The official document exposing their plans will follow shortly (in extracted form), meanwhile (it is embedded further down):

http://www.govexec.com/story_page.cfm?filepath=/dailyfed/0607/061307bb1.htm

Army, Air Force seek to go on offensive in cyber war
By Bob Brewin bbrewin@govexec.com June 13, 2007

In an unusual act of candor, both the Army and Air Force in the past two months have issued solicitations asking the computer industry to provide technologies the services can use to wage offensive cyberattacks against enemy computer systems.

The Army’s Communication and Electronics Command last month released an announcement asking the IT industry to present technologies that it could use to infiltrate enemy computer networks and communications systems. The military refers to such cyberattacks as “offensive information operations,” or OIO.

The Army acknowledged in the announcement that it already has waged cyberattacks on enemy networks and communications platforms, but provided no details. But it wants to “leverage innovative technologies” to improve its cyberattacks “and prevent enemy forces from detecting and countering efforts directed against them,” according to the announcement. “Technologies designed to interrupt these modern networks must use subtle, less obvious methodology that disguises the technique used, protecting the ability whenever possible to permit future use.”

The Air Force also is seeking offensive cyber warfare capabilities, according to an announcement and a request for information released in April. The Air Force’s 950th Electronic Systems Group said it is seeking industry help to define technologies and capabilities “associated with computer network attack.” The technologies would be used to “disrupt, deny, degrade or deceive an adversary’s information system,” according to the request for information.

The Air Force wants technology that will help it map data and voice networks, provide it with access to those networks, conduct denial-of-service attacks on current and future network operating systems and network devices and engage in data manipulation on enemy networks.

The Air Force Electronic Systems Center declined to classify potential targets of the offensive cyber operations, such as nations, terrorists, rogue groups or individuals. “Specific capabilities or procedures cannot be discussed for security reasons,” said Monica Morales, a spokeswoman for the Electronic Systems Center, the parent command of the 950th Electronic Systems Group.

[INSERT: * 950th Electronic Systems Group

The group develops, acquires, and integrates ISR systems to provide information superiority, kill chain and information operations capabilities for the Air Force, joint and coalition combat operations. The group leads integration and transition and fielding of highly-classified technologies to meet warfighter requirements and administers a contract budget valued at $5.4 billion fiscal year defense plan.
__________________________________________________________
The offensive cyberattack capabilities that the Army and Air Force want to develop match what Marine Gen. James Cartwright, commander of the Strategic Command, called for during a hearing of the House Armed Services Committee in March. He told the panel that if "we apply the principle of warfare to the cyber domain, as we do to sea, air and land, we realize the defense of the nation is better served by capabilities enabling us to take the fight to our adversaries, when necessary, to deter actions detrimental to our interests."

Bruce Schneir, a security consultant with BT Counterpane, endorsed the Army and Air Force efforts. "Our government would be negligent if it did not develop offensive information operations capabilities," he said.

[INSERT:  Schneir, you're now officially a dumbass duped anti-Constitutional scumbag piece of NWO assisting TRASH.]

But, Schneir added, since cyber space, unlike the physical battlefield, has connections to global networks that support commerce and communications, any offensive operations conducted by the United States must be fine-tuned to avoid disrupting computer systems that are not part of any enemy system that the military would target. That would be the cyber equivalent to collateral damage inflicted in a bombing campaign.

Steven Aftergood, director of the Project on Government Secrecy for the Federation of American Scientists, described the release of the Army and Air Force offensive cyberattack solicitations as significant, because the services have only released limited information on their cyberattack plans, operations or technologies. These solicitations are more detailed.

The Army expects industry to submit responses to the announcement by the end of June. The Air Force is scheduled to hold an industry day for its Network Warfare Operations Capabilities solicitation on June 14 in San Antonio.
__________________________________________________________
http://www.nextgov.com/nextgov/ng_20080514_6745.php

Air Force looking to build cyber weapons

By Bob Brewin 05/14/2008

The Air Force issued a proposal on Monday asking the technology industry to help it develop the ability to hack into an enemy’s computer systems and to conduct offensive cyber warfare, such as shutting down systems, according to internal and public documents.

