The U.S. Army sends its units to train at installations where combat situations are staged to hone battle skills. Cyber training is not a significant part of the program. That’s got to change, according to cyber warfare experts at Raytheon. “The first shot fired in battle might not be kinetic; it might be a cyber shot, like taking down a power grid,” said Bill Leigher, Raytheon director of cyber warfare and a retired Navy rear admiral.
Cyber forces should be embedded with fighting forces during all training exercises and real-world engagements, according to Leigher.
“We’ve made progress in the past five years of thinking of cyber as a warfighting threat, but not significantly,” Leigher said. “When a brigade combat team goes to Fort Irwin or when the Air Force goes to Nellis Air Force Base for exercises, there are a lot of training objectives to meet and very few of them deal with cyber.”
Military cyber forces need to be integrated into tactical operations to protect friendly networks and weapons systems and take offensive cyber effects to an adversary, according to Leigher. The goal: to deny, disrupt and degrade the enemy’s critical operations.
Leigher cites the U.S. Army Cyber Center of Excellence at Fort Gordon, Georgia, as one of the best examples of the military’s progress in cyber.
“The Army has created a cyber campus for a good portion of its cyber forces, where soldiers can train and conduct operations in the same space and place,” Leigher said. “Soldiers can go from a skills maintenance environment, practicing mission rehearsals and even move to a real-world system and execute a mission.”
The Pentagon will likely need to develop tools that incorporate current, keyboard-based tradecraft into cyber weapons systems that even the most junior cyber soldiers can be trained to use, he said. That will help scale the military’s cyber forces and deploy cyber to the front lines.
Over the next decade, the Army and other military branches will begin using a fully immersive training environment that combines virtual reality, augmented reality, live exercises and distributed training, according to Pete Vangjel, Raytheon vice president of Global Training Solutions and a retired Army lieutenant general.
“The key characteristics of future training are that it will be synthetic, adaptive, responsive and distributed; delivered at the point of need,” Vangjel said. “Now, in many cases, soldiers have to travel to train. Very soon, they will be able to do that from their computer wherever they are. They’ll be able to get online into a persistent, secure environment and experience a full training regimen anyplace in the world.”
Vangjel sees soldiers practicing drills, procedures and scenarios in a virtual training environment that incorporates live, virtual, constructive and gaming concepts. It will be designed for full-spectrum training for cyber forces, through automated tools that simulate realistic threats and measure individual and team performance.
“It will be adaptable, using artificial intelligence to assess and grade a soldier’s cyber skills, identifying training gaps and weaknesses, providing feedback … and ultimately, teach them in real time how to counter threats,” Vangjel said. “This environment will keep pace with the current threats, providing new scenarios as fast as hacking and cyber attacks occur.”
Vangjel believes that a persistent cyber and synthetic training environment, as a joint Department of Defense capability, is in the very near future. It will support multiple, simultaneous training events and increase cyber readiness across the armed services. It will be scalable to support individual, team and unit training, as well as large-scale exercises, mission rehearsal and the development of tactics, techniques and procedures.
“The enemy of the future isn’t going to attack just a specific service; whoever is on the network will feel the pain,” Vangjel said. “All the branches of the military will need to protect our country’s networks collectively. We’ll need all forces to be capable of identifying potential network threats and ensuring our cyber professionals are world-class offensive and defensive cyber specialists.”
Vangjel said that hackers have an initial advantage; it’s difficult to predict and anticipate their next move. For that reason, he believes that we can’t rely solely on automated defenses. We’ll always have humans in the loop.
“Our soldiers must also study the behaviors and psychology of hackers and potential network cyber attackers,” Vangjel said. “What makes them tick? What are their motivations, and how does their behavior manifest itself? We must always seek to know our enemy.”