A cyber protection team, or CPT, from the newly formed Army Cyber Protection Brigade on Fort Gordon, Ga., tested its capabilities at the Aberdeen Proving Ground in Maryland this month against real intruders bent on taking their network down.
- RELATED STORY: US Army Exploring Cyber Materiel Development Strategy
“We’re validating our tactics, techniques and procedures on the network, looking at live traffic” from around the world, said Maj. Michael Stokes, detachment chief of the 101st Cyber Protection Team.
Stokes and 15 other team members are participating in the Joint Users Interoperability Communications Exercise, or JUICE, at Aberdeen, June 1-27. Besides validating tactics, techniques and procedures, or TTPs, JUICE is testing network cross-talk between the Guard and other services, federal agencies and NATO, including former Warsaw Pact nations.
In a real operation, the J-6, meaning joint-level cyber, would have overall control, with each CPT reporting to the Joint Cyber Cell for operational taskings. The only difference here at JUICE, is that the Joint NetOps Coordination Center, or JNCC, is acting as the traditional J-6.
Another benefit of the exercise, Stokes said, is that the testing environment is rich with new and innovative tools, which will inform future hardware purchases that cyber defenders use with their mission packages as they deploy in support of combatant commanders or protecting the homeland, he said.
Also, collaborating with cyber defenders from outside the Army enables Soldiers to share useful methods with others. These ideas, along with “tool methodologies” will be used to inform key leaders, he said.
IMPORTANCE OF CYBER
With so much of the Army’s equipment and mission control functions being tied to the network, defeating that network is a high priority for those who would do America harm, Stokes said. A cyberattack “is a great asymmetric tool for an adversary who can’t face us in a direct kinetic fight.”
The Army secretary recognized the importance of cyber by creating the 17 Cyber Branch in September. The number 17 is significant because it falls into the lower-number combat maneuver branches like 11 being infantry, 13 being armor and so on, with support functions having higher branch numbers, like logistics being 74, he said.
“As we continue to build out the Army’s cyber protection teams, we must be cognitive of the fact that the days are gone where we operated with the belief that we possessed complete superiority in the cyber domain,” said Brig. Gen. John W. Baker, commander of the 7th Signal Command (Theater), during a ceremony when the brigade stood up in September. “Increasingly, we must be prepared to defeat more sophisticated adversaries who are relentless in their desire to disrupt or deny our advantage in cyberspace.”
ROOM ON THE TEAM
Even as the Army is drawing down in most military occupational specialties, or MOSs, all components are hiring cyber warriors, Stokes said. It’s a growth MOS for Soldiers, as well as Army civilians.
Besides special duty pay for those with experience and critical mission roles, the Army is investing a lot of money in advanced schooling and additional opportunities to train with industry, he said.
Soldiers get so much training and experience that industry tries, and sometimes succeeds, at luring them away, he said.
“You’re not going to be able to do this like we do this anywhere else,” Stokes said. “Civilian corporations do a lot of this stuff [cyber security] but the intensity of what we do is much greater. We’re probably the most-attacked network in the world. You’re definitely going to make a difference and get an opportunity to learn.”
Daniel Hankins, an Army civilian and member of Stokes’ CPT, said he enjoys his job as a discovery, counter-infiltration specialist. He started out in 7th Signal Command in 2004, then jumped ship for a few years, working at the Centers for Disease Control and Prevention as a forensics analyst.
When the brigade formed in September, Hankins said he jumped at the chance to return to the Army team that he missed so much, along with the intensity Stokes described.
Collaborating and learning new TTPs every day while fighting against an adaptive enemy who constantly finds new ways of attacking the network is intriguing and is an exciting challenge, he said.
Staff Sgt. Mitchell Pieratt, interactive operator, joined the CPT last year. He spent his first 10 years in the Army as a medic, pulling two deployments in Iraq and one in Afghanistan.
Around 2007, he said he began reading how military networks were being attacked. He realized that cyber would be a rapidly developing career field that he wanted to someday be a part of.
Pieratt admitted that he had no training in information technology, but he inquired anyway. The Army determined he had the aptitude needed to learn and a good record as a Soldier “so they trained me.”
It’s “an amazing MOS,” he said. Soldiers in “stagnant or downsizing MOSs should definitely consider this.”
Pieratt revealed that his training and experience has already resulted in offers from industry to lure him away. He said he thinks he’ll stay in the Army, though some of the offers are tempting and he’s keeping his options open.