The military services have taken a keen interest in cyber defense and resiliency of their networks.
The common adage the military has come to adopt is it's not about if they will be hacked, but when they will be hacked. With that, cyber defense has become a cornerstone of spending dollars – which in many cases is separate, though in partnership with the joint-strategic cyber mission forces the services provide and feed to Cyber Command.
"In terms of capability, the Army does have a cyber strategy for capabilities – capability development. And our emphasis is on defense for the Army. The national part does offense, the Army, as a service, does defense," Army Chief of Staff Gen. Mark Milley, said at the Senate Armed Services Committee May 25. "And what's important for us is to protect our network, protect our ability in the electromagnetic spectrum from everything from degraded operations or complete shutdown, all the way to spoofing."
"We have set up the first, as I know of in the world, live cyber range at the National Training Center," Milley added, noting these tactical forces are "being exposed to an enemy, a free thinking [opposing force] out at the training center that executes high end cyber operations against our own units. And our soldiers are learning to come to grips with that."
His reference points to the training efforts to integrate organic cyber and electronic warfare personnel within brigade combat teams called the Cyber and Electromagnetic Activity (CEMA) Support to Corps and Below.
During a briefing on the FY18 budget at the Pentagon this week, Maj. Gen. Thomas Horlander, the director of Army Budget, said "In the area of cyber, our RDT&E efforts are centered on the persistence cyber training environment, program that supports cyber training ranges for both initial and unit-level training, proficiency, and certification."
The Army is spearheading the Persistent Training Environment for the entire Defense Department to allow the cyber mission force to conduct training in a persistent manner, just as infantryman hone their marksmanship on the shooting range.
The Army's FY 18 budget lists six line item's for the PCTE, to include:
- Event Management for Persistent PCTE to develop event scheduling, allocation, and management function that include event design, planning and execution, supported by standardized training assessment tools and capabilities ($18.6 million in FY 18);
- Environment operations and management for PCTE to develop PCTE with realistic vignettes/scenarios as part of a system (syllabus) of individual and collective training that includes certification and real-world mission rehearsals ($14.1 million in FY 18);
- Physical and Virtual Connectivity for PCTE to provide on-demand reliable, secure physical and virtual global access from wherever participants are geographically located ($19.7 million in FY 18);
- Training Sites to provide a capability to enable and provide the CMF to connect to the PCTE from Base, Post, Camp, Station, or Deployed Locations for distributed cyber training, certification, and major training events ($0 in FY 18);
- Government Program Management for PCTE with FY 18 plans to provide program management, engineering and technical oversight, contract support and travel for the PCTE program ($2.3 million in FY 18);
- PCTE Test and Evaluation with FY 18 plans to integrate multiple applications and environments as well as connectivity to the existing Cyber Ranges ($1.6 million in FY 18).
Additionally, Army budget documents note that the FY18 defensive cyber operations enterprise infrastructure base procurement dollars of $53.436 million "supports the procurement of equipment, engineering, integration, configuration management, testing, training, accreditation, and fielding of defensive cyberspace infrastructure and capabilities."
The Army is also requesting $55.1 million from its base budget in RDT&E for program element "Defensive CYBER Tool Development." This element provides funding for a variety of cyber tools for a variety of program offices to include PEO-C3T, which is concerned with communications networked equipment, as well as PEO-EIS.
The Air Force is also undertaking several defensive cyber measures. Many items fall under their program element "Cyber Resiliency of Weapon Systems," which includes efforts to:
- Increase weapon systems cyber security and resiliency in all phases and activities of the acquisition life cycle;
- Prototype, evaluate, and transition techniques that address gaps in expertise, skills, capacity, and knowledge in cyber security and resiliency that is needed to assist acquisition professionals in the performance of their acquisition life cycle and sustainment of weapon systems duties
- Prototype, evaluate, and transition cyber secure and resilient risk-informed processes, tools, products, and policies into all phases and activities of the acquisition life cycle and sustainment processes and organizations used to acquire weapon systems.
The Air Force is also spending a total of $20.9 million from their base budget for "AF Defensive Cyberspace Operations" program element. Among various programs and goals, which they list as "defensive cyber capabilities that protect the AFNET and DoD network enclaves, to include their associated computer systems, software applications and sensitive operational information against unauthorized intrusion, corruption, and/or destruction," include two programs called Firestarter and Cyberspace Vulnerability Assessment/ Hunter Team weapon system.
Firestarter "utilizes cyber and Information Assurance (IA) technology investments by US Cyber Command, the Defense Advanced Research Projects Agency (DARPA), the National Security Agency (NSA), Director of National Intelligence (DNI), Intelligence Advanced Research Projects Activity (IARPA), and the Department of Homeland Security (DHS), and various government research laboratories, to jump-start its development of solutions to existing Air Force cyber and IA requirements," budget documents state. It seeks to "identify, analyze, test, rapidly acquire, and integrate emerging IA and cyber technology and defensive cyberspace weapons systems and capabilities into all regions of the [Global Information Grid] – terrestrial, airborne, and space systems."
Cyberspace Vulnerability Assessment/ Hunter Team weapon system "develops new capabilities to provide Air Force Cyber Command (AFCYBER) and Combatant Commanders additional mobile precision in addition to currently fielded protection capabilities to identify, pursue, and mitigate cyberspace threats. The CVA/H weapon system performs defensive sorties world-wide via remote or on-site access."
Moreover: "The Hunter mission focuses on the capability to find, fix, track, target, engage, and assess (F2T2EA) the advanced persistent threat (APT)."
The Navy provided that it is looking to spend $128 million on cyber resiliency in FY18, as opposed to $93 million in FY17. Last year, the service asked for $88 million in cyber resiliency, which went toward research and development associated with cyber resiliency going towards specific recommendations from Operation Rolling Tide and Task Force Cyber Awakening.
Marine Corps Forces Cyberspace Command has slated $4.5 million for cyber tool development to support "costs associated with research, development, and modification of cyber technologies supporting Marine Corps Cyber Mission Forces (CMF) and missions assigned by USCYBERCOM." It also provides that the acquisition strategy will support funds for "contracted tool developers at NSA, Fort Meade for the preponderance of the work. However, other vendors or government activities that are yet to be determined will be used in further infrastructure development for the cyber environment."