[Infowarrior] - PACOM's Joint Test Project For Cyber Ops Signs First Field Test Report

[Richard Forno]

Inside the Pentagon - 08/11/2011

More milestones anticipated

http://defensenewsstand.com/component/option,com_ppv/Itemid,287/id,2372549/

PACOM's Joint Test Project For Cyber Ops Signs First Field Test Report

A major Defense Department cyberdefense exercise aimed at developing new
techniques has completed a key milestone and expects to release a draft of
tactics, techniques and procedures developed during the test this fall.

U.S. Pacific Command has been working with the Pentagon's operational
testing shop on a Joint Cyber Operations Joint Test project since Michael
Crisp, the deputy director for air warfare within the testing office, signed
off on the initiative's charter in August 2010 (Inside the Pentagon, March
2, p1).

The Joint Cyber Operations (JCO) Joint Test completed its first field test
in April and May, and officials signed out a report last month, PACOM joint
test director Matt Goda said.

"It provided informal feedback to the Joint Program Office (JPO) on the
accomplishment of the test event objectives, problems or issues encountered
and the Joint Test director's comments on the way ahead," Goda said of the
"for-official-use-only" report.

The command plans to release a revision of the cyberdefense tactics,
techniques and procedures tested during the project this fall. A classified
draft of the TTP was prepared during the recently wrapped-up field test,
Goda said.

Additionally, the Pentagon and PACOM will hold meetings to review field test
findings, conclusions and recommendations, as well as the project's Concept
of Operations and TTP development.

A Joint Warfighter Advisory Group (JWAG) and the General Officer Steering
Committee (GOSC) will be held next month to "share our assessments with the
cyber community leadership," Goda said.

According to a July 2011 newsletter from the Pentagon's Joint Test and
Evaluation shop, the project's director "chaired several Test Readiness
Reviews" prior to field test 1 with test team participants and two main test
events were used.

The first scenario, a test which took place April 18-29 in Hawaii, "involved
conducting [Virtual Secure Enclave] network protection and malicious attack
detection using the Adaptive Cyber Defense (ACD) TTP." Participants from the
military services then used the ACD TTP to "conduct defense cyber operations
and VSE installation in both laboratory and realistic operational
environments." 

The second scenario occurred on the live Secret Internet Protocol Router
Network May 20-25 in conjunction with the PACOM exercise, Terminal Fury
2011.

"VSE nodes were established at six locations and involved personnel from
PACOM, COMPACFLT, Seventh Fleet, Pacific Air Forces, Marine Forces Pacific
and Joint Warfighting Center," the newsletter states.

Inside the Pentagon previously reported that the virtual secure enclave
(VSE) strategy was a particular focus of the test project. A VSE could look
like "a little part on a computer rack," but pragmatically, the operational
strategy "provides some interior boundaries," Goda told ITP at the time.

"The thing about the cyber domain is, we created it. We can change it and we
can adapt it. And so we're building up these interior defenses, because a
computer defense is always going to be a defense-in-depth," Goda said. "It's
always going to be a layered defense. Any time you're going to put all your
eggs into one basket, so to speak, if that one criteria . . . is discovered
to have one vulnerability, everything is vulnerable."

A VSE works by beginning to lay out those additional layers, working similar
to a "high ground" strategy in the land domain of warfare.

-- Amanda Palleschi