The Department of Defense reports an average of 6 million cyber intrusion attempts or attacks a day, and says demand for cyber operators has never been higher. To respond to these threats, the Pentagon plans to expand its ranks beyond the 900 cyber warfare operators in U.S. Cyber Command.
The Center for Cyber Research expects to educate up to 1,000 students every year within the next few years, up from about 700 now, according to Richard A. Raines, the center’s director before he departed recently to work for the Oak Ridge National Laboratory in Tennessee.
His goal: Get students to think outside the box.
Inside the doors of the secretive Center for Cyber Research at the Air Force Institute of Technology, students put brains behind cyber brawn. In a virtual exercise, dubbed 2013 Cyber Defense Capstone, a giant flat screen on a wall is filled with a grid pattern of boxes with symbols as students strategize in a cyber version of capture the flag.
“The biggest challenge is not only to take control of (the grid box), but to keep everybody else out,” said Air Force 1st Lt. Justin Ball, a center graduate student. “The easier it is to break into the box, the harder it is to keep everybody else out.”
Keeping cyber attackers out, and learning how to control critical infrastructure such as power plants and oil and gas pipelines, is key to what the students learned during the exercise.
“It’s actually the closest thing we’re going to get to in hand-to-hand combat in the cyber arena,” said Tim Lacey, Center for Cyber Research director of information technology. “It’s cyber warfare.”
‘A serious threat’
Air Force officials did not provide information on how many cyber intrusions strike the Air Force and Wright-Patterson Air Force Base, home to the Air Force Materiel Command and the Air Force Research Laboratory, but they remain a “persistent threat” to both the service and the base “and those threats continue to intensify,” said Raines.
Defense contractors, financial institutions, local and state governments, universities, research firms and industry all confront cyber threats that disrupt operations or steal or destroy data, experts say.
“It’s a serious threat, not just for the defense community in the area, it’s a serious threat for the entire nation at all levels,” said Hugh Bolton, president and chief executive officer of the Advanced Technical Intelligence Center, a Beavercreek-based private training program that produces cyber security and intelligence analysts.
“Anything is vulnerable these days,” he said. “Our cell phones, our computer systems, our networks.”
Many institutions are not eager to disclose Internet-launched attacks, however, and when a move to pass cyber protection legislation on private industry met resistance in Congress, President Barack Obama signed an executive order last month requiring federal agencies to share information on cyber threats with companies that operate power grids, transportation networks, water plants and other critical infrastructure.
“As you know, nobody is eager to announce problems,” said Mateen Rizki, Wright State University chairman of the computer science and engineering department, which recently launched a master’s degree program in cyber security. “The only time when we hear about the problem is when the problem can’t be hidden in some way.”
Mandiant, an Alexandria, Va.-headquartered cyber security company, released a report this month that showed 17 percent of industry cyber attacks target aerospace and defense firms. Fourteen percent hit energy companies and 11 percent strike financial institutions.
Attackers have increasingly used outsourced service providers to gain access to networks, among other sophisticated measures, the report added. Still, the number of companies Mandiant worked with that were able themselves to detect hackers increased to 37 percent, up from 6 percent, while the number of days cyber intrusions went undetected declined to 243, or 173 fewer days in a year-to-year comparison.
In February, Mandiant reported it had tracked a People’s Liberation Army cyber unit in Shanghai to numerous intrusions worldwide, but China has denied the allegation and cited the United States as the source for more than half the cyber attacks against China this year. One of the most widely reported stories in recent weeks disclosed that Chinese hackers had penetrated computer networks at The New York Times, The Wall Street Journal, The Washington Post and Bloomberg News.
The Center for Strategic and International Studies in Washington has tracked nearly 125 successful cyber espionage or attacks around the world since 2006, from attempts to gain access to the controls of American gas pipelines to intrusions on NASA computers in 2011 that stole 150 user credentials that could allow entry to the space agency’s systems.
The New York Times has reported that the United States and Israel launched online attacks to destabilize and destroy hundreds of Iranian centrifuges needed for the enrichment of nuclear material.
Cyber job growth
At Wright-Patterson, the Center for Cyber Research teaches both offensive and defensive cyber operations.
“What we try to do is expose our students to both sides of that coin,” Raines said. “We do a lot of emphasis on the defense side because it is extremely difficult.”
The center works with the Department of Homeland Security, the lead agency charged with protecting U.S. cyber networks; the Federal Bureau of Investigation; the National Security Agency; the Central Intelligence Agency; and other “three-letter’ organizations, he said. It also trains defense contractor employees.
Southwest Ohio has an active presence in the military and training cyber domain. The 178th Fighter Wing at the Springfield Air National Guard Base, for example, has an intelligence squadron that performs computer network exploitation for the 659th Intelligence, Surveillance and Reconnaissance Group at Fort Meade, Md. The 251st Cyber Installation Group, based in Springfield, has set up information technology networks around the world.
The University of Dayton offers a graduate-level cyber-security management certificate and local industry needs led Wright State to start its master’s program in cyber operations.
“We met with people from different companies and said, ‘What should we be doing?’ ” said Rizki, of Wright State. “The process here has been driven by what we view as our end users, the customers here who need the students that we produce.”
Bolton sees an opportunity for new jobs that will exceed the demand for the intelligence analysts ATIC produces. The Beavercreek-based program set up a “cyber boot camp” at Auburn University in Alabama with plans to expand elsewhere. ATIC has drawn students from 28 states, most of whom found jobs in Ohio.
“This is such a huge problem, but it’s an incredible opportunity at the same time,” he said.