Hanscom key to Air Force cyber weapons
By Justin Oakes, 66th Air Base Group Public Affairs / Published November 05, 2014
HANSCOM AIR FORCE BASE, Mass. --
With cyberspace unfolding as the newest frontier for battle, the U.S. needs weapon systems geared for that fight, and Hanscom AFB is leading the way.
In 2013 the Air Force Chief of Staff designated six of the service's cyber capabilities as weapon systems. While not your typical air or ground weaponry, these cyber defenses span the globe and make up the Air Force's Information Network infrastructure as well as its operating and defense platforms.
All six of the weapon systems are managed by the Command, Control, Communications, Intelligence and Networks Directorate at Hanscom, with three of the program offices located in San Antonio, Texas, and the others here on base.
"As the life cycle manager, we are responsible for providing effective and affordable upgrades to fielded systems," said Col. John Bedingfield, C3I Infrastructure Division senior materiel leader. "And we do so by acquiring and integrating new capabilities in response to an ever-evolving cyber threat environment."
To guard against such threats, the service relies upon the Air Force Cyberspace Defense weapons system or ACD for short.
ACD is designed to continuously monitor and defend unclassified and classified networks by focusing on four major areas: prevention, detection, response and forensics.
Take computer forensics for example, where the system conducts an in-depth analysis and determines actual threats versus suspicious activity, then assesses the damage. Forensics also supports the response process by capturing the full impact of various exploits and reverse-engineers code to determine the impact on the network.
"It is most important to have prevention in the sense of having situational awareness of the environment," said Alyssa Feola, an ACD senior systems analyst. "As we move forward to a more resilient framework, the importance will shift from prevention to detection. We need to have a mindset that the enemy might get into our system, and we'll have to perform the mission in a degraded capacity."
While the program is managed at Hanscom, an Air Force Materiel Command base, the ACD weapons system is operated by the 33rd Network Warfare Squadron, Joint Base San Antonio-Lackland, Texas, and the Air National Guard's 102nd NWS located at Quonset ANGB, R.I., under Air Force Space Command's 24th AF.
Another cyber weapons system that is managed out of Hanscom goes by the name CSCS, otherwise known as the Cyber Security and Control System program.
CSCS is designed to provide 24/7 network operations and management functions to both classified and unclassified networks. The system also supports defensive operations within the information grid.
CSCS crews monitor, assess and respond to real-time events; identify and characterize irregular activity; and initiate response actions. The system filters traffic in and out of Air Force base-level domains and blocks suspicious software.
"The CSCS weapon system is an integral part of the overall infrastructure," said John Dobbins, CSCS program manager. "The systems we are working to acquire and install will improve our security posture and reinforce our ability to fly and fight in the future."
The third cyber weapon system managed at Hasnscom is the Air Force Intranet Control, or AFINC.
AFINC operates the global-level entry points for the service's information network and is the primary interface between each base and the Internet. The system also controls the flow of all external and internal base traffic through standard, centrally managed gateways.
This weapon system integrates operations and defenses through four sub-discipline areas, similar to the ACD system: defense-in-depth, proactive defense, network standardization and situational awareness.
For example, AFINC takes a proactive defense by continually monitoring network traffic for response time to ensure timely delivery of critical information.
In addition to the life cycle management of these three systems, the Hanscom division is working hand in hand with the office of the Air Force Chief Information Officer, AFSPC, Defense Information Systems Agency, Army and Navy to create common infrastructure and operating procedures to transition weapon system capabilities into the Joint Information Environment.
"As a result of our great partnerships with AFSPC, CIO and DISA, we're setting the foundation here in C3I to deliver critical cyber weapon systems to the warfighter, and apply our lessons learned to the Joint environment as well," Bedingfield said. "The weapons systems produced at Hanscom will not only prove valuable to the Air Force, but many other agencies."
(Editor's note: this is the second story in a series of Hanscom cyber initiatives. Gary Durst contributed to this article.)