Westover Cyber Warriors Hone Skills

  • Published
  • By Master Sgt. Grzyb
  • 439th Airlift Wing

Over the March 2023 unit training assembly Citizen Airmen from the 439th Communications Squadron conducted an onsite local Cyber “Predator Range” exercise framed in a classical Red versus Blue team format.

Use of the range allowed both teams to practice tactics, techniques, and procedures ahead of the annual regional Cyber Yankee Exercise in May.

They were led by Capt. Alec T. O’Connor, cyber battle manager, the event kicked off with a cyber intelligence briefing related to APT 41, a real-world advanced persistent threat group. O’Connor followed with a cyber battle mission brief.

Lt. Col. Juan Doan, 439th CS Commander directed the Blue Team. His Citizen Airmen incorporated a Defensive Cyber Operations concept known as an F2T2EA kill-chain.  The process incorporates the steps of find, fix, track, target, engage, and assess, and is modeled after fighter pilots and air battle managers.

The F2T2EA kill-chain was developed in the late 1990s when then Chief of Staff of the Air Force Gen. John Jumper recognized the need for more agile and responsive airpower to become a critical enabler to the joint force.

The Blue Team members utilized F2T2EA to locate and pin down the adversary in the network. Additionally, two different formations – functional and hunt -- were used to seek and identify the adversary.

Key to exercise success was the Predator Range itself, which was created by Tech. Sgt. Matthew Marvin and Staff Sgt. Mark Lozada. The two members built out the range from end-of-life equipment that was slated for disposal.

The exercise concluded with a mission debrief and lessons learned. Doan declared the event a success as it will pay dividends towards his team being better prepared to defend against cyber-attacks and maintain the security of the network.