HomeNewsArticle Display

Cyber operations Airmen 'Hack the Air Force'

1st Lt. Stephen Baker, 352nd Cyber Operations Squadron, watches as one of the Hack the Air Force 2.0 participants attempts to breach the security on a .mil website Dec. 9, 2017.

First Lt. Stephen Baker, 352nd Cyber Operations Squadron, watches as one of the Hack the Air Force 2.0 participants attempts to breach the security on a military website Dec. 9, 2017. HtAF2.0 is a Defense Digital Service sponsored event where civilian cyber security experts were invited to identify and report vulnerabilities in more than 300 Air Force sites. (Courtesy photo by HackerOne)

Capt. Katherine Lawall, 390th Cyber Operations Squadron, answers questions posed by local high school students during a “Hackers Panel” Dec. 9, 2017

Capt. Katherine Lawall, 390th Cyber Operations Squadron, answers questions posed by local high school students during a “Hackers Panel” Dec. 9, 2017. HackerOne coordinated with the non-profit organization Code.org, to invite a group of students to the Hack the Air Force 2.0 event to learn more about computer sciences. (U.S. Air Force photo by Trevor Tiernan)

NEW YORK (AFNS) -- Within 30 seconds of receiving the order to “start hacking,” researchers at the Hack the Air Force 2.0 event discovered two vulnerabilities—exactly the result the organizers were hoping for.

The researchers were cyber security specialists invited to the Dec. 9, 2017 event in New York to identify security gaps in Air Force websites.

Hack the Air Force 2.0 is a continuation of the Hack the Air Force event held in June 2017. Initiated by the Defense Digital Service, the event is a by-invitation opportunity for computer experts outside the Air Force to assist in strengthening the service’s defensive cyber posture, by discovering and reporting vulnerabilities in Air Force websites.

DDS contracted HackerOne, an internationally respected vulnerability disclosure and bug bounty company, to host and coordinate the event. Twenty Fourth Air Force sent a team of Airmen from the 90th, 315th, 352nd and 390th Cyber Operations Squadrons to work alongside their industry counterparts discovering bugs and weaknesses.

“This was a first to showcase our offensive capabilities in an official capacity alongside private and commercial sectors and international partners,” said Maj. Gen. Christopher Weggeman, 24th AF commander. “Not only does this program strengthen those partnerships, it allows the Air Force to both teach and learn from the best and brightest outside of the [Department of Defense].”

Even though HackerOne invited some of the world’s elite hackers to the event, they were surprised to find the Air Force sites were not that easy to crack.

“They were impressed,” said Lt. Col. Jonathan Joshua, 24th AF deputy chief of staff. “As a vulnerability was identified, shortly thereafter, hackers would be attempting to highlight the vulnerability to another team of hackers … but the vulnerability had already been patched. They’d be trying to grab screen shots to prepare a post-day brief, but they couldn't because the systems were already healthy.”

The non-Air Force researchers were able to receive cash rewards of up to $50,000 for each vulnerability they identified under a practice commonly used in private sector known as “Bug Bounties.” Under bounty programs, companies pay so-called “white hat” hackers a reward for pointing out holes in their security.

“Hack the Air Force allowed us to look outward and leverage the range of talent in our country and partner nations to secure our defenses,” said Peter Kim, Air Force chief information security officer. “We’re greatly expanding on the tremendous success of the first challenge by targeting approximately 300 public facing Air Force websites. The cost-benefit of this partnership in invaluable.”

For Maj. Barrett Darnell, 315th COS, the highlight of the day was the interaction between different groups participating.

“What stood out was seeing private sector, independent bounty hunters and the government all come together to find these vulnerabilities,” he said. “I was amazed at the creativity [of the researchers] with some of these issues that were found. So the best part was seeing all these resources come together to solve security problems.”

In a rapidly and perpetually evolving domain such as cyber, interacting with industry partners is essential for the Air Force to stay on top of its game.

“Our cyber warriors are in the fight every day,” said Weggeman. “Our Airmen operate within Air Force networks and employ offensive and defensive capabilities 24/7 in a highly contested environment where the adversary constantly changes tactics and techniques, creating complex vulnerabilities. Participating in the HackerOne hosted ‘hackathon’ allowed our cyber warriors to showcase their immense talent and skills while also learning and strengthening relationships with our partners in industry and other nations.”

At the close of the event, after 12 hours of hacking, participants had identified multiple vulnerabilities, protected 300 Air Force websites and forged immeasurable new partnerships.

