber ISR [intelligence, surveillance, and reconnaissance] and situational awareness capabilities to provide accurate, relevant and timely intelligence in the cyberspace domain," said Gen. William Shelton during the same conference yesterday. As commander of Air Force Space Command, Shelton (shown above) is one of the service's top cyber warriors.

While the military is incredibly tight-lipped about the specifics of its cyber operations, these comments seem to suggest that the Air Force, and the rest of the DoD, is using its relatively newfound ability to quickly trace who is attacking it to probe its enemies networks, discovering when, how, and why they are attacking and looking for weaknesses in their tactics and their networks.

The DoD is also likely using cyber honeypots, a basic security technique that deliberately gives cyber attackers what appear to be alluring targets.  Once an attack is underway, the military could either feed the attacker bad information or simply observe and learn all about how the enemy operates, building intelligence not only for defense but also for offensive operations against that attacker.

"Once we've established a strong defense, we'll focus more energy on offense," added Shelton.

U.S. Air Force

Comments

Load More Comments