Maintenance window scheduled to begin at February 14th 2200 est. until 0400 est. February 15th

(e.g. yourname@email.com)

Forgot Password?

    Defense Visual Information Distribution Service Logo

    MD Airmen conduct first-ever defensive cyber training on base network

    275 COS Defensive Cyber Mission

    Photo By Staff Sgt. Alexandra Huettner | U.S Air Force Capt. John Tibbetts, network analyst Lead for the 275th Cyber Operations...... read more read more

    MIDDLE RIVER, MARYLAND, UNITED STATES

    02.15.2022

    Story by Airman Alexandra Huettner 

    175th Wing, Maryland Air National Guard

    MIDDLE RIVER, Md.-- Members of the 275th Cyberspace Operations Squadron, Maryland Air National Guard, conducted one of the first-ever enduring defensive cyber training missions in a Title 32 mobilization status on an installation’s network, at Warfield Air National Guard Base, Maryland, Nov. 16-19, 2021.

    “This training is a very unique opportunity and it is the first that the Air National Guard has been able to do in a sustained and recurring process,'' explains U.S. Air Force Maj. Eric Burdon, director of operations for the 275th COS. “That was our first iteration of this new program and we look forward to conducting more of these events in the future.”

    The training was conducted on the 175th Wing’s non-classified internet protocol router network, or NIPRnet, in order to branch out from the usual scripted training scenarios and discover what the team was capable of when given unplanned scenarios. This resembles what could potentially be tasked on a real mission while in a Title 10 status, which typically authorizes federal active-duty military service under the president in support of national defense.

    While mission-type training often requires a Title 10 status due to the necessity of additional authorities, the unscripted and real-world nature of the 275th COS’ training allowed Airmen to be in a Title 32 status without the need for additional authorities to execute. This places Guard members in a mobilized status under the authority of the state’s governor and allows for the training to be conducted completely internally which enables more flexibility.

    The team focused on a hunt mission type involving searching for anomalous activity and unusual behavior and determining whether there was a misconfiguration or a genuine threat to further identify and remove.

    “It gives Airmen an opportunity to coordinate with mission partners, which they could be doing in a real-world environment too,” said Burdon. “That command and control function, as well as actual tactile work on the keyboard, is a huge benefit. It is not an easy task, so it was a great opportunity for them to flex that muscle.”

    During the training mission, the team collected and analyzed over 1.7 terabytes of data across 161 NIPRNet client and networking systems over a 96-hour period. As well, the team discovered 121 unique installed applications, 526 unique hashes from 51 entry locations, and 4,640 unique file paths of running processes in the notional environment.

    The defensive cyber mission provided an opportunity to develop, train and exercise internal cyber defense on the base NIPRnet and was the first of this type of training to ever be conducted by the National Guard. Missions like this open the National Guard to better, more comprehensive training which will result in a more prepared cyber force for the future.

    “I am immensely proud of our men and women in the 275th Cyberspace Operations Squadron and all the great work they do,” said U.S. Air Force Brig. Gen. Jori Robinson, commander of the 175th Wing, MDANG. “They continue to amaze me with each new milestone they surpass. This is another example of our Airmen leading the way in multi-domain operations.”

    NEWS INFO

    Date Taken: 02.15.2022
    Date Posted: 02.15.2022 20:13
    Story ID: 414707
    Location: MIDDLE RIVER, MARYLAND, US

    Web Views: 167
    Downloads: 1

    PUBLIC DOMAIN