PITTSBURGH INTERNATIONAL AIRPORT AIR RESERVE STATION, Pa. -- Sixteen Airmen manned their battle stations. The clock ticked closer to the expected moment of contact and then the attack began. Rather than the Airmen being armed with M-4 rifles they were armed with computer mice and rather than a physical attack coming from an enemy in mass a digital adversary attempted to find and exploit the 911th Airlift Wing’s network vulnerabilities.
Exercise Cyber Tepper was a collaborative effort between Maj. Geoffrey Dobson, officer in charge of cyber assurance with the 911th Communications Squadron, who works for the CERT division of the Software Engineering Institute at Carnegie Mellon University, and Jerro Guo, PhD student with the Tepper School of Business. The exercise was held on December 4, 2016, at the 911th AW.
The focus of Guo’s study is to determine if teams that rely less on procedures will perform better in dynamic environments, which he believes to be the case. This initial exercise at the 911th served as a test for the test, making sure each aspect of this exercise made sense for future trials.
“It was a pilot study, a proof of concept for the researcher,” said Dobson. “He met his goal in evaluating if Cyber Tepper is a worthwhile experiment. We met our goal in continuing to push the envelope in training our Cyber Airmen in innovative ways.”
This exercise followed Cyber Lightning, an exercise which put members of three different communications squadrons head to head combatting cyber-attacks. While Cyber Lightning was an offensive exercise, Cyber Tepper kept members of the 911th CS on the defensive.
“We were trying to determine if the system was vulnerable to a cyber-attack, and if it was vulnerable, what was causing it to be vulnerable,” said Staff Sgt. Adam Walter, cyber transport systems technician with the 911th CS.
Although the exercise was successful in that it supported Guo’s hypothesis, it also presented some unforeseen challenges.
“One of the biggest and most frustrating parts was that everything ran slowly because we’re going out on NIPRNet to a CMU website and bringing information back,” said Walter. “If we had a local server it would have been quicker and we could have gotten more done.”
A local server for cyber operations is exactly what’s in the works for the 911th CS. Dobson said that the squadron’s goal is to create a virtual lab environment for Airmen to train on realistic tools and infrastructure.
Brian Barnes, IT systems specialist with the 911th CS, said the squadron is currently working on repurposing a server from an old mission to act as the server for a cyber operations training program.
“All of the components that the trainees connect into would actually be hosted here instead of us trying to connect through the internet back to CMU,” said Brian Barnes, IT systems specialist with the 911th CS. “We would be able to start setting up our own scenarios and environment and it’s something we can set up and then shut down and bring back out and start up again. It would be our own asset.”
Barnes said that not only would this make future exercises like Cyber Tepper run faster, but it would also add an aspect of mobility to the exercises. Communications Airmen from the 911th could bring the server to other bases and run their own cyber wargames.
With threats in the cyber world ever changing, Maj. Geoffrey Dobson and his squadron make sure to expose their Airmen to the evolution of military cyber operations.
“Because the cyber domain has become such a crucial national security issue, it’s important that Airmen get the best cyber training available,” said Guo. “With their help and feedback we’re going to be able to make adjustments and make it more effective in the future.”