In its proposal, the Air Force Research Laboratory-Rome Research Site in Rome, N.Y., said it wanted help from researchers and industry to develop technologies that would support what the lab called a dominant offensive cyber engagement.

An internal briefing from the lab’s headquarters at Wright-Patterson Air Force Base in Ohio defines the engagement as the ability to “conduct full-spectrum offensive cyber/info military, leadership and infrastructure.”

The request dovetails with a similar research effort kicked off last year by the Air Force Electronic Systems Group, which asked industry to develop the technologies and capabilities needed to attack an adversary’s computer systems.

“Although it is rare to find such a public request by the Air Force, [other] governments around the world [already] have the resources, methods and systems to play in the cyberspace war zone,” said Yuval Ben-Itzhak, chief technology officer for Finjan Software Inc. in San Jose, Calif., which develops and sells secure Web gateway software.

The lab emphasized in the request that it noted the lab wants to develop the capability to gain access to remote open and closed networks and to systems that provide full control of a network for the purposes of collecting data and conducting operations to manipulate the system.

The lab wants capabilities to burrow to the core of any computer, including techniques to allow it to gain user and root-level access to fixed and mobile computers. The lab is interested in methodologies that would allow it to access all types of operating systems, patch levels, applications and hardware, according to the request.

The Air Force also wants the ability to conduct these operations without being detected for a long time, so the United States could “maintain an active presence within the adversaries’ information infrastructure completely undetected” to collect an enemy’s sensitive and classified information.

The Air Force labels these electronic tactics “D5 effects,” to affect computers through what it calls “deceive, deny, disrupt, degrade and destroy.”

Air Force Col. Charles Williamson, in an article that appeared in the May issue of Armed Forces Journal, said the Air Force should take a “carpet bombing” approach to offensive operations in cyberspace. Williamson, staff judge advocate for the Air Force Intelligence, Surveillance and Reconnaissance Agency at Lackland Air Force Base in Texas, suggested that the service imitate hackers and develop its own force of botnets — thousands of computers controlled by a signal source — to attack adversaries.

The cyber warfare strategy could backfire, according to an analyst who served in a top Defense Department post. Philip Coyle, who served as assistant secretary of Defense and director of its operational test and evaluation office from 1994 to 2001, said he does not believe the Air Force has “thought through the ‘arms control’ implications of this work. Once the Air Force starts attacking . . . all hell could break loose. The Air Force is not equipped, and likely could never be equipped, to deal with retaliation from thousands or millions of hackers.

“Hopefully, this solicitation will produce some cooler heads who will help the Air Force think through these matters,” said Coyle, now senior adviser with the Center for Defense Information, a security policy research organization in Washington. “But too often the tendency is to come up with new weapons — including cyber weapons — without adequate regard for the question . . . ‘Where does it all end? How will our friends and allies, as well as our adversaries react to our efforts? Through our actions, are we making the threat worse?’”

The military will use caution with cyber weapons, as it has with nuclear weapons, Ben-Itzhak said. “Most people trust their nation that it will not start a war or a nuclear attack for no serious reason,” he said. “They can also trust that such offensive cyberspace methods will be used for good reasons, although, just by reading [about] them, they might sound scary.”

Ben-Itzhak added that investment in offensive cyber operations — under the theory that a good offense makes for the best defense– won’t solve the problems the Air Force faces in combating relentless cyberattacks against its networks. “Investments in offensive methods will not save investments in defensive methods,” he said. “It is the basic of any war, including the cyber war.”

WHAT PART OF YOUR AGILE SOFTWARE BASED ARCHITECTURES WHICH ARE DERIVATIVES OF THE OLD ENHANCED PROMIS SOFTWARE WHICH HAVE BEEN SOLD TO FOREIGN GOVERNMENTS, AND ARE INHERENTLY BACKDOORED TO FACILITATE FALSE FLAG CYBER TERROR WITHOUT DETECTION TO USHER IN TOTAL MARTIAL LAW AND TYRANNY TO LEGITIMIZE THE GIG DON’T YOU REALIZE THAT THE ENTIRE WORLD IS WAKING UP TO?  IT IS *****OVER***** YOU HAVE BEEN F*CKING EXPOSED ENEMY TERRORIST TRAITORS!

