HomeNewsArticle Display

'Special Program' emerges to combat cyber insider threats

The Mission Solutions Analysis team from Hanscom Air Force Base, Mass., developed the Insider Threat Universe model used to describe how certain technologies protect, in part, the Air Force's secure networks. (Courtesy graphic)

The Mission Solutions Analysis team from Hanscom Air Force Base, Mass., developed the Insider Threat Universe model used to describe how certain technologies protect, in part, the Air Force's secure networks. (Courtesy graphic)

HANSCOM AIR FORCE BASE, Mass. (AFNS) -- It's not often that the public gets to hear about the Air Force's inner workings when pertaining to highly classified networks; however, a special programs team from Hanscom Air Force Base’s Command, Control, Communications, Intelligence and Networks Directorate has recently emerged, making their presence known.

"We have developed an agile and efficient process for delivering solutions that protect against the cyber insider threat," said Lt. Col. Richard Howard, the Materiel Solutions Analysis (MSA) chief.

Unlike other teams within the Special Programs Division, the MSA is the only one that functions outside the classified realm.

The team's mission is to rapidly identify and test government and commercial off-the-shelf hardware and software, and if viable, transition it to the classified arena. However, combating the cyber insider threat on secure networks quickly became one of MSA's primary focuses.

In January 2014, the special programs unit stood up the MSA Lab, where the team tests and scrutinizes commercial and government technologies that could potentially function on a secure network, and at the same time, serve as a deterrent for insider attacks.
The MSA Lab consists of three sections: Level 1, a robust unclassified area used to test incoming technologies; Level 2, which has the potential to perform classified tests; and Level 3, which is a virtual demonstration room.

Since MSA's inception, they have fielded more than 100 proposals on insider threat mitigation technologies from commercial companies, both large and small.

"The MSA Lab is unique, and by design, highly specialized on the needs of a select classified community," said Paul Krueger, the MSA chief engineer. "Being co-located at Hanscom AFB with the Hanscom Collaboration and Innovation Center is important so that when necessary, we can take advantage of its infrastructure for massive joint and multi-nation coalition warfighting experiments and demonstrations."

Upon significant amounts of testing, the Air Force partnered with MIT Lincoln Laboratory and began to notice a common misconception within industry.

"We saw a disturbing trend emerging from companies -- that there is a single solution fix to insider attacks," Howard said. "The cyber insider threat is complex, and to believe a single technology exists that will prevent malicious insiders from stealing, altering or destroying sensitive information is inaccurate."

To better understand and depict the intricacies of this problem, MSA engineers devised a model known as the Insider Threat Universe (ITU).

The ITU concept is comprised of layers that convey how certain technologies protect in part -- but not in all -- the Air Force's secure networks.

Confidentiality, integrity and availability make up the basis of the ITU with information serving as the core. Procedures, policies and monitoring are other items that directly impact information concerns. Specific areas such as data-at-rest encryption and role-based access controls represent technology layers also used to protect information.

The MSA team realized the need to socialize the ITU concept and generate open communication among other Defense Department agencies also faced with growing insider threat problems.

Last month, the MSA office hosted the first Cyber Insider Threat Workshop.

More than 100 cyber, security and acquisition professionals from more than 30 organizations attended. Representatives from the MSA office, Air Combat Command, Air Force Research Lab, 24th Air Force, Carnegie Mellon University, C3I Infrastructure Division, MIT Lincoln Laboratory and MITRE discussed current mitigation efforts and how they fit into the ITU model.

According to MSA officials, there were two main takeaways from the event.

"The cyber insider threat is complicated, difficult to define and a challenge to defend against," Krueger said. "The ITU model is a useful tool that can be used to help define these threats, but it is a constantly evolving concept."

Krueger also called for more effective communication across the Air Force, government, and other agencies throughout the DOD.

"Communication is the only way synergy can be developed across the board," he said. "Making the community aware of currently used technologies, as well as equipment and software that's being tested and fielded by facilities like the MSA Lab, is critical to solving this problem."

Over the last year, the demand for MSA-vetted technologies has increased exponentially. In order to keep up with testing and analysis, the lab increased from two to seven engineers plus support from MIT Lincoln Laboratory, MITRE and various contractors.

Recently, Maj. Gen. Craig Olson, the C3I and Networks Directorate program executive officer, presented MSA's areas of interest to industry during the annual 2015 New Horizons event in Newton, Massachusetts.

"Not only is this a great opportunity to bring our efforts to light outside of DOD agencies, but it will also allow us to gather valuable feedback on how our industry partners deal with insider cyber threats," Olson said.

Since the MSA team was created, they've stood up a testing lab, developed a threat model and organized a forum fostering dialogue among other DOD agencies -- all in the name of cyber security.

"In order for us to successfully mitigate the cyber insider threat problem, organizations across the DOD must work together; technological, physical and administrative solutions should be leveraged across the DOD IT enterprise," said Col. Jeffrey Kligman, the Special Programs Division senior materiel leader. "Communication and innovation are key to securing our computing environment."

