The Marine Corps marked a milestone earlier this year when it deployed a first-of-its-kind cyber protection team to the Middle East to help crisis response troops shore up communications and patch vulnerabilities to a growing range of cyber threats.
The team deployed in February 2016, leaders of Special Purpose Marine Air-Ground Task Force Crisis Response-Central Command said in a recent debrief. Among other things, it helped the unit set up a secure VPN so Marines operating in the region could communicate safely and access resources.
The move to send the team forward came as all Defense Department units place increased focus on cyber security amid multiplying threats great and small, from network attacks and data infiltrations authored by the Islamic State of Iraq and Syria to small-scale hackers looking for an in.
"With the different actors in the theater, [threats] ran the full spectrum of either the local low-end hacker that might be able to get access to a WiFi hotspot that one of our Marines was using on al-Jaber [Kuwait], all the way up to potentially near-peer adversaries in the theater that were doing directed specific attacks against us," said Maj. Josh Nunn, communications officer for the task force.
Among methods the team used to test vulnerabilities, Nunn said, was a "spear phishing" campaign, organized with knowledge of the command, to demonstrate ways adversaries might try to steal information.
Spear phishing uses fraudulent emails or electronic communications to elicit data from a user or to install malware on a computer without the user's knowledge.
"And one of the benefits of the cyber protection team was they were able to emulate these threats and give us a real lessons learned and some learning on what types of attacks maybe a near-peer adversary would use," Nunn said.
In addition to helping the task force establish the VPN framework and patch existing vulnerabilities, it oversaw the unit's efforts to set up a special three-man cell that served as a defensive cyber organization, said Col. William Vivian, commanding officer for the task force.
That cell was able to continue many of the best practices the team imparted and build cyber knowledge in the unit.
For the Marine Corps, which stood up its cyber command in 2009, it's the first of many deployments to assist troops in theater, said Brig. Gen. Lori Reynolds, commander of Marine Forces Cyberspace Command.
"I think we're going to find most that we don't have nearly enough force that we need to be able to get out and do what we want to do, which is to get out and take care of the warfighter on the tactical edge," she told Military.com.
"So that was one of the first times that we actually deployed, but I expect that we'll be doing a lot of that," Reynolds said. "It really is a matter of where's the threat, where's the vulnerability, and that's where we want to be."