___________

*AF Research Lab Doc Exposed*-Military strikes auth vs. “Cyber threats”

Excerpt:

Michael Riconosciuto is one of the original architects of the PROMIS backdoor. PROMIS was a people-tracking software system sold to intelligence organizations and government drug agencies worldwide. The global dispersion of PROMIS was part of a U.S. plot to spy on other spy agencies.

Riconosciuto, who was Director of Research for a Wackenhut-Cabazon Indian joint venture, oversaw a group of several dozen people who worked out of business offices in nearby Indio, California. According to the testimony of Robert Booth Nichols, a CIA agent associated with Meridian International Logistics and connected to Music Corporation of America (MCA), Riconosciuto was in frequent contact with Bobby Inman, Director of the National Security Agency (NSA) and then Deputy Director of the Central Intelligence Agency (CIA), during this time.

Since intelligence computers are, for security reasons, usually not connected to external networks, the original backdoor was a broadcast signal. The PROMIS software was often sold in connection with computer hardware (such as a Prime computer) using a specialized chip. The chip would broadcast the contents of the existing database to monitoring vans or collection satellites using digital spread spectrum techniques whenever the software was run.

Spread spectrum techniques offer a way to mask, or disguise, a signal by making it appear as “noise” with respect to another signal. For example, one may communicate covertly on the same spectrum as a local TV broadcast signal. From the point of view of a TV receiver, the covert communication appears as noise, and is filtered out. From the point of view of the covert channel, the TV signal appears as noise. In the case of the PROMIS broadcast channel, the signal was disguised as ordinary computer noise–the type of stuff that must be reduced for TEMPEST certification in the U.S.

In spread spectrum frequency communication, the transmitted spectrum is much wider than what is really necessary. In digital communication, the transmission widths of digital signals are expanded so that many “bit periods” are needed to represent one bit at baseband. This results in an improvement in the signal-to-noise- ratio. Spread spectrum techniques are used extensively in covert military communications and secure satellite systems.
_____________________________________________________________
http://www.armedforcesjournal.com/2008/05/3375884

The world has abandoned a fortress mentality in the real world, and we need to move beyond it in cyberspace. America needs a network that can project power by building an af.mil robot network (botnet) that can direct such massive amounts of traffic to target computers that they can no longer communicate and become no more useful to our adversaries than hunks of metal and plastic. America needs the ability to carpet bomb in cyberspace to create the deterrent we lack.

America faces increasingly sophisticated threats against its military and civilian cyberspace. At the same time, America has no credible deterrent, and our adversaries prove it every day by attacking everywhere. Worse, our defensive concept is fundamentally flawed, and we have not learned the simplest lessons of history.

As much as some think the information age is revolutionary, local networks and the Internet are conceptually similar to the ancient model of roads and towns: Things are produced in one place and moved to another place where they have more value. The road-and-town model works well between cooperating states, but states also compete, and when they do, they sometimes have to defend themselves from attack. In today’s Internet, network “towns” are “fortified” with firewalls, gateways, passwords, port blocking, intrusion detection devices and law enforcement. This approach uses the same strategy as the medieval castle with its walls, moat, drawbridge, guards, alarms and a sheriff. While castles worked more or less for hundreds of years, they are now abandoned as completely ineffective except against the most anemic attack.

The time for fortresses on the Internet also has passed, even though America has not recognized it. Now, the only consequence for an adversary who intrudes into or attacks our networks is to get kicked out — if we can find him and if he has not installed a hidden back door. That is not enough. America must have a powerful, flexible deterrent that can reach far outside our fortresses and strike the enemy while he is still on the move.

Homer’s epic poems describe how fortified Troy held out against the united Greek armies for 10 years until Troy finally fell when it foolishly brought the threat inside its own walls by falling for the enemy’s masquerade in the form of a giant wooden horse. Today, it is no coincidence that the Trojan horse exploit uses the same technique on the Internet by hiding a threat inside what appears to be a gift.

