OFFUTT AIR FORCE BASE, Nebraska –
In 2009, Franklin D. Kramer, former assistant secretary of defense, wrote in the Cyberpower and National Security publication that the United States must create an effective national and international strategic framework for the development and use of cyber as part of an overall national security strategy.
Since that publication, the 557th Weather Wing, under direction from Sixteenth Air Force (Air Forces Cyber) at Joint Base San Antonio-Lackland, is doing just that with their Mission Defense Team.
The Mission Defense Team being developed to detect, protect and respond to cyber threats through the 557th Weather Wing’s defensive cyber operations enterprise is aggressively training Airmen to reach Initial Operational Capability in the third quarter of 2022.
The Airmen and resources for the MDT are from the 2nd Weather Support Squadron. The mission of the 2nd WSS is to secure, protect and defend the 557th Weather Wing’s Air Force Weather Weapon Systems to assure trans-regional, multifunctional, multi-domain capabilities across the range of military operations.
The 557th WW MDT requirements were identified in August 2017 as the result of a Cyber Protection Team report. As a “pathfinder unit,” the 2nd Weather Support Squadron began its initial efforts to transition to a cyber squadron in November 2017 and began retraining for its new DCO mission. After many refinements to the MDTs’ construct, Air Combat Command provided IOC criteria in 2020.
“The 2d Weather Support Squadron runs the MDT, and future missions will be planned and executed within the squadron at Offutt Air Force Base,” said Lt. Col. Trevin Murray, 2nd WSS commander.
It is important to note that the MDT is not funded by the 2nd WSS; ACC is the major command that has overall responsibility for MDTs with regards to funding, resources and manning.
“The ability to effectively perform defensive cyber operations and defend key cyber terrain and assets will directly enable other wing units to generate the weather intelligence and products that support around-the-clock authoritative terrestrial and space-environmental data production, analyses, forecasts, threat-warning and threat-mitigation across multiple security enclaves,” Murray said. “Users of these products include Department of Defense, military services, all geographic and functional combatant commands, the national intelligence community, White House Situation Room, interagency, allied and coalition partners around the world.
Ultimately, when the MDT is able to do its job and protect the weather enterprise, we ensure the confidentiality, integrity and availability of the products and information that our weather Airmen provide can be used to shape military decisions on various levels.”
Currently, the MDT has completed 45% of the assigned IOC requirements. As part of the IOC efforts, 2d WSS Airmen have completed operational missions to map a portion of the mission-relevant terrain – cyber, baseline network traffic, and employ defensive measures to block known adversary tactics, techniques and procedures.
“Even though we have an enormous cyber terrain to protect, we will use the next six months to focus our efforts on key portions of the terrain that are most critical to the 557 WW’s priority missions,” said Murray. “As such, the major reason we have not been able to achieve IOC yet is that our unit does not have the necessary personnel that is required to fully reach IOC.”
Since the creation of the MDT, 10 of the 14 MDT members have completed the three-month Initial Skills Training. This is a significant milestone toward IOC because ACC requires at least 60% of the manning must have completed the CYP&D course.
Additionally, the weather wing has hosted three Cyber Protection Teams. These teams are comprised of Total Force Airmen who scan our networks and look for vulnerabilities. The wing then used their feedback to mitigate threats and harden networks and systems to further protect them from exploitation.
In coordination with the 852nd Cyber Protection Team, which is part of the Air National Guard’s 224th Cyber Operations Squadron, the 2nd WSS established the first-ever Mobile Interceptor Platform to Garrison Interceptor Platform connection. This connection enabled the CPT to conduct operations remotely from their home station vice having to come temporary duty for three-plus months. The overall impact is huge, as it enhances the AF’s capability to perform remote operations while maintaining flexibility.
Although the 2nd WSS was not originally tied to the MDT and CDT mission prior to 2017, they have already made great strides and with help from HHQ in terms of resources and authorities, will continue to make great advances.
“Our mission has applications beyond ACC and the 557th WW,” Murray said. “Our job is to secure the network, hosts, systems and data flows that will ultimately support all mission sets the Air Force Weather Enterprise generates products for - that includes support to combatant commanders, three-letter agencies and national-level taskings.”