Hardening the 557th WW’s cyber defenses

  • Published
  • By Paul Shirk
  • 55th Wing Public Affairs

In order to deliver timely, accurate, and relevant weather information in support of military operations in the air, on land, at sea, or in space, the 557th Weather Wing must work in and through cyberspace — without cyber readiness the weather mission fails. From maintaining the Air Force’s $322 million strategic weather computing complex to managing the flow of weather data to defending against cyber adversaries, about 20 percent of the wing’s Airmen are assigned to cyber roles.

Like in the other war fighting domains, there is no guarantee of U.S. dominance in cyberspace. In fact, the 2018 National Defense Strategy calls out cyberspace as a contested domain.

Because of this, the 557th WW is taking steps to protect and harden its cyber infrastructure, a tall order considering the complexity of the systems and data streams involved.

That order falls to Maj. Marc Johannsen, the wing cyberspace systems officer for the 557th. Johannsen’s mission is to maintain and improve the wing’s cyber readiness.

“Cybersecurity is a part of the conversation from acquisition all the way through the decommissioning of systems,” Johannsen said. “The simple truth is that we have to protect our cyberspace systems in order to be ‘cyber ready’ or else we will not be able to give the warfighters what they need for mission success.”

Due to the importance of the mission, Johannsen – a reservist – is serving on active duty orders until a permanent replacement for his position is available.

Up until a few years ago, operations used to take priority over the needs of cyber security.

“Operations always took priority over making sure the system was patched and secure,” said Senior Master Sgt. Jennifer Samson, superintendent of the 2nd System Operations Squadron. “But you take a huge risk when you’re not ensuring the system is secure by harboring vulnerabilities that may compromise vital data disseminated to support missions around the globe, thus jeopardizing those operations.”

One of the wing’s efforts to increase cyber readiness is the creation of its own Mission Defense Team, based in the 2nd Weather Support Squadron.

“2nd WSS’s MDT is comprised of highly skilled cyber warriors, both military and civilian, who specialize in defensive cyber operations,” said Michael Schlott, MDT lead. “Specifically, the MDT has been employed to hunt, find, and fight the adversary in cyberspace to ensure the 557th WW can accomplish its core missions.”

Developed and funded internally, 2nd WSS is standing up the MDT three years sooner than if it had been sourced from higher headquarters. They answered the wing commander’s challenge based on the Secretary of the Air Force’s priorities, building a team that can proactively counter cyber threats.

“By utilizing organic resources, the 2nd WSS capitalized on decades of experience and intimate knowledge of weather's networks, systems, and data flows to bring this capability online fast,” Schlott said.

Not to be outdone, the 2nd System Operations Squadron built their own specialized Host Based Security System and are rolling out its capabilities across the enterprise.

“HBSS will help us lock down over 2,000 servers so any change will be known,” said Jeffrey Rife, 2nd SYOS operations flight director. “HBSS is going to provide us with unified command and control of several deployed security products and the ability to automate security responses across the enterprise. If a bad actor comes in and tries to do something nefarious, we’re going to see it, be able to block it and take action. It’s mandatory for the entire DOD, we are getting after it organically within our squadron.”

2nd SYOS’ HBSS was stood up due to concerns that standard security updates from the Air Force Network Operations Center would cause unforeseen problems with the specialized weather systems used by the wing.

Creating an HBSS for the wing’s complex enterprise with supercomputers was made easier by reaching out to a partner that had gone through similar challenges.

“We visited the Navy’s Fleet Numerical Meteorology and Oceanography Center in Monterey, California, to learn best practices for building and operating HBSS with a high performance supercomputer,” Rife said. “We then stood up a team of three people in our Network Management Section to optimize HBSS in our supercomputing environment.”

The MDT and HBSS are both aimed at strengthening cyber security for the long term.

“We’re looking at ensuring our cyber defenses are hardened to the maximum extent possible today and in the future, this is more than just compliance or some score on the test,” Rife said. “We need to operate securely at all times.”

Not all of the cyber readiness improvements are software-based. Making the 557th WW’s hardware infrastructure more resilient is also a priority.

“Power and air conditioning are the lifeblood of the data center,” Rife said. “Servers need them both to function.”

While a power project is on the books, projects totaling $4 million are already executing and addressing the air conditioning needs of the wing’s High Performance Computing Data Center. These projects are replacing aging equipment, providing improved cooling capacity and creating necessary backups for the existing systems.

“The new cooling farm, computer room air conditioners and new cooling tower add a tremendous amount of resiliency to the data center from an infrastructure perspective,” Rife said.

For the cyber-savvy Airmen at the 557th WW, the renewed focus on both cyber readiness and resiliency will help make their jobs easier in the future.

“It’s refreshing to see that the focus has shifted from being 100 percent operations-focused to realizing that there’s a very important piece to enabling ops, which is our cyber capability,” Samson said. “The community is realizing that in order to assure data integrity for the global weather enterprise, we must take measures to secure, protect and defend our cyber systems and infrastructure.”