In spite of Troy’s defeat, fortresses worked for thousands of years because they were so reliable and cheap compared to standing armies. Fortresses reached their zenith in the medieval castle, even though they were vulnerable to siege, tunneling and the threat that someone would open the gate from inside. However, the popularity of castles declined as the power of artillery increased. While fortresses enjoyed some notable successes, even the post-Civil War settlement of the American West evolved to relying on quickly constructed fortresses with wooden walls to house a highly mobile attack force that could secure a vast area.

The death knell for the fortress came during World War II at the Belgian Fort Eben-Emael. Its answer to the artillery threat was thicker and higher walls and the threat of its own artillery against any enemy in the vicinity of the fort, especially at the nearby bridge. But the attack did not come across the bridge. It came from the air. The Germans cunningly dropped storm troopers in gliders right in the middle of the fort, engaged the garrison and tied it up long enough for the massive German Army swarming across the bridge to compel surrender, which came in just one day.

Today, every Army outpost in America traces its roots to the walls, guards and gates of Troy. But none of today’s forts relies for boundary defense on anything more substantial than a chain-link fence, even though the base may contain billions of dollars in military equipment and the things most important to the soldiers — their families. The U.S. intends for defense of its “forts” to occur thousands of miles away. We intend to take the fight to the enemy before the enemy has a chance to come here. So, if the fortress ultimately failed, does history provide a different model?

AIR BASE DEFENSE

Almost from the beginning, air base defenders recognized the need to defend in close, coupled with the necessity of finding the enemy and destroying his planes on the ground before they launch.

In “Air Warfare and Air Base Air Defense,” John F. Kreis described the early defense of the air weapon. From the beginning of World War I, defense happened when the enemy was above your airfield, with expediencies such as Lewis machine guns mounted on stumps in the ground. However, by 1915, British Maj. Gen. Hugh Trenchard’s large, repeated raids on German airfields put the Germans on the defensive. Today’s air base defense concept still uses a layered defense in depth, but it starts as far as possible from the air bases, then relies on close-in defense only as a last resort. That capability in cyberspace can exist in an af.mil botnet.

A botnet is a collection of widely distributed computers controlled from one or more points. Criminals build botnets by using automated processes to break through the defenses of computers anywhere in the world and implant their programs or code. Often, the computer user is tricked through a crafty e-mail into cooperating with the installation of the code. The infected machines are called zombies and can be remotely controlled by masters. Hackers can build multiple levels of masters and zombies with millions of computers.

Hackers often use botnets to generate spam, but their real strength lies in their ability to generate massive amounts of Internet traffic and direct it against a small number of targets. This is called a distributed denial of service (DDOS) attack. The effect is that the target computers are cut off from the Internet. Because communication is often a computer’s main purpose, a compromised computer might as well be a rock. While preparation and money can help target computers defend themselves, once under attack, they have little ability to recover.

Multiday attacks against CNN and Yahoo in 2000 and against Estonia in 2007 cost tens of millions of dollars. The SANS Institute projects that increasingly sophisticated botnets will be the No. 2 cyber security menace for 2008. A DDOS attack against a net-centric military could stop or delay any operation it intended. How could the U.S. military build such a system?

BUILDING THE AF.MIL BOTNET

The U.S. would not, and need not, infect unwitting computers as zombies. We can build enough power over time from our own resources.

Rob Kaufman, of the Air Force Information Operations Center, suggests mounting botnet code on the Air Force’s high-speed intrusion-detection systems. Defensively, that allows a quick response by directly linking our counterattack to the system that detects an incoming attack. The systems also have enough processing speed and communication capacity to handle large amounts of traffic.

Next, in what is truly the most inventive part of this concept, Lt. Chris Tollinger of the Air Force Intelligence, Surveillance and Reconnaissance Agency envisions continually capturing the thousands of computers the Air Force would normally discard every year for technology refresh, removing the power-hungry and heat-inducing hard drives, replacing them with low-power flash drives, then installing them in any available space every Air Force base can find. Even though those computers may no longer be sufficiently powerful to work for our people, individual machines need not be cutting-edge because the network as a whole can create massive power.