Engage

Twitter
Now that's spooky. 😏 As spooky season comes to a close, remember to maintain social distance and wear a mask this… https://t.co/9vZmk57Mmf
Twitter
Maintaining mission readiness. #ReadyAF https://t.co/ZhALhRQgQP
Twitter
The 605th Test and Evaluation Squadron, Detachment 1, recently participated in Astral Knight 20, a U.S. Air Forces… https://t.co/WObBS1CVdM
Twitter
Increasing warfighter capacities The Air Force Civil Engineer Center is leading the construction of $107 million i… https://t.co/1Ff7PEW1Hl
Twitter
"Medic!" 🚑 @KunsanAirBase Airmen participated in medical evacuation training, Oct. 27, 2020. Medical personnel ar… https://t.co/iucvbtLGGB
Twitter
RT @AirNatlGuard: #ICYMI Airmen of the @AKNationalGuard's 210th & 212th RQS rescued an injured hiker at Byron Glacier. Due to inclement wea…
Twitter
The best of the best. Tactical Air Control Party (TACP) Airmen participate in the 2020 Lightning Challenge at Fort… https://t.co/x31SkdJUK4
Twitter
Speaking the same language is crucial when working with our allies and partners. #ReadyAF https://t.co/S78oFS1yMF
Twitter
"Calling search and rescue" @374AirliftWing Airmen participate in a Samurai Readiness Inspection at Combined Arms… https://t.co/16NG8UuD77
Twitter
The two-week exercise is in tandem with the Polish air force near Powidz, Poland. #Partnership #ReadyAF https://t.co/oj2EPRUBSF
Twitter
.@USAF_ACC conducted an experiment known as Agile Flag 21-1 from Oct. 21-29 to test agile combat employment and a n… https://t.co/sZF2HgNUeI
Twitter
The Department of the Air Force will soon conduct focus groups with Total Force Airmen and Space Professionals abou… https://t.co/uPAlbUEYxt
Twitter
RT @AFGlobalStrike: For 50+ years, #MinutemanIII #ICBM fleet has underpinned our strategic force & played critical role in ensuring protect…
Twitter
RT @RealAFOSI: Between Oct. 20 and 21, 2020, Iranian threat actors conducted an information operations campaign by sending emails, masquera…
Twitter
Ready day or night The 8th Fighter Wing at @KunsanAirBase stands ready to conduct counter-air, air interdiction,… https://t.co/8FzXyQPwFo
Twitter
RT @SpaceForceDoD: Vice Chief of Space Operations tests positive for COVID-19 https://t.co/El9DBFkpAg
Twitter
Global reach Approximately 200 Airmen and four B-1B Lancer aircraft with the 9th Expeditionary Bomb Squadron from… https://t.co/XdxCzteeGx
Twitter
Small business partnerships 🤝 @AFWERX is recommending more than 250 proposals as part of its X20D Small Business… https://t.co/vzVcj7Idfc
Twitter
Rapid strategic delivery 📦 The 816th Expeditionary Airlift Squadron, deployed with @USAFCENT, is responsible for… https://t.co/WxSke8iXnG
Twitter
Fulfilling mission-critical requirements The U.S. Patent and Trademark Office recently granted the #USAF a patent… https://t.co/wtf5K6NITn
Facebook
The newest Air Force Podcast recently dropped. Listen to a small snippet of CMSAF Kaleth O. Wright talk with Staff Sgt. New about resiliency. Listen to the entire podcast on Youtube: https://go.usa.gov/xpnAD or Subscribe to The Air Force Podcast on iTunes: https://podcasts.apple.com/podcast/the-air-force-podcast/id1264107694?mt=2
Facebook
Our mantra, "Always ready!" It's the spirit we fly by! #B2Tuesday
Facebook
Need some motivation to get your week started off right? Listen as CMSAF Kaleth O. Wright weighs in...
Facebook
The U.S. Air Force Academy gives its cadets some unique opportunities. Ride along one of this opportunities.
Facebook
A United States Air Force KC-135 Stratotanker refuels an F-22 Raptor over northern Iraq, Nov. 6, 2019. U.S. Central Command operations deter adversaries and demonstrate support for allies and partners in the region. (Video by Staff Sgt. Daniel Snider)
Facebook
Although the Silver Star is the third-highest military medal, it's not given often. Today, TSgt Cody Smith was the 49th Special Tactics Airman to receive this medal since Sept. 11th, 2001. Read more of TSgt Smith's amazing story: https://www.airforcespecialtactics.af.mil/News/Article-Display/Article/2024815/special-tactics-airman-battled-through-injuries-awarded-silver-star/fbclid/IwAR2LZWwx1VHdTnQe39rIEBOuJS_0JvMQBBGt7I-E6zsxxn-Lx9387yu43Bc/ Cannon Air Force Base Air Force Special Operations Command United States Special Operations Command (USSOCOM) U.S. Department of Defense (DoD)
Facebook
Tune in as our Air Force musicians along with other military musicians are awarded the National Medal of Arts.
Facebook
Like Us
Twitter
1,299,343
Follow Us