Cyber confusion. What is the airforce talking about?

Cyber confusion. What is the airforce talking about?

Summary: If you are like me your eyes cross and you feel a ringing in your ears when you are exposed to military-speak. The acronyms are fun and server to separate insiders from outsiders, kind of a tribal thing.

SHARE:

If you are like me your eyes cross and you feel a ringing in your ears when you are exposed to military-speak. The acronyms are fun and server to separate insiders from outsiders, kind of a tribal thing. But is sure makes it hard to figure out what is really going on. Take Ellen Messmer's article today in Networkworld orld Magazine. She interviews Air Force Lt. Gen. Robert Elder who is head of the Air Force "Cyber Command."

Now let me warn you, the military uses the word "cyber" as a noun. When a military guy says "cyber is important" he means something like "networks are important". So, while "Cyber Command" should mean using networks to provide command capabilities, the air force has abused our language once again because what they seem to mean is "network management". In other words there is now one group within the air force responsible for network management and it is headed up by Lt. General Robert Elder.

OK, so what does he say?

NWW: The Air Force has obviously made use of networking for a long time, so what's really different about the Cyber Command?

Elder: We differentiate between computer network security and computer network defense. Once you're through the gate, you're in, so we look at that as hostile territory. It's inside defense. Right now, most of what we do today is computer network security. But we know our adversaries will attack, and we need training and cyber tools.

See what I mean? Hard to de-cypher. "Once you're through the gate, you're in" I love that. NWW: What kind of attacks are of concern?

Elder: Phishing, for example, is a type of attack. We're arming airmen with the skills to recognize a phishing attack. We're installing tools to check URLs. We're integrating commercial products with our own host-based security systems.

Phishing? Phishing is a problem? Are you starting to get worried here?

NWW: How many people are in the Cyber Command today?

Elder: There are at least a few thousand people now and it will grow to between 5,000 and 10,000. Many people are re-assigned from all over the Air Force. The goal is to be fully established by October. We can't do anything without cyber — today, we talk about operations in the cyber domain.

At first reading I thought he was talking about 10,000 people doing cyber security. But this number must mean 10,000 people in IT, right? Those parts of IT that have not been outsourced to EDS that is.

But, good news. The new Cyber Command is going to make some radical changes:

NWW: What steps can you take?

Elder: We're putting a lot of things in place, like moving toward a policy on our firewalls to deny all except by exception.

Yikes, let me check the date on this article. Maybe it is from 1995? That was when the rest of the world figured out firewalls. Nope, 01/23/08. This just reinforces my image of most military operations when it comes to security: they are in the Twilight Zone, a world of their own, completely separated from reality, and most unfortunately, completely unprepared to face their enemies.

Update: Thanks to John Andrew Prime of Gannet for this helpful clarification: LTG Bob Elder is the commander of the 8th Air Force and the Cyber-Strike action component of Air Force Cyber Command (Provisional), but the actual commander of AFCYBER(P) as the U.S. Air Force calls it, is Maj. Gen. William "Bill" Lord. he answers directly to USAF Chief of Staff Gen. T. Michael Moseley. You can see all the top commanders of the new command at its Web page, http://www.afcyber.af.mil/

Topics: Hardware, CXO, Networking, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Parts of Speech and Data Types

    I understand that recently educated journalists may not know much about the military, but I would have expected that there would be somewhat more understanding of English grammar. In the phrase, "Cyber Command," "Cyber" is used as an adjective. In comparison to computer programming, English words are not strongly "typed," so it is possible for a given word to be used as different parts of speech. The ordinary noun type indicators in English are the articles (a,an, the).

    I can use "cyber" as a slangy verb, ..."I like to to cyber",.. but I have a bit of trouble using "cyber" as a noun in a sentence. something like, "The cyber used by Nashi in Russia was not effective against Estonia." seems to be missing something... like the noun "attack."

    Best Regards from an old Air Force cyberist.
    Seryy Volk
    • Nice

      Exactly. Cyber is so often an adjective it is hard to hear it used as a noun.
      RStiennon
  • Proper commander

    I cover this new command for the Gannett daily here. LTG Bob Elder is the commander of the 8th Air Force and the Cyber-Strike action component of Air Force Cyber Command (Provisional), but the actual commander of AFCYBER(P) as the U.S. Air Force calls it, is Maj. Gen. William "Bill" Lord. he answers directly to USAF Chief of Staff Gen. T. Michael Moseley. You can see all the top commanders of the new command at its Web page, http://www.afcyber.af.mil/

    John Andrew Prime
    Shreveport, LA
    japrime@...
  • Not getting it

    The Air Force vision of cyberspace and operations within it is much more than just networks and network security. The fact that those leading it don't articulate the specifics of true network security doesn't mean the Air Force is 20 years behind the commercial sector. Asking the general about details behind computer network defense and firewalls is like asking a general who was a fighter pilot to detail the data bus architecture in the F-22. They are very smart people, but they are more concerned with leading the organization and don't need to be the subject matter expert.

    For the Air Force, Cyber operations take much more into account than just neworks. The cyber domain as a warfighting domain encompasses any operation which exploits the electromagnetic spectrum - from electronic attack, electronic countermeasures, directed energy, comminucations, info attack via radio and tv (much like Radio Free America), to and including computer network attack and defense. These are just a few examples. The issue facing the military is that discussion of cyberspace as a warfighting domain is relatively new and we are just now beginning to realize the scope of effects that can be achieved in cyberspace and how those effects can enhance operations in the other warfighting domains. More importantly, we now understand just how reliant we are on control of the cyber domain and how loss of control there can lead to loss of superiority in any of the other warfighting domains.
    buzzf16@...
  • RE: Cyber confusion. What is the airforce talking about?

    It seems the reporter is the one who doesn't understand or has the ability to interpret the data. Explaining the cyber domain and how we'll engage it takes more than just a few Q and As and sometimes no matter how much it's explained, some folks can only come away with partial understanding or ability to then tell others about it. One thing that will help is when the Air Force publishes its doctrine and policies and outlines the scope of what the command will lead. Of course, one must realize that we won't be blabbing about all our capabilities just as the special ops guys don't routinely discuss their ongoing operations. Suffice it to say that operations involves many partners, a huge amount of skill and technical know how and don't blame the generals if a reporter dumbs down the information too much ... or not enough.
    karen.petitt@...
    • Great point but...

      What is even meant by the "cyber domain"? There is a huge security industry built around fighting cyber threats, yet that industry does not use this term.

      Defending against intrusions by hackers, hobbiests, and foreign nationals is simple:

      Harden internal systems with latest patches and limit ports they listen on.
      Institute complete access control to all applications and systems.
      Encrypt all information at rest. I mean it. All.
      Encrypt all information that crosses NIPRNET
      Block everything that is not explicitly allowed at EVERY gateway.
      Audit and enforce these measures with real penalties for lack of compliance.

      Too expensive? Too hard? Should be easy with resources that include 10,000 personnel.

      -Stiennon
      RStiennon
  • It won't get better in Louisana

    If the command stays in Louisana, it will just get worse. What kind of "cyber" professionals will move to Shreveport/Bossier Louisana? We may see much more 1985 Cyber Warfare innovation.

    Personally, I think Colorado Springs is the place (where www.city-data.com lists the primary male profession as "Computer Specialist").
    Aaron Moore