Air Force building Cyber Command to thwart network attacks

Lt. Gen. Robert Elder discusses plan to combat online threats against military

In developing its "Cyber Command," the Air Force is seeking to bolster the military's ability to take on a cyberattack.

Air Force Lt. Gen. Robert Elder is helping to put together the "Cyber Command," an organization that will be operated under the 8th Air Force headquartered at Barksdale Air Force Base in Louisiana. Elder describes the purpose and evolution of the Cyber Command in an interview with Network World Senior Editor Ellen Messmer.

What is the "Cyber Command" and what's your role related to it?

I'm responsible for the cyber ops command that runs the network operations for the Air Force. We want to integrate cyber operations into the Air & Space Operations under the Strategic Command. The cyber ops piece was started a year ago by the Secretary of the Air Force. Basically, it's organized training and equipment to establish a new specialty. Some people are building and operating the network fiber or global services over encrypted lines. At the next level, we're trying to defend these networks. So we're establishing tactics, techniques and procedures to allow us to fight through an attack.

The Air Force has obviously made use of networking for a long time, so what's really different about the Cyber Command?

We differentiate between computer network security and computer network defense. Once you're through the gate, you're in, so we look at that as hostile territory. It's inside defense. Right now, most of what we do today is computer network security. But we know our adversaries will attack, and we need training and cyber tools.

What kind of attacks are of concern?

Phishing, for example, is a type of attack. We're arming airmen with the skills to recognize a phishing attack. We're installing tools to check URLs. We're integrating commercial products with our own host-based security systems.

How many people are in the Cyber Command today?

There are at least a few thousand people now and it will grow to between 5,000 and 10,000. Many people are re-assigned from all over the Air Force. The goal is to be fully established by October. We can't do anything without cyber — today, we talk about operations in the cyber domain.

Do the other military services, such as the Navy, Army or Marines, have anything equivalent to the Air Force Cyber Command?

The Navy has the Naval Network Warfare Command and the Army has U.S. Army NETCOM.

We've been discussing defense but does this have offensive capability?

All of this has developed some offensive capabilities, but you would use these in a wartime setting. We're developing capabilities to respond to an attack. The types of things we're doing are ensuring we can continue to defend the U.S. Even if the U.S. comes under an attack, we can continue to operate. There are questions, such as how do we deal with denial-of-service attacks, spoofing or an adversary trying to alter data?

Are you concerned about cyber espionage?

Cyber espionage is a huge issue to us. We're worried about someone stealing operational information. Most of our work is done on a classified network, but the non-classified net is connected to the Internet. We're concerned about users introducing a backdoor through a phishing attack or that through something like a thumbdrive, data is allowed to flow.

What steps can you take?

People need to be careful about clicking on links, so we're very restrictive. We're putting a lot of things in place, like moving toward a policy on our firewalls to deny all except by exception. There's a registry of sites you're allowed to go to. Today, it's simply a blacklist and we block by categories. (Learn more about network access control products with our Network Access Control Buyer's Guide.)

What would you like to see the high-tech industry work on in terms of products or services to support the Air Force Cyber Command?

I'd like to see more work done on being able to identify where an attacker has put embedded code, perhaps in a Web site, and detect data that may pose a threat to you. We start by looking at commercial off-the-shelf products, and that's the kind of thing we look for to defend a network.

Learn more about this topic

Cyber espionage seen as growing threat to business, government

01/17/08

Air Force goes full bore for 1lb unmanned aircraft

Air Force flies toward Web application security

10/22/07

 
Insider Shootout: Best security tools for small business
Join the discussion
Be the first to comment on this article. Our Commenting Policies