After that, the Air Force could add botnet code to all its desktop computers attached to the Nonsecret Internet Protocol Network (NIPRNet). Once the system reaches a level of maturity, it can add other .mil computers, then .gov machines.

To generate the right amount of power for offense, all the available computers must be under the control of a single commander, even if he provides the capability for multiple theaters. While it cannot be segmented like an orange for individual theater commanders, it can certainly be placed under their tactical control.

For computer network attack intended to create effects for a theater commander, the most sensible person to exercise tactical control is the Joint Force Air Component Commander (JFACC). The JFACC is responsible for the theater’s deep-strike capability and habitually operates in parallel warfare with hundreds of simultaneous strikes on hundreds of locations. That is exactly the kind of capability provided by the af.mil botnet. Also, the JFACC has the most at stake in using the botnet for deterrence, limited strike or massive strike because it is the JFACC who will have to send in his joint airmen if the botnet fails. This means he will have the most incentive to compel the Air Force to build and exercise this tool for him.

Computer network defense presents a different problem. Here, the botnet needs to be under the tactical control of a combatant commander with global responsibility. The enemy is almost certain to attack from every quarter and will completely ignore or actively exploit our seams between regions. Cutting up the botnet into regional pieces would so dilute its power that it would be worthless and make rapid employment functionally impossible.

The system also needs to avoid tampering and fratricide. Cannoneers of fuse-fired artillery carried spikes which they could quickly drive in the fuse hole to prevent the weapon from being turned on friendly forces if their position was overrun. The af.mil botnet could replicate that protection with various mechanisms, including disabling the botnet code if an automated check indicated the code has been altered. The af.mil botnet could protect against fratricide by having filters to prevent attacks against .mil, .gov or registered allied addresses, unless specifically overridden.

PARADE OF HORRIBLES

Lawyers have been known to trot out a “parade of horribles” to demonstrate weaknesses in an idea. These issues are difficult but not insurmountable. But before addressing them, it is important to note what the botnet is not.

The af.mil botnet is not a replacement for law enforcement action or diplomacy. If the harm coming to U.S. systems is low enough that a military response is not required, the U.S. must default to traditional responses that respect the sovereignty of other nations, just as we expect them to respect our sovereignty and the primacy of our responsibility to stop harm coming to them from the U.S. With that understanding, what challenges remain?

Some people would fear the possibiltiy of botnet attcks on innocent parties. If the botnet is used in a strictly offensive manner, civilian computers may be attacked, but only if the enemy compels us. The U.S. will perform the same target preparation as for traditional targets and respect the law of armed conflict as Defense Department policy requires by analyzing necessity, proportionality and distinction among military, dual-use or civilian targets. But neither the law of armed conflict nor common sense would allow belligerents to hide behind the skirts of its civilians. If the enemy is using civilian computers in his country so as to cause us harm, then we may attack them.

On the other hand, if the U.S. is defending itself against an attack that originates from a computer which was co-opted by an attacker, then there are real questions about whether the owner of that computer is truly innocent. At the least, the owner may be culpably negligent, and that does not, in fairness or law, prevent America from defending itself if the harm is sufficiently grave. Two scenarios reveal that the issues are more political than legal.

From a legal standpoint, the U.S. has long been a proponent of the international law doctrine of “defense in neutral territory” since Secretary of State Daniel Webster in 1842 accepted the British explanation that they had exercised their right of self-defense in capturing the steamer Caroline from an American pier, setting it ablaze, then sending it plunging over Niagara Falls after it had been used in the service of Canadian rebels: “Respect for the inviolable character of the territory of independent nations is the most essential foundation of civilization … [and] exceptions should be confined to cases in which the ‘necessity of that self-defence is instant, overwhelming, and leaving no choice of means, and no moment for deliberation.’” Notably, the British were not responding to harm caused by the U.S. government but to harm caused by criminals acting from U.S. territory. That may well be the case if the U.S. uses the af.mil botnet defensively. However, the bigger legal challenge for the U.S. is reciprocity. What we do to other countries, they get to do to us without our complaining.

