The Morning Journal (Lorain, OH)
How Ohio Air Force base trains cyber army
Cyber hackers bent on chaos could potentially attack water treatment and chemical plants, power grids, financial institutions and disable weapon systems, and have stolen personal data of millions of federal employees and consumers.
Every hour of every day, cyber warriors silently fight an unrelenting war with millions of daily attacks to battle invading adversaries thousands of miles from America’s shores.
At Wright-Patterson Air Force Base, in the quiet classrooms of the Center for Cyberspace Research, hundreds of cyber warriors learn offensive and defensive cyber capabilities.
The fight in cyberspace is real.
China, Russia, Iran and North Korea are major cyber adversaries and the biggest threats to national security, said James A. Lewis, senior vice president at the Center for Strategic and International Studies in Washington, D.C.
On any given day, the Defense Information Systems Agency contends day with 800 million cyber incidents “that threaten the network,” said Lt. Col. James Brindle, a Pentagon spokesman. In an inner layer of cyber defense, the Air Force blocked 1.3 billion “malicious” cyber intrusions last year alone, said Lt. Col. Mark Reith, CCR director at the Air Force Institute of Technology.
The U.S. Department of Homeland Security works with the private sector and government agencies to respond to and prevent cyber attacks domestically.
Wright-Patterson itself is a target.
“I don’t think we can talk in specifics, but certainly Wright-Patterson develops some of the most advanced weapon systems the Air Force has,” said Rusty Baldwin, director of cyber research at the defense contractor Riverside Research in Beavercreek and a former Air Force cyber expert. “They’ve got really smart folks out there working on really incredible things so they’re a huge target.”
The Air Force Research Laboratory at Wright-Patterson reportedly has been and likely continues to be a chief target with behindthe-scenes work in hypersonics and autonomy and other secret work.
Other Wright-Patterson headquartered agencies have crucial realworld missions in cyber warfare: Protecting weapons against cyber threats is a high priority for the Air Force Life Cycle Management Center and the National Air and Space Intelligence Center analyzes air, space and cyber threats to the Air Force.
Cyber theft, denial of service and destructive attacks are the chief threats facing the United States in the cyber realm, National Security Agency Deputy Director Richard Ledgett said at an Aspen Institute forum this week.
The nation at large faces risks to companies’ intellectual property, health providers and insurers, and potential risk to an evergrowing number of homes connected to the Internet of Things, which enables control remotely of everything from home surveillance cameras to refrigerators and furnaces.
The list of cyber hacks and the massive size of the stolen information has affected millions and untold thousands in southwest Ohio. Consider: • The U.S. Department of Justice indictment this month of two Russian spies and two cyber criminals with alleged ties to hacking half a billion Yahoo accounts in 2014.
• China’s purported hack of more than 20 million past and current federal employees’ security background information pilfered out of the servers of the U.S. Office of Personnel Management in 2015.
• President Barack Obama imposed sanctions on North Korea for its suspected breach and release of private emails from Sony Pictures Entertainment in 2014.
• Russia’s cyber hack into the emails of the Democratic National Committee to release information that U.S. intelligence agencies concluded was meant to influence the 2016 presidential election in favor of Donald Trump. Trump has declared the claims of ties between his campaign and Russia as “fake news.” FBI Director James Comey testified to Congress in March the agency has launched an investigation into the issue.
Adversaries “have used cyber attacks in an attempt to influence elections, to go after companies like Sony, to steal information and one of the big fears is they might go after critical infrastructure like the electrical supply,” Lewis said.
“If you’re looking for a real cyber Pearl Harbor, the OPM breach that was it,” said James Scott, cofounder of the Institute for Critical Infrastructure Technology in Washington, D.C. “We’ll be feeling the impact of that breach for the next 50 years.
“They target at will now senior executives of critical infrastructure and that’s a big problem,” Scott said.
