The U.S. and coalition partners demonstrated cyber defense concepts during a recent multi-national experiment. Many U.S. officials note they will never fight alone, necessitating the importance of developing templates for coalition operations as coalition cyber operations are still in their infancy.
Bold Quest 17.2 – which was conducted primarily in the Savannah, GA area and seeks to improve interoperability and information sharing – was just the second year that involved a cyber thread during the annual event, now in its 20th iteration.
This year’s cyber thread involved standing up a functional multi-national assessment team that conducted vulnerability assessments and penetration testing on the mission partner enclave and command and control system, Army Lt. Col. Michael Maharaj, Bold Quest 17.2 cyber thread lead, told Fifth Domain in an interview.
These mission partners were Sweden, Germany, Norway, Finland and the U.S. Bold Quest has been described as a coalition of the willing, with participating nations paying their own way to test new technologies or concepts they’ve identified.
The demonstration at the most recent Bold Quest proved that it was possible to share network vulnerability information and find a better way of using vulnerability assessment tools between the mission partners, Maharaj said.
Any nation that federates into the larger mission partner environment network is considered a partner in this space, forming a multi-national team when a conflict breaks out. A vulnerability for one partner effects all partners, Maharaj said. The partners said if they’re able to use the collective technical knowledge that the other partners possess they can become better “not only with our own enclave but when we join the Bold Quest mission network … we will make the environment as a whole more defensible and more hardened,” he added.
Rather than crafting a standard operating procedure stemming from the event, Maharaj said he’s going to write a white paper that makes recommendations to the mission partners that outlines what coalition cyber defense takes, whether they’re an enduring or episodic partner.
Given the uncertainty of who might join these multi-national teams when a conflict breaks out in any one of a number of theaters around the world, Maharaj views the white paper as a blue print that sets the framework for how to go about setting up a multi-national team. It’ll include things to look at, things to consider and what it’s going to take to actually have a multi-national team work together and defend the network, he said.
To get there, however, will actually take forming a multi-national team and then publicizing the benefits of what the team did, he said, noting he is not aware of this being done before.
Last year was the first year a cyber thread was part of Bold Quest and only focused on the U.S. conducting defensive cyber operations with a couple of vulnerability assessments. This year they stepped it up, telling mission partners they were going to conduct a cyber thread requesting willing nations send their experts and moderately trained cyber professionals to discuss how to defend the mission partner environment and perform the hands-on technical penetration testing on the network.
On the U.S. side, participants included cyber protection teams from the Texas National Guard. While multiple CPTs wanted to participate, Maharaj said due to limited resources and limited space it came down to a first come, first serve basis.
The white paper will be shared with Cyber Command, the cyber and C4 directorate at the Pentagon, as well as the joint force development directorate because “we don’t want people recreating the wheel,” Maharaj said.
Information sharing with this space is critical. “We should not be limited by overly restrictive policy but the policy should be modified and built around collaboration and sharing of that information,” Maharaj said.
Many have criticized the over classification and restriction on information shared with partner nations.
Over classification of information “makes it very difficult to operate collaboratively in a multinational environment,” Lt. Gen. Ben Hodges, commanding general of U.S. Army Europe, said last year.
“If I’m a mission partner and I realize somebody’s trying to gain access to my enclave I would hope that that nation shares that information with the partner that’s sitting to the right and left of me,” Maharaj said. “That’s the only way we will be able to defend the mission partner environment.”
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.