January 7, 2013
By Brian Murphy
It might be difficult for some to comprehend now, but there was once a time when opposing militaries lined up across from each other on a battlefield and settled their differences in close-range combat.
These days, conflicts are often fought with more unconventional methods -- against increasingly-intelligent enemies using any and all available resources to further their agenda.
With computer-savvy individuals inserting themselves into the fight, weapons are no longer the only way to damage an adversary.
All it takes is for one hacker to get his hands on certain classified information and the balance of power can shift dramatically.
This is why the members of the 2nd Battalion, 1st Information Operations Command (Land), provide such a valuable service to today's Army.
"We're here to primarily help the Army's network defenders to be better prepared for hackers," said Lt. Col. Donald Bray, battalion commander, 2nd Battalion, 1st IO Command. "We utilize and replicate many of the methods used by hackers to better train those network defenders. So we'll go to unit exercises and play an adversarial role to test for vulnerabilities, improve response actions and improve reporting."
When Bray first came to the unit in April 2011, the battalion's primary focus was computer network defense. Since then, however, their mission has changed and now the unit has assumed the role of cyber opposing force.
"We've done vulnerability testing in the Army for a while now, but this takes it to another level," he said. "Our sole mission is to make Army network defenders better. But rather than pointing out a list of vulnerabilities, we're now taking actions to cause a certain effect and impact their operations. This way, we're forcing the unit to take action and address the situation with an appropriate response.
"We're doing what adversaries do," Bray continued. "We're trying to gather information and use it against you to prevent you from conducting your operations."
A small team of Soldiers and contractors from 2nd Battalion, 1st IO Command, traveled out to the National Training Center, at Fort Irwin, Calif., for three weeks in March to do just that.
As if a standard training exercise isn't challenging enough, this unit also had to deal with a small group of 2nd Battalion, 1st IO Command, hackers who were lurking in the shadows searching for vulnerabilities in their network and seeing what sensitive information they could get their hands on.
"It presents a major challenge to those units, but it is necessary in this day and age to help prevent people from gaining unauthorized access to secure information," Bray said.
Staff Sgt. Jeffrey Roy, a computer network operations technician with 2nd Battalion, 1st IO Command, was on that team and relished the chance to engage in a chess match, of sorts, with the unit who was there conducting their pre-deployment training exercise.
"Even though I never formally met the individual who was defending their network face-to-face, it was a test of skills between us to show them a proof of concept," Roy said. "We wanted to let them know 'Hey, if you don't do this, these types of things can happen.' If nothing else, that is going to improve the way they conduct business. And that's huge because, at the end of the day, it's going to make their network more secure and change the way they do business."
These exercises also provide invaluable practical experience to the 2nd Battalion, 1st IO Command, Soldiers as well.
"This is all so new for the Army and the environment changes so often, that the training needs to constantly be updated," Bray said. "We see new techniques and vulnerabilities in the news every day, which is why it takes about two years to fully train a cyber operator."
It takes a certain type of Soldier to handle the pressure of working in such a constantly-evolving environment. And sometimes, it involves a little bit of luck as well.
"I actually ended up in this career field by chance," said Roy. "I wanted to re-enlist for the D.C. area, so they sent me to the 1st IO Command and this was the mission of the unit."
Just like that, Roy went from being in the infantry to learning how to be a hacker. While the transition was jarring and the job wasn't something Roy had previously considered, it didn't take him long to realize how much he enjoyed the challenge of his new career.
"It was night and day from what I was used to," Roy said. "But what I quickly found out was that I had an intense interest in this field and a dedication to security of Army networks. Coming from a combat arms environment to this world was an adjustment, but having the opportunity to help out any way I could -- even from a small operator perspective -- means a lot to me."
How different is cyberspace from the world of combat arms? Imagine firing at a target, only to discover a wall has been erected in the time it takes for your round to travel downrange.
"Even in a conventional fight, the landscape has changed to an asymmetrical battlefield," Bray said. "When you look at cyberspace, the difference is even more pronounced because the terrain changes constantly."
Because technology is constantly evolving, these Army hackers must adapt quickly or risk becoming outdated.
"You'll never know everything," Roy said. "The first two years of training that every Soldier goes through really just teaches you the basics. This career field really comes with a lifetime of learning. In order to stay current with the most recent developments and threats, it's a never-ending process."
If Bray has his way, the career field will only continue to expand their horizons moving forward.
"Big picture, we've done a good job," he said. "But we need to take it a step further and start taking active defense measures to seek out and stop these attacks before they even start or before they get too far into our networks."