Classified Hackathon for Air Force Crowdsources from Military and Industry
Originally published by: ClearanceJobs | Dec. 17, 2021 | Peter Suciu
The United States Department of Defense (DoD) continues to look to the private sector to solve high-tech problems via various “hackathons.” These are customizable crowdsourced endeavors that seek solutions in a highly collaborative environment. Much like military “bug bounties,” which provide opportunities for white hat hackers to find holes and other security threats in networks and software, hackathons can also allow multi-disciplinary teams to brainstorm ideas, create prototype solutions and even develop basic designs.
CLASSIFIED HACKATHON FOR AIR FORCE
This week the United States Air Force announced that it will hold a classified hackathon that will call upon participants to prototype software by utilizing data from military weapons systems. The Air Force’s STITCHES Warfighter Application Team (SWAT), in close coordination with the Office of the Chief Information Officer, AFWERX, Air Combat Command, the Joint Artificial Intelligence Center (JAIC) and others are organizing the first publicly announced – yet still classified – innovation hackathon.
Dubbed “BRAVO,” it will be held at Nellis Air Force Base (AFB), Nevada from January 5-12.
During the event, data scientists, product managers, and engineers from the U.S. military, the DoD and from more than 10 industry companies will work together rapidly prototype capabilities of their choosing on Air Force Weapons System data with mentorship from Air Force and DoD leaders.
“The Air Force’s plan highlights how far ‘hackathons’ have moved into the mainstream but it also demonstrates the consensus about the value that outsiders can contribute to conservative, even stodgy developments and processes,” said technology industry analyst Charles King of Pund-IT.
“Since the event itself is classified we may never know exactly what transpires,” King told ClearanceJobs. “However, the fact that the Air Force, and by extension the DoD recognizes the importance of expanding its horizons may be newsworthy in itself.”
OPEN SOURCE SOFTWARE
What makes this particular hackathon unique is that BRAVO will actually allow hackers to bring open source, or other proprietary software, into the environment quickly. This could include such software tools as the JAIC’s Joint Common Foundation development platform, which allows for unprecedented software collaboration to be used on classified DoD data.
“I began planning this hackathon with a peer, Jimmy Jones, this summer while still at DARPA before being hired by the USAF,” explained Stuart Wagner, chief digital transformation officer for the Department of the Air Force. “We realized the extent of underleveraged raw data available from various Air Force weapons systems and we want to fundamentally shift Joint All Domain activities from talk and imagine exercises to development exercises on real weapons system data.”
Wagner, who is a former software developer for Microsoft, had previously coded a sex trafficking disruption prototype while working with a Microsoft hackathon team after just three months working there. The team went on to win the competition, but more importantly since 2017, more than 37,000 potential victims across North America received proactive outreach from services providers using the Freedom Signal platform. It has since scaled to dozens of police departments and non-profit organizations around the United States.
The software developer hopes to bring such skills to the BRAVO hackathon.
“This is a beta test of a radical military innovation model that will allow any capable DoD civilians or military members to build and validate capability and impact U.S. and foreign partner national security after one week of effort,” Wagner added. “Once we validate our model, we will scale this to 500+ inter-service, inter-agency, foreign partner hackers.”
This could be seen as a significant collaborative effort.
“Having been a part of many cross organization and cross domain engagements I would say that some of the potentially most valuable gains will be in some relationships that may emerge on the fringes despite organizational cultures and structures that limit data sharing – especially across and outside of classified programs,” explained Jeff Engle, chairman and president of the cybersecurity research firm Conquest Cyber, and former consultant for the DoD’s premier adversary emulation team.
HISTORY OF PAST EXERCISES
Even the name of the BRAVO hackathon series is rooted in unique past collaborations within the U.S. military. Its name comes from Project B, a 1921 series of joint Army-Navy target exercises conducted on surplus ships in response to Army Brig. Gen. Billy Mitchell’s claim that bombers sink battleships. Considered controversial at the time – especially as Navy officials didn’t originally accept that aircraft could sink a capital warship, Mitchell’s claim essentially undermined the then current investments and strategy of the Navy and then Department of War.
Yet, Project B was authorized by the Secretary of War and the Secretary of the Navy to essentially disprove and disgrace Mitchell by demonstrating the insignificance of airpower. However, in the live-fire exercises off the coast of Virginia several ships – including German battleships that were taken as prizes after the First World War – were sunk in the test. Project B accurately predicted air power’s dominance over traditional battleship-dominant navies in the Second World War nearly 20 years later. That led to changes in military strategy, defense resourcing for aeronautics and aircraft carriers, and ultimately the Department of War by eventually proving the need for a separate Air Force military department.
Rather than continue with the usual way of thing that was common before Project B, the BRAVO hackathons are sponsored by senior DoD leaders to provide technical and cultural innovation environments that enable government and industry to test and validate bold ideas on real DoD data. Moreover, such events further align under Air Force Chief of Staff Gen. CQ. Brown, Jr.’s September 17 memo requiring senior leaders to enable Airmen to experiment and innovate.
What we can expect to come out of the event isn’t exactly clear, but it could be the first of similar hackathons.
“This is a challenging area due to the event being classified,” Engle told ClearanceJobs.
“Getting and maintaining a clearance requires many hoops that some cannot or will not jump through, particularly when they are so skilled at exploiting systems, networks and data,” Engle added. “The challenge of getting the ‘best and brightest’ to both participate and to make their participation valuable to them and the community writ large has an resulted in an abysmal track record. That being said, it is ever more critical as we have a broad and deep disadvantage culturally as it relates our cyber domain capability development in comparison to other nation-state actors.”
For further information contact:
About Conquest Cyber
CONQUEST is the premier cyber resiliency software platform – enabling an ecosystem of partners and customers across critical sectors to defend against threats, get resilient and enable the US to gain a competitive edge in the battle for cyber supremacy.
Originally founded in 2008, Conquest Cyber took off under the leadership of Jeffrey J. Engle, a retired Special Operations combat veteran and highly regarded expert in adaptive risk management for critical infrastructure. We have an office in Miramar, FL and our Headquarters is in Nashville, TN.
Jeffrey Engle, Conquest Cyber: “transfer some risk where you can but know that you own your outcome”
Originally published by: cybernews | Feb. 19, 2022 Today’s business landscape is plagued with uncertainties about the level of cybersecurity needed to protect the organization’s most precious assets. As enterprises are trying to protect their workforce and...
With the new year upon us, there’s never been a better time to evaluate your company’s cybersecurity. By Jeffrey J. Engle, President of Conquest Cyber Recent cybersecurity breaches like the SolarWinds and Colonial Pipeline attacks have illustrated the importance of...
Originally published by: Green Sheet | Jan. 10, 2022 The following is excerpted from insights Jeffrey J. Engle, chairman and president at Conquest Cyber, sent to emphasize the critical need to secure our infrastructure. "If you’re waiting for a cybersecurity 9/11 or a...