[ISN] Air Force Draws Weekend Cyberwarriors From Microsoft, Cisco

From: InfoSec News (alerts@private)
Date: Mon Aug 13 2007 - 00:09:48 PDT


http://www.wired.com/politics/security/news/2007/08/262nd

By John Lasker   
Wired.com
08.07.07

If the U.S. Air Force is ever ordered into a cyberwar with a foreign 
country or computer-savvy terrorist group, the 100-plus citizen 
cybersoldiers at the Air National Guard's 262nd Information Warfare 
Aggressor Squadron will boast an advantage other countries can't match: 
They built the very software and hardware they're attacking.

That's because the 262nd, based at McChord Air Force Base outside 
Tacoma, Washington, draws weekend warriors from Microsoft, Cisco 
Systems, Adobe Systems and other tech companies, in a recruitment model 
that senior military leadership is touting as vital to the Air Force's 
expanded mission to achieve "dominance in cyberspace."

"We ... must capitalize on the talent and expertise of our Guard and 
Reserve members who may have direct ties and long experience in 
high-tech industry," wrote Secretary of the Air Force Michael W. Wynne 
in a recent issue of the Air and Space Power Journal, an Air Force 
publication. "We must be prepared to defeat our enemies by using 
combined arms -- air, ground, sea, space, and cyber weapons systems."

Created out of a combat communications squadron in 2002, the 262nd was 
commissioned to carry out simulated cyberattacks within the Air Force. 
But the Air Force's determination to develop an offensive cyberwarfare 
capability has been well-known since December 2005, when the service 
formally revised its mission statement to announce that airmen and 
airwomen would henceforth "fly and fight in air, space and cyberspace."

The military's new focus on recruiting talent from high-tech companies 
raises a potential conflict of interest. Cisco's routers and switches 
are considered the nervous system of the internet worldwide. Microsoft 
and Adobe products are used by hundreds of millions across the planet, 
and have suffered from programming errors that make them vulnerable to 
attack -- which sometimes remain a secret inside the company for weeks 
or months before they're patched.

In the hands of an offensive cyberwar unit, advance knowledge of serious 
vulnerabilities could be devastating, says Robert Masse, a reformed 
hacker who founded Montreal-based computer security firm GoSecure. 
Cyberwarfare is "all about knowing exploits no one else knows about," 
says Masse. "You need the exploits to break in.... The people with the 
most exploits win."

Some countries -- notably China -- have voiced concerns that Microsoft 
might pack backdoors in its closed-source operating systems and 
applications. In an effort to curb distrust, in 2003 Microsoft signed a 
pact with China, Russia, the United Kingdom, NATO and other nations to 
let them see the Windows source code.

But the company is mum on whether it sees ethical problems in its 
engineers working part time for a military unit dedicated to hacking its 
products.

"Microsoft does not hold specifics about employees that are supporting 
the 262nd," says a Microsoft spokeswoman. "So to this end, there really 
is no comment on the types of work they are doing." Cisco and Adobe also 
declined to comment.

Cybersecurity expert Richard Forno, who runs infowarrior.org, praised 
the recruitment effort. "The whole idea of an offensive information 
warfare unit, particularly a computer network attack unit, is to build 
capabilities for possible exploitation down the road," says Forno. "It 
just so happens the U.S. is lucky that the companies building the 
world's most popular and widely used IT products are based in the United 
States."

Guardsmen and reservists serve one weekend a month and two weeks a year, 
and are subject to being called to active or full-time duty for stints 
ranging from a handful of months to several years.

Even though the 262nd is named an "aggressor squadron," much of its work 
is defensive in nature, says Maj. Philip Osterli, a public information 
officer representing the unit.

"They do look at adversarial threat packages from all across the board," 
he says. "We do not have a charter allowing us to conduct CNA (computer 
network attacks)."

In addition to the 262nd, the Air National Guard draws from tech 
companies to staff the 177th Information Aggressor Squadron in Kansas, 
while both the 67th Network Warfare Wing and the Air Force Information 
Warfare Center recruit from the tech-heavy "Austin corridor" in central 
Texas, Wynne wrote.

For this year's defense budget, Congress approved $800,000 for the 
planning and design of a new training and operations facility for the 
262nd.


____________________________________
Attend HITBSecConf2007 - Malaysia 
Taking place September 3-6 2007 featuring seven tracks of technical 
training and a dual-track security conference with keynote speakers 
Lance Spitzner and Mikko Hypponen!  -  Book your seats today! 
http://conference.hitb.org/hitbsecconf2007kl/



This archive was generated by hypermail 2.1.3 : Mon Aug 13 2007 - 00:21:12 PDT