837th Cyber Operations Squadron brings Cyber Protection to Scott, DoD

  • Published
  • By Senior Airman Joshua Eikren
  • 375 Air Mobility Wing Public Affairs

The 837th Cyberspace Operations Squadron is one of two cyber squadrons under the 688th Cyberspace Wing that stood up Dec. 1, 2015 to support the DoD with Cyber Protection Teams.

Located alongside the Air Force Network Integration Center, the squadron is a component of United States Cyber Command’s Cyber Mission Force and is composed of three CPTs postured to provide rapid, tailored defensive mission assurance to United States Transportation Command’s global mobility operations and Joint Force Headquarters Department of Defense Information Network’s worldwide information network.

“The three CPTs have two different mission sets,“ said Tech. Sgt. Kenneth McCoy, 837th COS cyber warfare operator, detection and counter infiltration. “The 902nd CPT is attached to Defense Information Systems Agency Global and provides mission assurance in the cyberspace domain for operations around the world. 900th and 901st CPTs are attached to U.S. Transportation Command and provide mission assurance to the critical systems that USTC relies on every day to move cargo where it needs to be.”

“We provide support in all domains USTC operates in: land, air, and sea though our cyberspace actions,” said McCoy.

As an Air Force organization, the 837th COS falls under Air Force Space Command, 24th Air Force, 688th Cyberspace Wing and 688th Cyberspace Operations Group.

The 837th COS is one of five defensive cyberspace operations squadrons under the 688th COG. The 837th mentors fellow COG units such as the 835 COS also assigned to Scott AFB.

“The 837th COS are tasked with providing mission assurance to our assigned commands,” said 1st Lt. Christopher Clemons, 837th COS officer in charge, detection and counter infiltration. “Local defenders are spread thin covering a huge network. We don’t protect the network as a whole, we focus on the critical components that facilitate the mission and ensure those through the duration of that mission, then turn it back over to local defenders.”

Clemons added that mission success relies heavily on the cyberspace domain.

Once a mission has been mapped to its cyber dependencies and the risks assessed, an educated decision is made about where to accept risk and where to apply resources to mitigate.

The day-to-day operations vary, but the 837th use their time to train through cyber competitions within the 688th CW.

On March 30 and April 1, the 688th CW held its second cyber competition of the year, Cyberdyne: Cyborg Chronicles.

Teams were from Joint Base San Antonio-Lackland and Scott AFB and consisted of five members. Teams participated in a two-round event.

“This event focused on a castle vs. castle engagement, with teams defending their assigned enclaves and aggressing adversary enclaves,” said Clemons.

The 837th finished first out of three teams on base. Cyberdyne provided teams the opportunity to test and hone their skills in the following areas: vulnerability assessment, packet analysis, penetration testing, system hardening, malware analysis, digital forensics and incident response.

“Defenders must understand an attacker’s methods in order to stop them,” said Clemons. “This real-time back and forth is the CPT version of an active shooter exercises done by Security Forces.”

As CPTs are new to the Air Force, there are no standard operating procedures set in place, so their focus is on learning the new intricacies of the job.

Said, McCoy, “While building relations with our mission partners, we are using our time to get as much training as possible. There are endless tools at our disposal to keep sharpening our cybercraft and we are creating some of the processes and procedures that will be used in future operations.“