HomeNewsArticle Display

'Special Program' emerges to combat cyber insider threats

The Mission Solutions Analysis team from Hanscom Air Force Base, Mass., developed the Insider Threat Universe model used to describe how certain technologies protect, in part, the Air Force's secure networks. (Courtesy graphic)

The Mission Solutions Analysis team from Hanscom Air Force Base, Mass., developed the Insider Threat Universe model used to describe how certain technologies protect, in part, the Air Force's secure networks. (Courtesy graphic)

HANSCOM AIR FORCE BASE, Mass. (AFNS) -- It's not often that the public gets to hear about the Air Force's inner workings when pertaining to highly classified networks; however, a special programs team from Hanscom Air Force Base’s Command, Control, Communications, Intelligence and Networks Directorate has recently emerged, making their presence known.

"We have developed an agile and efficient process for delivering solutions that protect against the cyber insider threat," said Lt. Col. Richard Howard, the Materiel Solutions Analysis (MSA) chief.

Unlike other teams within the Special Programs Division, the MSA is the only one that functions outside the classified realm.

The team's mission is to rapidly identify and test government and commercial off-the-shelf hardware and software, and if viable, transition it to the classified arena. However, combating the cyber insider threat on secure networks quickly became one of MSA's primary focuses.

In January 2014, the special programs unit stood up the MSA Lab, where the team tests and scrutinizes commercial and government technologies that could potentially function on a secure network, and at the same time, serve as a deterrent for insider attacks.
The MSA Lab consists of three sections: Level 1, a robust unclassified area used to test incoming technologies; Level 2, which has the potential to perform classified tests; and Level 3, which is a virtual demonstration room.

Since MSA's inception, they have fielded more than 100 proposals on insider threat mitigation technologies from commercial companies, both large and small.

"The MSA Lab is unique, and by design, highly specialized on the needs of a select classified community," said Paul Krueger, the MSA chief engineer. "Being co-located at Hanscom AFB with the Hanscom Collaboration and Innovation Center is important so that when necessary, we can take advantage of its infrastructure for massive joint and multi-nation coalition warfighting experiments and demonstrations."

Upon significant amounts of testing, the Air Force partnered with MIT Lincoln Laboratory and began to notice a common misconception within industry.

"We saw a disturbing trend emerging from companies -- that there is a single solution fix to insider attacks," Howard said. "The cyber insider threat is complex, and to believe a single technology exists that will prevent malicious insiders from stealing, altering or destroying sensitive information is inaccurate."

To better understand and depict the intricacies of this problem, MSA engineers devised a model known as the Insider Threat Universe (ITU).

The ITU concept is comprised of layers that convey how certain technologies protect in part -- but not in all -- the Air Force's secure networks.

Confidentiality, integrity and availability make up the basis of the ITU with information serving as the core. Procedures, policies and monitoring are other items that directly impact information concerns. Specific areas such as data-at-rest encryption and role-based access controls represent technology layers also used to protect information.

The MSA team realized the need to socialize the ITU concept and generate open communication among other Defense Department agencies also faced with growing insider threat problems.

Last month, the MSA office hosted the first Cyber Insider Threat Workshop.

More than 100 cyber, security and acquisition professionals from more than 30 organizations attended. Representatives from the MSA office, Air Combat Command, Air Force Research Lab, 24th Air Force, Carnegie Mellon University, C3I Infrastructure Division, MIT Lincoln Laboratory and MITRE discussed current mitigation efforts and how they fit into the ITU model.

According to MSA officials, there were two main takeaways from the event.

"The cyber insider threat is complicated, difficult to define and a challenge to defend against," Krueger said. "The ITU model is a useful tool that can be used to help define these threats, but it is a constantly evolving concept."

Krueger also called for more effective communication across the Air Force, government, and other agencies throughout the DOD.

"Communication is the only way synergy can be developed across the board," he said. "Making the community aware of currently used technologies, as well as equipment and software that's being tested and fielded by facilities like the MSA Lab, is critical to solving this problem."

Over the last year, the demand for MSA-vetted technologies has increased exponentially. In order to keep up with testing and analysis, the lab increased from two to seven engineers plus support from MIT Lincoln Laboratory, MITRE and various contractors.

Recently, Maj. Gen. Craig Olson, the C3I and Networks Directorate program executive officer, presented MSA's areas of interest to industry during the annual 2015 New Horizons event in Newton, Massachusetts.

"Not only is this a great opportunity to bring our efforts to light outside of DOD agencies, but it will also allow us to gather valuable feedback on how our industry partners deal with insider cyber threats," Olson said.

Since the MSA team was created, they've stood up a testing lab, developed a threat model and organized a forum fostering dialogue among other DOD agencies -- all in the name of cyber security.

"In order for us to successfully mitigate the cyber insider threat problem, organizations across the DOD must work together; technological, physical and administrative solutions should be leveraged across the DOD IT enterprise," said Col. Jeffrey Kligman, the Special Programs Division senior materiel leader. "Communication and innovation are key to securing our computing environment."