The political ramifications may be more difficult to manage. A U.S. defensive DDOS attack on a neutral country, or on multiple neutral countries, will certainly require the U.S. to explain itself. Commanders need to be ready to disclose some facts indicating why the U.S. took action and what they did to tailor their response. Finally, the U.S. needs to be ready to consider legitimate claims for compensation, if warranted.

The truly difficult problems come in defending against attack from devices adversaries have captured from U.S. or allies’ civilians. Generally, the U.S. military is not going to attack a U.S. private computer. Harm coming from one of those machines will first be treated as a crime, and military forces should stay out of the situation in accordance with the Posse Comitatus Act. However, Title 10 of the United States Code, Section 333, allows the president to order use of the military in the U.S. under tightly controlled conditions when civil authorities are overborne.

More challenging is the problem of an attack coming from an ally’s civilian computers. Obviously, the U.S. would seek allies’ cooperation if at all possible, but we could be in a position of launching an attack on a nation whom we have sworn to protect in a mutual defense pact. Together, the U.S. and its allies can reduce this risk by cooperating to maximize computer security. If we attack them as a matter of proportionate response, it would only be because computers in their territory are attacking us.

The biggest challenge will be political. How does the U.S. explain to its best friends that we had to shut down their computers? The best remedy for this is prevention. The U.S. and its allies need to engage in a robust joint endeavor to improve net defense and intelligence to minimize this risk.

A smart enemy will load his attack code in as many countries as possible so that when we launch a defensive strike, the maximum number of countries will be angry at the U.S. at the same time. However, this carries some risk for the real controller of the botnet that struck the U.S. If they spread their code broadly, they increase the incentive for multiple countries to cooperate in finding the truth of the attacks, so risk balances against reward. In the meantime, we have defended our own capability if circumstances required.

Also, a smart enemy will use “IP spoofing” by crafting his own DDOS attack packets to appear to come from somewhere other than the Internet Protocol (IP) address of the real node launching the attack. He could even craft his packets to make it appear the attack was coming from inside U.S. military networks so that if we merely captured the apparent source IP address and used that to aim the attack we would fire our botnet at our own computers. However, U.S. operators need not use the source IP address as the only pointer. All available information can be used to aim the attack, including the sophistication of the attack, targeting of sensitive systems and level of damage. If intelligence and circumstances point to a particular country, the U.S. is not barred from exercising its rights of self-defense or proportionate response just because the attacker was crafty. Military history is full of deception, and IP spoofing is simply the latest incarnation. In addition, the attacker could be guilty of the war crime of perfidy, or at least violate the U.N. prohibition against unfriendly acts, and call down on himself the ire of the international community, if he attempts to hide inside the cyber domain of a neutral nation. In any event, this threat illustrates the urgent need to improve the chance of proper targeting of our response to attack by cooperating to build an Internet version of the Distant Early Warning radars (the DEW Line) the U.S. and its allies jointly employed near the Arctic Circle during the Cold War.

There will be voices of skepticism.

“There are engineering challenges.” Yes, there are. They include potential choke points at border routers and backbone gateways. However, there are solutions, such as broadly distributing the computers or routing the technology refresh machines directly to the Internet. America’s Air Force has tackled tougher challenges. In any case, the current defensive concept is fundamentally flawed and cannot continue as our sole protection.

“Intelligence requirements would be too great.” While the joint doctrine on information operations notes that intelligence requirements for information operations can be more extensive than for kinetic operations, it did not contemplate an af.mil botnet. One of the advantages of a botnet is that offensive targeteers essentially only need the IP address of the target device, plus an appropriate level of intelligence, to allow an informed collateral damage assessment.

“Our enemies will know it was America that attacked them.” Precisely. We want potential adversaries to know this capability works and will be used when needed. In fact, we should do live-fire demonstrations on the Internet against range targets so foreign signals intelligence organizations can observe. Of course, we should fire inert rounds so as to not give away secrets.

“We might kill someone in a hospital or shut down emergency services.” The risk of this occurring is overblown. Hospitals and emergency services already need backup plans in case of many exigencies from natural causes, including the types of power and communications outages that a DDOS could cause. Also, target preparation in cyberspace can create no-strike lists just like the physical world.

