Information Warfare: Being The Bad Guy


March 5, 2009: The U.S. Air Force has two rather unique "aggressor squadrons." These do not help pilots deal with foreign aircraft and different tactics, but helps sysadmins (computer network system administrators) deal with foreigners, or Americans, trying to hack into military computers. The 57th Information Warfare Aggressor Squadron is an active duty, while the 177th Information Warfare Aggressor Squadron is a reserve outfit, part of the Kansas Air National Guard. Until 2002, the 177th Squadron flew B-1B bombers. The bomber pilots and their support personnel were replaced with Internet geeks.  Both of these squadrons spend much of their time attacking American military networks, to discover vulnerabilities before a real enemy does.

Since the early 1970s, the U.S. Air Force has been using "aggressor squadrons" of air force pilots flying like foreign ones. These training squadrons used training areas that were equipped with radio towers to collect information on where the participating aircraft were during the exercise, and what they were doing. This was the "Red Flag" training system for exposing American pilots to enemy tactics and equipment. The facilities included "enemy" aircraft (often actual Russian fighters, but also U.S. aircraft flown in the same manner as Russian ones). The "enemy" (or "aggressor") pilots knew how to fight like various enemy pilots (usually Russian, during the Cold War). On the ground, there were mockups of Russian air defense systems, including transmitters putting out the same kinds of electronic signals the Russian gear would.

The Red Flag program was begun when, during the Vietnam war, the air force noted that they were not doing as well against Russian aircraft (used by the North Vietnamese) than they had two decades earlier in Korea. Turns out that the American pilots had become too accustomed to "fighting" other American pilots, using American tactics (which is the way it was done in training).

The air force eventually adapted the "aggressor" technique to other areas. In the 1990s, there was "Project Checkmate," a bunch of brainy air force officers and civilians whose job was to come up with new ideas on how potential enemies could win. Nine years ago, the U.S. Air Force created the 527th Space Aggressor Squadron. The air force needed someone to play the role of enemy space forces in wargames, using information available from publicly available information. The four main specialties of this squadron were; Imagery Exploitation, Electronic Warfare, Red Attack, and Space Control.

The Information Warfare Aggressor role is similar to the "tiger teams" commercial firms hire (and the air force pioneered) to test the defenses of corporate networks. The two aggressor squadrons have increased the quality and quantity of attacks that can be launched against U.S. systems, to see how well the defenses hold up. Members of the squadron then analyze the results of their attack. Finally, the aggressor hackers tell the sysadmins and other concerned personnel of the target unit what they did wrong, and why.





Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close