While the aircrews soared over the Nevada Test and Training Range (NTTR) duking it out with the aggressor fighters, intelligence and cyber specialists fought off “enemy” cyber attacks at the Combined Air Operations Center-Nellis. For the first time in Red Flag’s nearly 40-year history, the 24th Air Force played a significant role as the Cyber Mission Force (CMF), at the Air Combat Command-sponsored Red Flag exercise.
When Red Flag 14-2 started three weeks later, information aggressors were also hard at work. “The integrated cyber domain is key to providing a realistic full-spectrum opposing force training environment for our war fighters,” said Quinn Carman, 57th Information Aggressor Squadron technical lead and team chief.
“”This is an asymmetric capability that we’re scratching at the surface to employ” Brig. Gen. Robert J. Skinner, XO AFCYBER “
“In any modern conflict, our forces are going to face an enemy which will use cyber both directly and indirectly to deny, degrade and disrupt. The 57th IAS is able to bring threat-representative cyber capabilities to the Red Flag Exercise as a part of a complete and integrated Aggressor Opposing Force.
“The warfare centre fundamentally changed how Red Flag is being carried out this year in an effort to fully integrate non-kinetic operations and intelligence, surveillance and reconnaissance capabilities. “Developments happening with cyber and ISR are all in preparation for operations in a contested environment,” said Capt. Andrew Caulk, a spokesman for AFISRA. “We train like we fight.” Changes to the Red Flag construct, which now links scenarios across several days, allowed intelligence to be gathered in a more realistic world setting. This Red Flag was also the first time 24th AF has been fully integrated with the Air Force Intelligence, Surveillance and Reconnaissance Agency.
“This is an asymmetric capability that we’re scratching at the surface to employ,” said Brig. Gen. Robert J. Skinner, the AFCYBER deputy commander. “We are more engaged with Red Flag, allowing more opportunities to provide mission effects at the point of our choosing and at the drop of a hat for joint force commanders to use… We use Red Flag for advanced training to hone our skills, and we continue to learn great lessons to employ in the next one,” Skinner said. “You can see us taking advantage of operations to become better, faster and leaner.” RAAF No.77 Squadron Group Capt. Robert Chipman confirmed,”The immersion into the fog of war is just phenomenal in Red Flag, and that’s what really sets it apart from any other exercises we’ve participated in… You’re expected to be ready to perform in a complex air environment on day one.”
[wlm_ismember]The goal for 24th Air Force, the Air Force’s component to U.S. Cyber Command, was to demonstrate Air Forces Cyber’s progress in implementing U.S. Cyber Command’s CMF construct through the employment of combat mission teams, or CMTs and cyber protection teams, or CPTs. CMTs provided full-spectrum cyber capability for combatant commanders. This was the first time that CMTs were used in this configuration for Red Flag. On the other hand, CPTs protect a specific target and provide mission assurance. In the case of Red Flag, the CPTs protected the combined air operations center at Nellis AFB.
In addition to the CMTs and CPTs various squadrons from the 24th Air Force acted as the cyber defense service provider, which located general threats against the network and practiced enterprise protection.
One of the other key cyber components for Red Flag was the 318th Cyberspace Operations Group, Detachment 2, whose daily mission is to establish cyber operations as credible, replicable combat capability across air, space and cyberspace domains. The detachment worked with the U.S. Air Force Warfare Centre to integrate cyber into the Red Flag scenarios, which allowed cyber operators to fully participate in the exercise. In order for this to happen, effective ranges were built to represent the operating environment for U.S. and coalition forces and intelligence was created to fulfil the needs of the exercise. The detachment worked closely with providers such as the 346th Test Squadron to build a replica of the Air Force Network for the “blue team” to defend during the exercise, as well as create targets for the “red forces” to attack. In addition, the Det. 2 worked with intelligence units, such as the 547th Intelligence Squadron at Nellis AFB to create a realistic back story for the cyber operators to work under.
Red Flag is truly an integration exercise, said Maj. Robert Biggers, the 318th COG, Det. 2 commander. “Operators participated from planning to execution, and all forces, air, space and cyberspace, worked as a collective body to understand how each of their actions affects one another and the mission,” he said. According to Biggers, the red forces and blue forces engaged in a campaign plan against one another responding and adjusting to each other as they would in a real-world conflict. “Lessons were learned and operators applied what they learned from day to day to refine how we can most effectively operate together,” Biggers said. “This is exactly the type of advanced training cyberspace operators need today.”
In addition to U.S. air force, Navy and Army Cyber Command, coalition partners participating in Red Flag 14-1 included the Royal Australian Air Force, flying an E-7A and F-18s, and the Royal Air Force of the United Kingdom, flying Typhoons, GR-4 Tornados, and an E-3D. Red Flag 14-2 included units from all US services, along with units from Belgium, Denmark and Saudi-Arabia.
“Not only did each country bring their own weapon systems to be integrated into the fight, but they brought unique perspectives and expertise,” Biggers said. “The reality is that we fight alongside our coalition brothers and sisters every day. I am glad we are training together at this level, in the Air Force’s largest and most advanced exercise.”
The integration of these different units, branches and partner nations has far-reaching effects. “The fact is that in some past conflicts, and in all future conflicts, we’ll need to work together as a coalition – we need to understand the capabilities that our foreign partners bring to the fight,” Air Force Maj. Nathan Boardman added, “Red Flag gives us all the opportunity to learn how to work together, that opportunity is essential.” Boardman, a space and missile operations officer by trade, was the Red Flag 14-1 team chief, the first non-aircrew team chief in the history of Red Flag. His role in the operation was just one indicator of the increased focus on the seamless integration of cyber and space assets into Red Flag.
Along with the aircraft, more than 3,200 service members from every branch of the U.S. military, along with coalition partners from the UK and Australia. Participants flew a projected total of 1,700 sorties for an approximate total of 3,600 flight hours. With the integration of night training missions, combat scenarios typically happened twice a day with wave after wave of aircraft taking off in the early afternoon and afterburners glowing late into the night. Most of the training happened over the Nevada Test and Training Range, the largest contiguous air and ground space available for peacetime military operations in the free world. The NTTR also serves as the arena for the intense simulated confrontations between the Blue Force, made up of U.S. joint and coalition forces, and the Red Force, a group of U.S. airmen trained in the use of adversary tactics and equipment organized under the 57th Adversary Tactics Group. The 2.9 million acre range provides 5,000 square miles of airspace for the realistic training of aircrews to prepare them for future conflicts or war. A wide variety of live munitions can also be employed on targets on the range.
Red Flag 14-1 was conducted Jan. 27 – Feb. 14. The exercise marked the first iteration of the 414th Combat Training Squadron’s signature air combat exercise since the onset of sequestration in April 2013, which led to the combat air forces being stood down and the cancellation of Red Flag 13-4.