Engage

Twitter
The Installation Resilience Operations Center prototype is a game-changing solution for enhancing base security, em… https://t.co/ATHhejDoQJ
Twitter
“It’s important that you will be able to lead through complex challenges,” @GenCQBrownJr said. “I really want to ch… https://t.co/UI86usPVtO
Twitter
VCSAF Gen David W. Allvin visited various @AFResearchLab facilities to see how the 711th Human Performance Wing is… https://t.co/F5tpk0Mabc
Twitter
Invisible Wounds: Signs and Symptoms The Invisible Wounds Initiative, an @AFW2 Support Program, leads in creating… https://t.co/4SeYhlQuua
Twitter
Maggie Gee and Hazel Ying Lee were two of the first Chinese-American aviators to join the Women Airforce Service Pi… https://t.co/txl43oLLRs
Twitter
RT @USAFCENT: Listen to SrA Francis Andrew, assigned to the 332nd Air Expeditionary Wing, tell his story as one of the 'Lost Boys of Sudan.…
Twitter
#ICYMI Aircraft loaded with #COVID19 supplies left @Travis60AMW, California, bound for India. This shipment was jus… https://t.co/YdYFniZyok
Twitter
“While there are a lot of people who have done great things in the #AirForce, we wanted to recognize diversity and… https://t.co/bTH2aP5emk
Twitter
“It is a real honor, and I wish I could be there in person,”@GenCQBrownJr said during his acceptance speech. “I’d r… https://t.co/DH5Ou832K5
Twitter
RT @RealAFOSI: 1/ OSI's Guam based Detachment 602 recently spent time strengthening relationships throughout the Commonwealth of the North…
Twitter
RT @grandslamwing: Mobilizing to assist - anywhere, anytime. Members from #TeamAUAB aboard a C-17 from @TeamCharleston took off to assist t…
Twitter
RT @AirNatlGuard: .@HiAirGuard Airmen deployed to California to participate in exercise Sentinel Response 2021 alongside @CalGuard Airmen a…
Twitter
.@GenCQBrownJr and @cmsaf_official discuss the best ways to help Airmen's talent to bloom. #Airmen #Questionshttps://t.co/GGDHJkiOOb
Twitter
Airmen at the 149th Fighter Wing, Texas, demonstrated an autonomous machine solution for an @AFWERX innovation init… https://t.co/5ZGnnOPfYi
Twitter
During a quarterly senior leader review, @KesselRunAF & @USAF_ACC leaders agreed the Air Operations Center Weapon S… https://t.co/FnXQYIiG86
Twitter
RT @SecAFOfficial: #PublicServiceRecognitionWeek starts today! This is a chance to acknowledge the civil servants who dedicate themselves t…
Twitter
#ICYMI - The Air Force Employee Assistance Program has expanded the available resources available to #AirForce civi… https://t.co/t1eC1eRPfb
Twitter
RT @PACAF: #Airmen from PACAF conducted bilateral training with @JASDF_PAO (Koku-Jieitai) to enhance joint deterrence and response capabili…
Twitter
For 40 Airmen, the standard, manual deployment process averages four hours & 15 minutes per Airman from start to fi… https://t.co/Q8clDOwq3g
Facebook
The newest Air Force Podcast recently dropped. Listen to a small snippet of CMSAF Kaleth O. Wright talk with Staff Sgt. New about resiliency. Listen to the entire podcast on Youtube: https://go.usa.gov/xpnAD or Subscribe to The Air Force Podcast on iTunes: https://podcasts.apple.com/podcast/the-air-force-podcast/id1264107694?mt=2
Facebook
Our mantra, "Always ready!" It's the spirit we fly by! #B2Tuesday
Facebook
Need some motivation to get your week started off right? Listen as CMSAF Kaleth O. Wright weighs in...
Facebook
The U.S. Air Force Academy gives its cadets some unique opportunities. Ride along one of this opportunities.
Facebook
A United States Air Force KC-135 Stratotanker refuels an F-22 Raptor over northern Iraq, Nov. 6, 2019. U.S. Central Command operations deter adversaries and demonstrate support for allies and partners in the region. (Video by Staff Sgt. Daniel Snider)
Facebook
Although the Silver Star is the third-highest military medal, it's not given often. Today, TSgt Cody Smith was the 49th Special Tactics Airman to receive this medal since Sept. 11th, 2001. Read more of TSgt Smith's amazing story: https://www.airforcespecialtactics.af.mil/News/Article-Display/Article/2024815/special-tactics-airman-battled-through-injuries-awarded-silver-star/fbclid/IwAR2LZWwx1VHdTnQe39rIEBOuJS_0JvMQBBGt7I-E6zsxxn-Lx9387yu43Bc/ Cannon Air Force Base Air Force Special Operations Command United States Special Operations Command (USSOCOM) U.S. Department of Defense (DoD)
Facebook
Tune in as our Air Force musicians along with other military musicians are awarded the National Medal of Arts.
Facebook
Like Us
Twitter
1,346,466
Follow Us