Engage

Twitter
RT @AFGlobalStrike: Make sure you're still washing your hands and following CDC precautionary guidelines to help protect yourself and other…
Twitter
Twitter
RT @GenDaveGoldfein: There are rarely parades or accolades given to those in the business of anticipating and avoiding catastrophic enemy a…
Twitter
One pilot was killed when a U.S. Air Force F-16CM Fighting Falcon assigned to Shaw Air Force Base crashed at approx… https://t.co/iBc3rCDzSw
Twitter
Senior Airman Ezra Chavez, 31st Civil Engineer Squadron EOD flight, dons a new EOD 10 bomb suit @AirAviano. The sui… https://t.co/7AxzoWTNGf
Twitter
.@910AW maintenance Airmen are planning to save costs and increase efficiency with a new 3D printer. @USAFReservehttps://t.co/fOUWO8YhKs
Twitter
The E-3 Sentry is an airborne warning & control system, or AWACS, aircraft w/ an integrated command & control battl… https://t.co/qM1mXkvqow
Twitter
.@EielsonAirForce Airmen conducted airborne training to maintain operational readiness at Joint Base Elmendorf-Rich… https://t.co/5ivZf24ay8
Twitter
RT @HQ_AFMC: Know your #rights: Service members are protected by the Servicemembers Civil Relief Act, a law designed to ease financial bur…
Twitter
“Publishing JADO doctrine is a first step in changing how we think and conduct operations with the reemergence of g… https://t.co/9wnN5ILNS2
Twitter
RT @AETCommand: Have you checked @AFWERX’s #DisruptiveAF🎙pod? Check it out! https://t.co/NAMYv6OSLd
Twitter
The 317th Airlift Wing @DyessAFBase recently finished the first round of the new 4/12 C-130 deployment cycle. The c… https://t.co/Pw9tw2NIqq
Twitter
We control the air in this multi-domain fight! #ReadyAF #AimHigh https://t.co/6SYQwbs2ym
Twitter
They called it "the biggest test of @NATO Allies’ ability" in years. #TotalForce #ReadyAF #AimHigh https://t.co/brNWrvaMch
Twitter
.@GenDaveGoldfein visited @RobinsAFB_GA to get updates on the installation. He heard about how missions have progre… https://t.co/4Hvz5ZvRJ8
Twitter
.@SecAFOfficial outlines the Air Force's 4 top priorities: build the Space Force, modernize the Air and Space Force… https://t.co/pIkl23NVtG
Twitter
Register by August 1! Exercise your right to vote! https://t.co/SkTSooPFrr
Facebook
The newest Air Force Podcast recently dropped. Listen to a small snippet of CMSAF Kaleth O. Wright talk with Staff Sgt. New about resiliency. Listen to the entire podcast on Youtube: https://go.usa.gov/xpnAD or Subscribe to The Air Force Podcast on iTunes: https://podcasts.apple.com/podcast/the-air-force-podcast/id1264107694?mt=2
Facebook
Our mantra, "Always ready!" It's the spirit we fly by! #B2Tuesday
Facebook
Need some motivation to get your week started off right? Listen as CMSAF Kaleth O. Wright weighs in...
Facebook
The U.S. Air Force Academy gives its cadets some unique opportunities. Ride along one of this opportunities.
Facebook
A United States Air Force KC-135 Stratotanker refuels an F-22 Raptor over northern Iraq, Nov. 6, 2019. U.S. Central Command operations deter adversaries and demonstrate support for allies and partners in the region. (Video by Staff Sgt. Daniel Snider)
Facebook
Although the Silver Star is the third-highest military medal, it's not given often. Today, TSgt Cody Smith was the 49th Special Tactics Airman to receive this medal since Sept. 11th, 2001. Read more of TSgt Smith's amazing story: https://www.airforcespecialtactics.af.mil/News/Article-Display/Article/2024815/special-tactics-airman-battled-through-injuries-awarded-silver-star/fbclid/IwAR2LZWwx1VHdTnQe39rIEBOuJS_0JvMQBBGt7I-E6zsxxn-Lx9387yu43Bc/ Cannon Air Force Base Air Force Special Operations Command United States Special Operations Command (USSOCOM) U.S. Department of Defense (DoD)
Facebook
Tune in as our Air Force musicians along with other military musicians are awarded the National Medal of Arts.
Facebook
Like Us
Twitter
1,245,636
Follow Us