The US Air Force Special Operations Command (AFSOC) incorporated defensive cyberspace operations into the training objectives of the Emerald Warrior 22.1 exercise.

The exercise involved testing the effectiveness of a real-time cyber intrusion detection system on an aircraft.

The training was conducted by AFSOC staff in collaboration with two mission defence teams (MDTs) and a commercial cyber security company, Shift5.

As part of the exercise, two MDTs were employed with the cyber defence correlation cell to assess the viability of deploying such teams to protect the weapon systems from cyberattacks.

The exercise also included testing a cyber-incident response software tool within the Cyberspace Vulnerability Assessment/Hunter to help MDTs conduct cyberspace defence operations.

The two MDTs leveraged Shift5’s technology to test their training and raise awareness about cyber threats.

For the exercise, the AFSOC developed a realistic scenario that involved a flying aircraft experiencing events of unknown origin leading to the discovery of a cyber threat.

The mission computer failures were then reported by a sortie, which took steps to enable the aircraft to ‘limp home.’

After the aircraft landed, the maintainers and 901st Special Operations Aircraft Maintenance Squadron conducted a cybersecurity check, and the MDTs started the work.

The work performed by MDTs allowed the maintainers to avoid replacing mission computers, which cost around $750,000 each.

The realistic environment evaluated and honed the mission-planning, analysis and technical skills of participating MDTs.

Furthermore, the scenario allowed the intelligence and battle-staff members, cyberspace users, aircraft operators and maintainers to see the first-hand impacts of cyber threats on the weapon systems and the aircraft’s avionics.