[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] Head of Air Force Cyber Command discusses new role, cyberattack defenses
By Ellen Messmer
Air Force Lt. Gen. Robert Elder is head of the Air Force "Cyber
Command," a newly created organization operated under the 8th Air Force
headquartered at Barksdale Air Force Base in Louisiana. Elder describes
the purpose and evolution of the Cyber Command in an interview with
Network World Senior Editor Ellen Messmer.
What is the "Cyber Command" and what's your role related to it?
I'm responsible for the cyber ops command that runs the network
operations for the Air Force. We want to integrate cyber operations into
the Air & Space Operations under the Strategic Command. The cyber ops
piece was started a year ago by the Secretary of the Air Force.
Basically, it's organized training and equipment to establish a new
specialty. Some people are building and operating the network fiber or
global services over encrypted lines. At the next level, we're trying to
defend these networks. So we're establishing tactics, techniques and
procedures to allow us to fight through an attack.
The Air Force has obviously made use of networking for a long time, so
what's really different about the Cyber Command?
We differentiate between computer network security and computer network
defense. Once you're through the gate, you're in, so we look at that as
hostile territory. It's inside defense. Right now, most of what we do
today is computer network security. But we know our adversaries will
attack, and we need training and cyber tools.
What kind of attacks are of concern?
Phishing, for example, is a type of attack. We're arming airmen with the
skills to recognize a phishing attack. We're installing tools to check
URLs. We're integrating commercial products with our own host-based
How many people are in the Cyber Command today?
There are at least a few thousand people now and it will grow to between
5,000 and 10,000. Many people are re-assigned from all over the Air
Force. The goal is to be fully established by October. We can't do
anything without cyber today, we talk about operations in the cyber
Do the other military services, such as the Navy, Army or Marines, have
anything equivalent to the Air Force Cyber Command?
The Navy has the Naval Network Warfare Command and the Army has U.S.
We've been discussing defense but does this have offensive capability?
All of this has developed some offensive capabilities, but you would use
these in a wartime setting. We're developing capabilities to respond to
an attack. The types of things we're doing are ensuring we can continue
to defend the U.S. Even if the U.S. comes under an attack, we can
continue to operate. There are questions, such as how do we deal with
denial-of-service attacks, spoofing or an adversary trying to alter
Are you concerned about cyber espionage?
Cyber espionage is a huge issue to us. We're worried about someone
stealing operational information. Most of our work is done on a
classified network, but the non-classified net is connected to the
Internet. We're concerned about users introducing a backdoor through a
phishing attack or that through something like a thumbdrive, data is
allowed to flow.
What steps can you take?
People need to be careful about clicking on links, so we're very
restrictive. We're putting a lot of things in place, like moving toward
a policy on our firewalls to deny all except by exception. There's a
registry of sites you're allowed to go to. Today, it's simply a
blacklist and we block by categories. (Learn more about network access
control products with our Network Access Control Buyer's Guide. )
What would you like to see the high-tech industry work on in terms of
products or services to support the Air Force Cyber Command?
I'd like to see more work done on being able to identify where an
attacker has put embedded code, perhaps in a Web site, and detect data
that may pose a threat to you. We start by looking at commercial
off-the-shelf products, and that's the kind of thing we look for to
defend a network.
All contents copyright 1995-2008 Network World, Inc
Subscribe to InfoSec News