Team Works to Defend Digital Battlefield in Europe
By Kristopher Joseph
Special to American Forces Press Service
MANNHEIM, Germany, Dec. 31, 2007 In 1983, with the Cold War still going strong, a movie called “War Games” depicted an eccentric computer hacker named David Lightman, played by Matthew Broderick. With dogged determination to play a military-generated “game” -- Global Thermonuclear War -- David managed to hack into the North American Aerospace Defense Command computer system and almost caused an actual nuclear war with the Soviet Union.
The Army’s 5th Signal Command has created a cyber-threat intelligence cell to detect, monitor and combat malicious digital infiltrations on military computer networks. Photo by Sgt. Michael Taylor, USA
(Click photo for screen-resolution image);high-resolution image available.
“War Games” represented the tensions and anxieties of the ever-looming nuclear threat during the Cold War nuclear arms race. The global war on terrorism has replaced many threats of the Cold War. Many believe that in today’s “information age” there are real David Lightmans who pose a cyber threat to military networks that could cause the loss of innocent lives unless something is done about them.
“We are taking a proactive approach to stop these ‘hacktivists’ from attacking our systems,” said Robert Hembrook, deputy chief of intelligence for United States Army Europe’s 5th Signal Command here.
For the first time in the European military theater, a cyber-threat intelligence cell has been created for the specific purpose of detecting, monitoring and combating malicious digital infiltrations on military computer networks, Hembrook said.
Cyber defense is implemented at the Department of Defense level and already was under way in the halls of U.S. European Command, in Stuttgart, but a fully developed and funded European theater-level cyber cell now is active within 5th Signal Command, Hembrook said.
The cell consists of three experienced intelligence and computer experts whose jobs are to observe potentially harmful data passing from the Internet into friendly networks, identify patterns of attacks, analyze data, and advise the operators of the network so that they can take preventative action to ensure the safety and security of all systems in the European footprint.
“The fact is that there are people currently trying to break into our systems in an effort to obtain data or plant viruses that put servicemembers and their missions at risk,” one of the cyber cell members said. “We simply cannot be vulnerable in this area.”
The military, along with most other organizations, relies more and more on the speed and capabilities of computer-based technology to give it an edge on the battlefield. This reliance also allows an extra avenue of attack for the enemy. “This cyber cell marks a change of approach in the intel world,” a team member said. “We are already experts on predicting physical attacks from the enemy, but we never had a dedicated staff to predict and prevent virtual attacks at a theater level.”
Besides combating threats from the outside, the cell is also involved with helping its military users prevent “digital fratricide” from the inside. For work and morale purposes, DoD policy allows users filtered, monitored access to the World Wide Web on government computers. According to a cell member, this is to obtain business-related information and to visit non-work related sites as long as casual browsing does not affect getting missions accomplished.
“It’s a delicate relationship of balancing functionality and security,” a cell member said. “We know that many users can’t do their job without computers and the Internet, so we look for ways to help protect them.”
“Users need to know that Internet access is a privilege and not a right,” one cyber cell member said.
The cell has taken another proactive step by leaving their offices and actively engaging and informing commanders and military communities of their findings as well as stressing the importance and relevance of the cyber battlefield.
Another cell member said that the team’s audience is the leadership in theater because they are the ones who can affect changes in how members of the DoD deal with and fight these cyber threats.
“We have had nothing but positive feedback from commanders,” one cell member said. “They are taking our reports seriously, and more and more they are seeing that, if our data or systems get compromised or abused, threats to our systems can affect not only those sitting behind a desk, but also those on the front lines.”
Since the 5th Signal Cyber Cell has shared its results to the intelligence community, other military organizations are asking how they too can have a cyber cell to find their own digital landmines, team officials said.
“This (cyber cell) is unprecedented at this level,” a cell member said. “I saw the need for this when I worked at the DoD level. Members of the cell believe that network-defensive measures should be implemented at all levels in the military because a computer’s role is becoming just as vital as an M-16 rifle in terms of winning today’s wars.
“As much as the military trains its own on weapon safety, so we should be training them on computer and network safety,” the cell member said. “That is where informing the leadership and giving them briefings becomes so vital.”
In a 2006 interview for Defense Systems magazine, Tom Reardon, chief of the Intelligence Division for Network Enterprise Technology Command at Fort Huachuca, Ariz., had this to say about the level of importance computer networks play in military operations: “Network-centric operations are how we prosecute war and sustain the warfighter. If an enemy can degrade or destroy that capability, the tide of the battle could easily be turned in their favor. Worse yet, if the enemy succeeds in denying our network-centric capability, our forces may not be able to deploy; we couldn’t show up to seize or defend terrain or support an ally.”
Today, the 5th Signal Cyber Threat Intelligence Cell team members are the U.S. Army Europe warfighters in virtual trenches making sure the digital frontlines are defended.
“From an intel point of view, we’ve gone from ‘patch the leaks’ to ‘build a better boat,’” Hembrook said.
(Kristopher Joseph is a public affairs specialist and editor of 5th Signal Command’s biannual Echo magazine.)