Cyber ​​defense: Cyber ​​Eagle 2024 concluded

(To air Force)
03/12/24

Over three months of continuous activity, thousands of terabytes of data analyzed, 150 specialized operators - military and civilian - engaged in various simulated cyber attack and defense scenarios: this, in numbers, is the Cyber ​​Eagle 2024, a cyber defense exercise planned and conducted by the Italian Air Force in collaboration with Deas SpA (Defense and Systems Analysis), an Italian company leader in the security of networks, information systems and IT services, to continue on the path started over a decade ago to increase awareness, at all levels of the Armed Forces, of the cyber threat and to increasingly test the ability to react in the most timely and effective way possible to realistic intrusion attempts on Armed Forces networks and systems, also using tools based on innovative technologies such as artificial intelligence and supercomputing.

The results of the exercise, which also aim to implement solutions to be validated and developed in future exercises, were illustrated on Monday 2 December in Rome, at the Automated Information Systems Department (Re.SIA) of the Italian Air Force, which oversaw the design and execution phase, in the presence of the Chief of Staff of the Air Force, Air Force General Luca Goretti, and numerous military authorities and representatives of companies in the sector.

“We can never stop, we must be prepared for the challenges and threats of the current global scenarios”, declared the Chief of Staff of the Air Force, Air Force General Luca Goretti.

"The main objective of these exercises is to work on the cyber culture of personnel, especially those not exclusively assigned to the IT sector, who can unconsciously compromise the security of operations and departments. The technologies commonly used by all of us to communicate, for example, can become threats, weak points in the system. We therefore welcome this type of activity and these synergies with the external world of industry and research, with the hope that they can also expand beyond the single armed force and that they can also be a stimulus and food for thought for decision makers on how to mitigate some areas of risk and improve the ability to defend against this type of threat, against which the most important weapon remains knowledge and preparation"

Four departments were involved on the front line in the three-month exercise: the 4th Telecommunications Brigade and Air Defense and Flight Assistance Systems, the 36th Fighter Wing, ReSIA (Automated Information Systems Department) and ReGISCC (Command and Control Systems Management and Innovation Department). For the first time, with the support of the General Security Department of the Air Force General Staff for security aspects related to the IT incident on AM networks, the entire real infostructure of the Armed Forces was put to the test, an innovative and courageous approach that characterized this edition, the tenth since 2015 when the Armed Forces started this project of advanced training and education of personnel that has become a model of public-private partnership.

After a preliminary analysis of the possible critical exposures on open sources, two mixed opposing teams operated synergistically on different exercise scenarios: a Red Team was tasked with simulating the behavior of a malicious actor in order to identify vulnerabilities in unclassified computer and cyber systems in use while a Blue Team has worked across the board to detect such threats and respond promptly and effectively.

The exercise involved for the first time an important operational component of the Armed Forces, in order to test its defense capacity from cyber attacks, namely the DADR (deployable air defense radar) mobile radar system of the 4th telecommunications and air defense and flight assistance systems brigade of Borgo Piave (LT), a type of equipment that the Armed Forces uses to implement command and control capabilities away from stationary bases in the event of complex operations or exercises.

The most important innovation this year was to bring the exercise into the heart of an operational flight unit of the Armed Forces, in this specific case the 36th fighter wing of Gioia del Colle, conducting – also in this case with the support of an external company, Intellisync – attempts at malicious actions on the technological systems for monitoring the so-called assets. operational technology (fuel depots, electrical infrastructures, water networks, systems connected to the airport movements of aircraft, etc.), which in technical jargon is defined as supply chain leaders airport, to consolidate also in this delicate area procedures and tools for monitoring and detecting any vulnerabilities that could put the department's operations at risk.

“Cybersecurity and defense is a fundamental sector for the Armed Forces' operations. Technology is important, as is the preparation of personnel. With this exercise – declared the AM logistics commander, Gen. Antonio Conserva – we entered the heart of an operational department testing systems that have intrinsic cyber vulnerabilities also in light of the current framework characterized by great instability and emerging and in some cases dormant threats. These exercises are also essential for thinking and developing new tools to be used in the future, exploiting the capabilities of the national industry. We must be aware of the threat at all levels but also fully aware of the level of capacity we have reached, from which the ability to react derives. Systematizing these experiences can help us make that leap in cultural quality that is needed to face the difficult challenges to which we are exposed”.

“I am honored by this consolidated partnership, now in its fourth consecutive year”, commented Stefania Ranzato, sole director of Deas SpA “and I thank the Air Force for believing in this ambitious project. Thanks to the synergy between the personnel of the Armed Forces and the talents of DEAS, an extraordinary job has been carried out, attempted attacks on systems and networks have been simulated which have allowed the consolidation of the cyber defense capabilities of the Air Force, contributing to strengthening the security of our country”.

The event ended with the speech of the commander of the 3rd division of the AM logistics command, Gen. Div. Sandro Sanasi, who, in drawing up a balance of the exercise, wanted to underline the importance of this type of training events, which constitute "fundamental opportunities to protect existing information structures, which, pending a complete re-engineering of key systems, serve to guarantee the Armed Forces an adequate level of cyber resilience. In this sense, it will be increasingly important to invest in cyber defense, in technologies by design and virtuous synergies such as these in the field of personnel training and education".