Cyber criminals are a second rising risk. “A lot of cyber criminals are Russian and have a connection to the Russian government, but the ability to steal millions of dollars really in a few hours from a financial institution is a big risk,” Lewis said.
Terrorist organizations are threats, too, Scott said.
President Trump has called for “crippling” cyber warfare offensive capabilities and asked for a cyber plan within 90 days since he assumed the presidency. The New York Times has reported a joint U.S.-Israeli effort under prior administrations to launch the Stuxnet worm virus into a nuclear processing plant in Iran out of concerns that country was developing an atomic weapon.
Domestically, one of the biggest concerns is a cyber attack would target the nation’s electrical grid.
“That may be wrong,” Lewis said. “It turns out the biggest target the Russians were interested in was the electoral system. But I think people worry about the electrical grid as being vulnerable and we really don’t know how vulnerable it is. Some (utility) companies do a good job, others don’t. You can’t predict.
“In some ways, we’ve been focused on the wrong problem,” he said. “We started out talking about cyber Pearl Harbors and how terrorists were going to use cyber attacks against critical infrastructure. And that’s not what happened at all. Instead, it was espionage, it was crime and now it’s these politically coercive acts.”
The U.S. military has boosted the number of cyber troops for the growing menace.
At AFIT alone, 700 students a year graduate as cyber warriors. The Department of Defense has a workforce of about 5,000 cyber operators with a targeted goal of nearly 1,200 more by the end of 2018.
In 2015, the Ohio National Guard was one of three National Guard organizations the federal government chose for a nearly 40-member cyber protection team charged with protecting the infrastructure of the Department of Defense. Troops in Ohio, Indiana and Michigan make up the team.
“What I do know is there’s a serious threat and all aspects of (the Department of Defense) have been subject to attacks and it’s required our cyber mission forces to come in and help mitigate those vulnerabilities,” said Maj. Gen. Courtney P. Carr, adjutant general of the Indiana National Guard.
At the Muscatatuck Urban Training Complex cyber range in Indiana, cyber warriors can shut down water treatment facilities and unlock electronic jail door cells.
“You can actually turn on and off and divert pumps in a real system versus simulate,” Carr said. “That’s the value of this environment. It’s a real living breathing city that we now have as a (training) environment.”
Cyber warriors learn from past attacks, said Jeff Hughes, president and cofounder of Tenet3 in Riverside and a former AFRL cyber expert.
“Every year they get better and become more aware of how to deal with the problem,” he said.
At AFIT, graduate students learn “foundational cyber knowledge and critical thinking skills” needed to adapt to cyber threats, according to Reith, the Center for Cyberspace Research director.
Air Force Capt. Eddie Caberento, 28, of Lihue, Kauai, Hawaii has researched — and demonstrates — how someone might hack into a car’s computers through an on-board entertainment system.
Using a laptop computer to remotely hack a car, a mock-up of a speedometer rapidly accelerates above 100 miles per hour before redlining.
“I would launch an attack from here, basically removing all control,” he said. “I’ll send you into the wall, turn on your brakes at all the wrong times so you have zero control.”
As cars grow more and more interconnected, the “attack surface” grows, said Scott R. Graham, an AFIT assistant professor of computer engineering.
“The knowledge on the part of the hacker grows,” he said. “We foresee over time this will become a bigger threat. It’s not quite there yet. We don’t want to wait.”
AFIT graduate student Capt. Jose Gutierrez del Arroyo, 27, of San Juan, Puerto Rico, has researched protecting the security of Blue Tooth low energy wireless devices from cyber hacking, an application that could find uses in laptops, computer tablets and electronic devices.
“It’s really a cornerstone piece of a future defensive tool so this really paves the way for the future,” he said.
The Internet of Things, which can control door locks to refrigerators to cameras in an interconnected home, is another area of risk.
“As the Internet of Things continues to grow by the hundreds of thousands of embedded devices, we find that not all of these devices were securely developed, and that means developed with security in mind,” Reith said.