[ISN] Reserve wants soldiers to protect networks

From: InfoSec News (alerts@private)
Date: Mon Jun 02 2008 - 00:09:34 PDT


By Michelle Tan
Staff writer
Army Times
May 30, 2008

The Army Reserve is looking for soldiers with a knack for information 
technology to help fight the nation.s wars in cyberspace.

"As our dependency upon information technology continues to expand, so 
will the need for soldiers with the capabilities our soldiers have," 
said Col. Wayne Dudding, commander of the Reserve's Information 
Operations Command. "We will keep growing. The requirements are growing 
faster than we can."

The command, based in Adelphi, Md., is the only one of its kind in the 
Reserve; the active Army has the 1st Information Operations Command at 
Fort Belvoir, Va.

About 375 soldiers are assigned to the Reserve Information Operations 
Command, which has five battalion-level units known as information 
operations centers. These centers are located in Adelphi; Devens, Mass.; 
Pittsburgh; San Antonio; and Camp Parks, Calif.

As civilians, they work for companies and organizations as varied as the 
Wichita, Kan., police department, Microsoft Corporation, the RAND 
Corporation and Gartner Inc.

As soldiers, they protect, monitor, analyze, detect and respond to 
unauthorized activity on the Army's information systems and computer 
networks, and employ measures to protect and defend information. They 
defend the Army's computer network, attack those who try to penetrate it 
and use the Internet and technology to gather intelligence from target 
or adversary information systems or networks.

Their skills range from scanning networks for vulnerabilities, security 
training, computer forensics and penetration testing and exploitation, 
better known as hacking.

For practice, the soldiers have their own multimillion dollar network 
known as the Information Operations Range that allows them to hack, 
attack and protect each other.

"With the Internet just exploding, we're forging the way ahead," Dudding 

There is no military occupational specialty for cyber warfare, he said. 
Most of the soldiers are 25Bs, information technology specialists, but 
there also are branch immaterial slots available in the command, Dudding 

The Army also is working on a field manual for cyber warfare that isn't 
expected to be complete for about two years, he said.

"That's what's cool about this - there's no MOS, there's no manual," he 
said. "Our guys go in there and figure it out for themselves. There's no 
playbook, if you will, for what we do," he said.

Lt. Col. David Fraley, commander of Western Information Operations 
Center, one of the five battalion-level units under Dudding's command, 
said the soldiers have managed to blend their civilian careers with 
their military careers.

"We use the same knowledge but -- in the military world," Fraley said.

However, the unit is open to any soldier with an interest in information 

"If you're a young soldier coming on board, the thing to remember is -- 
you don't have to be an Einstein," Fraley said. "We'll send you to the 
25 Bravo school."

The Army also will send soldiers for training and certification, which 
typically are very expensive.

These certifications, which are sought after by civilian employers, 
range from CompTIA Security, CompTIA Network, Certified Information 
Systems Security Professional, Cisco Certified Network Associate, 
Certified Ethical Hacker and Computer Hacking Forensic Investigator.

"We have a training program where we take someone from nothing to 
certified ethical hacker," Fraley said.

The path to certified ethical hacker takes place over a three-year 
period, but it's not necessary to be certified at that level, he said. 
The soldiers in the command have varying levels of certification, and 
those who work in this field in their civilian lives can earn anywhere 
between $56,000 and $123,800 depending on their location and level of 

"Essentially what we are is formalized hackers," Fraley said. "As long 
as our computers are networked, there will always be people out there 
with malicious intent. It's the Army's job to protect against that."

Master Sgt. Randy Stone, who belongs to the Southwest Information 
Operations Command in San Antonio, is a detective with the Wichita 
Police Department.

A military police officer for 20 years before switching to the 
Information Operations Command, Stone helped his civilian colleagues 
capture Dennis Rader, better known as the BTK Killer. Rader, who had 
eluded authorities for years, was arrested in 2005 after he sent a 
floppy disk to the police in an attempt to communicate with them, Stone 

Investigators, including Stone, used the disk to learn Rader's first 
name and the church to which the software Rader had used was registered.

"Up until then, we had 31 years of investigation -- and within 10 or 15 
minutes we knew his name and church," Stone said, emphasizing the 
importance of using technology to fight crime.

The skills he's acquired on the job in Wichita translate into his 
military job, Stone said.

"With our increased reliance on computer networks, the more it becomes a 
target and the more you've got to defend it," he said. "When we drill, 
one of the things I always try to put into context [is] we're not on the 
network, we're on our training range. They need to remember [that] 
regardless if they're using a computer or an M-16, you're still 
defending your perimeter."

It's critical for the military to expand its skills and reach into 
cyberspace, Stone said.

"There's so much damage that can be done," he said. "If someone fires a 
mortar into a compound, that damage is confined to that compound. If 
someone fires something into a mail server, it could affect thousands 
and thousands of people and affect communications worldwide."

Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com

This archive was generated by hypermail 2.1.3 : Mon Jun 02 2008 - 00:21:06 PDT