11 February 2018

Too Busy To Train? The Navy’s Cyber Dilemma

By SYDNEY J. FREEDBERG JR.

SAN DIEGO: The Navy’s overworked IT teams need new “virtual training tools” and more time to train, especially for all-out cyber/electronic warfare against a high-end adversary, the commander of Naval Information Forces said here Tuesday.

As the new National Defense Strategy refocuses the entire military from counterinsurgency in Iraq and Afghanistan to great-power warfare against Russia or China, cyber warriors have one advantage: They’re already there. It’s Russian and Chinese hackers, not the Taliban or ISIS, who are probing Defense Department networks every day — what insiders call the Advanced Persistent Threat (APT). But just because you face an adversary every day, that doesn’t mean you’re trained for everything they could do the day they decide to go all-out. Think of submariners: They shadow Russian and Chinese subs all the time, but they aren’t doing torpedo runs. The same holds true in cyber/electronic warfare, where an enemy may save his most powerful software exploits or radio jamming for a major crisis.

Then-Rear Adm. Matthew Kohler speaks to the 2017 Sea-Air-Space conference outside Washington.

Unfortunately, it’s all too easy to forget that distinction until it’s too late, said Vice Adm. Matthew Kohler, head of NAVIFOR, at the AFCEA-USNI WEST conference here. The situation of the Navy’s information technology workforce, he said, reminds him all too much of the Japan-based 7th Fleet before a string of accidents last year killed 17 sailors.

7th Fleet ships were almost constantly at sea to meet high demand for naval presence in tense waters of the West Pacific. Because they were operating all the time they earned a reputation for having the most experience in the Navy. In fact, in order to meet all the demand for missions, they were cutting corners on training and waiving safety certifications. The assumption was “since they’re always operating they don’t need to train as much,” he said. That was proven lethally wrong when the destroyers USS Fitzgerald and USS McCain, in two separate incidents two months apart, crashed into civilian ships because of failures in basic seamanship. (And if 7th Fleet ships couldn’t handle basic seamanship, argue retired captains and the former deputy secretary of defense, how could they handle a war with China?).

The damaged destroyer USS Fitzgerald pulls into Yokosuka, Japan after colliding with a commercial ship. Seven sailors died.

Navy IT professionals — sailors and civilians — are likewise operating all the time, Kohler said. It’s likewise all too easy to assume they’re getting all the practice they need, so formal training can go on the backburner. That would be a mistake, he said.

“They’re part of the fight. These sailors man their systems 24-7,” Kohler told me and a fellow reporter after his public talk. Besides IT sailors aboard US warships, he said, the Navy has some “80 operational commands ashore” that report to Kohler. These are our communications centers, our intel centers, our information operations centers,” he said. “They have tremendous capability that stays connected to the fleet,” provided constant, often real-time support to forward operations.

Navy cyber operators

“How do we ensure that their training is maintained (and) carve some time out with these forces that are always operating?” asked Kohler, who is responsible for these forces’ readiness. “We can’t pull them off the line” and, say, devote a communications center to training exercises for weeks. Instead of the fixed cycle of reset, train, and deploy that warships follow, he said, training for cyber must be “adaptable” and work with the busy schedules of information warfare units.

One tool is special training teams that visit and test IT units’ response to specific scenarios, so no one is “grading their own homework,” Kohler said. This was a major problem in 7th Fleet, where the same commanders were responsible for both providing ships to conduct missions and certifying they were ready for those missions.

Another major need is for new simulations and other virtual training tools, Kohler said. On the most basic level, having virtual training easily accessible wherever you are could let IT sailors stay current on the latest technology, rather than get trained on one version of software at a schoolhouse and then later get assigned to a ship with an updated version. Space & Naval Systems Command (SPAWAR) is working on just such a system for the CANES network used aboard ships, Kohler said.

When it comes to high-end threats, simulations let troops train for extreme situations that would be prohibitively expensive — or dangerous — to replicate on real-life systems. No one is likely to risk crashing the Navy’s communications networks for real as part of a training exercise, for example. And while simulations can never capture the raw feel of physical combat, that’s not an issue for cyber sailors who fight their battles with a keyboard.

“We can’t walk away from live training,” Kohler emphasized, “(but) not all training has to be live.”

No comments: