Cyber Operations - The Big Picture

finesketchInternet και Εφαρμογές Web

26 Ιουν 2012 (πριν από 5 χρόνια και 2 μήνες)

237 εμφανίσεις

Unclassified

24
th

Air Force:

Cyber

Operations


“The Big Picture”

31 Aug 2011

Maj Gen Suzanne Vautrinot

24
AF/CC

OVERALL CLASSIFICATION OF THIS BRIEFING IS
UNCLASSIFIED

Unclassified

Overview


Current


Future


Mission Areas


Take
Aways

Unclassified

Authorities

Team Sport


We Assemble a Team to Accomplish the Mission

Unclassified

Relationships
-

AFCYBER

AF Cyber Force Provider to CYBERCOM

Unclassified

Relationships


24 AF/
AFNetOps

Organize, Train, Equip Cyber Forces

Operate and Maintain AF Global Network

Unclassified

Who we REALLY are…


AFCYBER


Defense


Offense


Exploitation


Deployable
Comm


24 AF


Advanced Cyber Training


Engineering & Installation


Rapid Tool Development


AFNetOps


Forensics


Boundary & Gateway Monitoring


Blue Team Assessments

Unclassified

Mirrors Active

Duty Forces


Cyber Mission / Capabilities

659
ISRG


Cyber
C2


Mission Assurance


Operational planning



Full
Spectrum Ops


Forensics


Risk


Assessment


Boundary


and Gateway


Monitoring


OPSEC/COMSEC
Monitoring &
Assessment


Recon/Counter Recon


Blue Team
Assessments


Rapid Tool
Development


Cyber
OT&E


Tactics, Techniques &
Procedures


Engineering
and
Installation


Combat
Comms


Hammer Ace


Global Net
Extension


Threat Intelligence


Threat Analysis


Target
development

Supports:

COCOMs and MAJCOMs


Supports:

USCYBERCOM, NSA, 24 AF


AFISRA

624 OC

67
NWW

688
IOW

689
CCW

Guard/Reserve
Forces

Force Size

3,500 AD

900 Civilians

900 Contractors

11,000 Guard /
Reserve

ACCE

AFCYBER / 24 AF / AFNETOPS

Unclassified

The Challenge…

Maximizing Return on Investment



Nascent capability



Niche capacity



Emerging ISR access



OPLAN
-
Level Support



Greater capacity



Manpower
-
intensive



Heterogeneous network



Legacy structures

CAPACITY

(# of Sorties)

COMBAT EFFECTIVENES

(Type of Sortie)

Cyberspace Superiority Portfolio

Steady

Topline

$$



Automation



Homogeneous network



Config

controlled architectures

$$ after

policy

changes



OPLAN
-
Niche Targets



Recon/counter recon
AFNet

Unclassified

Meeting Future Challenges…


Change in Culture


Individual


Enterprise


Initiatives


Architecture


Off / Def Technology


Key Technology Insertion


Tactics/Techniques/Procedures


Forensics


Cyber Hygiene


Proactive Future

Unclassified

What we’re doing today…

COCOM


Cyber units conducting missions in
every theater


Supporting objectives to disrupt
terrorist C2 and propaganda efforts


CNE Operators exploited Country YY
network; data translates to msn
planning and target folders


Vulnerability Assessment of “crown
jewels”


Long haul
comms

support in Iraq
and Afghanistan


Establishing alt
comms

capabilities
supporting US forces drawdown


MAJCOM


Engineering & Installation projects across AF
bases


Nuclear Command and Control Assessment


Vulnerability Assessment of AF Space Control
Network, JSTARs, and msn systems


Weapons System data clean up on AFKN and
AF Portal



Unclassified

Mission Assurance Initiatives


Mission Assurance Programs



RPA “Cyber Escort” Missions in ATO



NRO Range & Command Destruct



POTUS

Support

P

P

P

Unclassified

Technology Initiatives


AFNet

Enterprise (Architecture)


Consolidating 14+ legacy environments into a single,
standardized, mission
-
centric weapon system

to improve services for the
Warfighter


AF Gateways (Off and Def Tech)


Collapsing defense of the network from

104 Internet 104 connection points

to 16 Gateways


Key Technology Integration


Information Operations Platform


AFRL Boot Disk


Rapid Cyber Acquisition strategies

Unclassified

AF Portal Site Spoofed

Fake Air Force websites continue to exist on Internet


including fake AF Portal, AFSPC,

AFRC & Kirtland websites



28 Jul


Fake AF Portal website elevated to #1 Google / search ranking via SEO poisoning



Fake websites designed to collect user login info


possibly CAC certificates & pins



Several (NFI at this time) AF members fell victim to the fake AF Portal site on 28 Jul



Fake AF Portal website appears to have existed since 30 Apr 2010



Unknown if & when the fake fire
-
proxy.com website ranking moves up & down

AFCYBER Actions:


Coordinated with OSI & contacted Google to address SEO
poisoning


fake no longer #1


624 OC issued a NOTAM informing personnel of the activity

Analyst Comment:

Threat actors utilize spoofed websites to harvest credentials &
seed systems with malware. These fake AF websites were
most likely designed to harvest login credentials & possibly
PKI/CAC credentials from AF home users.

July 2011

Unclassified

Take Aways…


Refocus… we work for EVERYBODY


AFSPC Cyber Priority


Normalize and
Operationalize

Cyber


24 AF Priorities


Improve the big Cs


Capacity Capability Collaboration


Balance mission operations


Stabilize and baseline 24 AF and cyber units


Mission Assurance
vs

Network Assurance

“Like air and space, we must think of cyberspace as a mission
-
critical domain where operations
are characterized by rigor and discipline, and are executed with precision and reliability.”


-

Michael B. Donley, Secretary of the Air Force

Unclassified

Unclassified

Unclassified/FOUO

Unclassified

What have we
missed?

Discussion