By Lt. Darius Radzius, U.S. Fleet Cyber Command / U.S. 10th Fleet
Chief Warrant Officer Scott Bryson works in Defensive Cyberspace Operations and Department of Defense Information Network Operations. He said his team initially made the discovery of the problems with the network, “We identified that [the Navy] had over 14,500 known issues across the DoD network.”
He also recognized the urgency to resolve these issues “We’re always going to be vulnerable to anybody that has any malicious acts and that can be anyone with a keyboard. The longer the vulnerabilities remain, the more susceptible we are to attack. You’ve got to shore up what we’re vulnerable against and we have to take actions to make sure that we’re secure. That’s what this is all about,” Bryson said.
The U.S. Navy relies on a number of computer applications provided by commercial providers including commonly used Microsoft programs such as Outlook, Power Point, and Word. Sandy Radesky, deputy chief information officer at Fleet Cyber Command, said “The partnerships the Navy has with various commercial providers that support Navy missions puts us in this gray space that we have to constantly synchronize with our providers and [we need to] understand of who's doing what to protect our attack surface.” This is why Radesky authorized the execution of the Operation.
Bryson sought Navy reservists from within and outside the command and he said they didn’t necessarily need computer experience. “If you’re trainable, I can show you what to do and then I’ll set you free,” Bryson said.
Petty Officer 2nd Class David Lucas, a Yeoman who does administrative work from Wichita, Kansas, was one of about two dozen who volunteered for this mission. “This was different than anything I’ve ever used before, but it was very intuitive. Once they explained to me what the words all meant, and which ones I was supposed to work on… once I got the basics down, it was much easier,” Lucas said. He also credited his teammates and leadership for always being available to help.
In March, Bryson’s team quickly and aggressively resolved thousands of vulnerabilities in the network. “I will say [it was] a huge success. We were able to… get 23% remediation actions out of the original 14,500 discrepancies,” Bryson said. He says the intricacies of the various Navy networks makes resolving each vulnerability complex. At the end of the first phase, Bryson said they had to evaluate the effectiveness of each resolution and assess the impact they had on the system, positive and negative.
Radesky said the diverse skillsets of the Navy reservists were invaluable, “[We] were able to leverage those skills across multiple teammates within the reservists that came in to be able to create this repeatable process. And they did it so quickly. I mean, we did this in about 30 days, and with 22 reservists.”
Rear Adm. Stephen Donald, vice commander, U.S. Fleet Cyber Command and U.S. 10th Fleet said, “This operation demonstrated the strength, responsiveness, and expertise our Navy Reservists offer. Fleet Cyber Command was able to mobilize a team of reservist quickly to execute an urgent mission. With warfighting readiness as our primary mission, this was a clear example the value reservists provide to the defense of the United States.”
Bryson says this operation is especially important in a time of increased conflict worldwide. Cybersecurity and Infrastructure Security Agency (CISA) says cyber threats have increased. Bryson says the cyber attacks can be launched from anywhere and by anyone whether it’s a coordinated by another country, a rogue actor, or someone with curiosity, testing out his or her computer skills.
“Network cyber hygiene is very paramount. If we didn’t do this, then we just have additional vulnerabilities and if you have too many vulnerabilities, someone’s going to exploit them and potentially in a bad way,” Bryson said.
After evaluating the success of the operation, Bryson says he’s now preparing to execute the second phase of the operation this summer with the goal of tackling an additional 50 percent of the vulnerabilities.
“So now that the foundational piece has been done for the most forward facing, and most critical vulnerabilities, this next phase is going to go faster, and will be easier because we’ve already established the lanes in the road,” Radesky said. She says this will now be a regular effort where the active duty personnel will work with reservists to continuously identify and resolve vulnerabilities in Navy networks.
Searching for vulnerabilities in the network will continue after the conclusion of Operation Cyber Dragon said Bryson, “Our attack surface is always going to change across anybody’s network. Whether it’s a commercial business, military or government, your attack surface varies all the time from malicious hackers that are trying to
poke and prod you. We’re always going to have vulnerabilities. We know that, but it’s how we handle the vulnerabilities that we know that are out there and how we address them.”
However, he says continuation of operation Cyber Dragon will better maintain the fortification and resiliency of the Navy’s networks to stand against attacks from our adversaries.