“Brute force attacks lack elegance.” Who cares? The U.S. successfully conducted area bombing against Taliban trenches in Afghanistan. Not every attack needs to be with a laser-guided bomb. Brute force has an elegance all its own.

“This is not a silver bullet.” Of course not. A DDOS is not a good defense against espionage. The U.S. still needs a layered defense in-depth with firewalls, software patches, good information assurance and brilliant defenders because the botnet would do little against a phishing attack in which a hacker tricks people into running malicious software. However, what the botnet offers that does not exist today is the ability to let the enemy know he might be caught and suffer an attack that would take the benefit out of his risk.

“We might start a new arms race.” We are in one, and we are losing. Gen. James Cartwright, then-commander of the U.S. Strategic Command, testified for the 2007 Report to Congress of the U.S.-China Economic and Security Review Commission that analysts think China has the world’s largest denial-of-service capability. Can the U.S. reasonably believe that other nations have not learned from the DDOS attacks on Yahoo and CNN in 2000 or on Estonia in 2007? As Gregory Rattray projected in his book, “Strategic Warfare in Cyberspace,” if we are, or are about to be, engaged in a conventional conflict, the adversary may launch a DDOS that, under the right circumstances, could deter or delay us. Their capability could reduce our options. In addition, at least one foreign nation has advocated unrestricted warfare in cyberspace.

While the U.S. can have a plan to control each of the “horribles” in the parade, it is less certain that adversaries will.

The days of the fortress are gone, even in cyberspace. While America must harden itself in cyberspace, we cannot afford to let adversaries maneuver in that domain uncontested. The af.mil botnet brings the capability to help defeat an enemy attack or hit him before he hits our shores.

COL. CHARLES W. (CHARLIE) WILLIAMSON III is the staff judge advocate, Air Force Intelligence, Surveillance and Reconnaissance Agency, at Lackland Air Force Base, Texas. He has served as a flight test manager for small, air-breathing missiles; as a judge advocate at two base-level legal offices; as a staff judge advocate for two base-level legal offices; and as the first staff judge advocate for the Joint Task Force-Computer Network Operations. The views expressed here are the author’s own and do not necessarily reflect those of the Air Force or Defense Department.

_______________

General Information
Document Type:      Presolicitation
Solicitation Number:      FA8707-07-R-0001
Classification Code:      A – Research & Development
Naics Code:         541710 – Research and Development in Physical,
Engineering and Life Sciences

Contracting Office Address
Department of the Air Force, Air Force Material Command, Electronic Systems
Center, OL-AA 950 ELSG/KIS,145 Duncan Drive Suite 200, San Antonio, TX.
78226-1885
Description
SUBJECT:  BROAD AGENCY ANNOUNCEMENT (BAA ESC 07-0001)
OL-AA 950 ELSG/KIS, Network Warfare Operations Capabilities (NWOC),
TECHNOLOGY CONCEPT DEMONSTRATIONS.

A.   INTRODUCTION:
The 950 ELSG invites concept papers addressing Information Operations (IO)  capabilities focusing on Network Warfare Operations (NWO) to be administered by OL-AA 950 ELSG/KIS. This BAA is issued under the provisions of paragraph 35.016 of the Federal Acquisition Regulation (FAR) which provides for the competitive selection of technology demonstration proposals. Contracts awarded based on responses to this BAA are considered to be the result of full and open competition and in full compliance with the provisions of Public Law 98-369, “The Competition in Contracting Act of 1984.”
Concept papers in response to this announcement shall be submitted electronically to Ms. Lisa K. Anderson at lisa.k.anderson@lackland.af.mil.  Responses shall reference the above BAA number. This announcement is effective 1 July 2007 through 30 Jun 2009. Concept papers may be submitted at any time during this period. A copy of this BAA will be posted on the World Wide Web at http://herbb.hanscom.af.mil.  There will be no other solicitations issued for this topic.

B.   OBJECTIVE:
1.   Technical Description: The OL-AA 950 ELSG/KIS is an organization focused on the development and sustainment of NWO for the operational Air Force. This BAA solicits concept papers with the potential to enhance Air Force operations focused on the NWO element of IO. NWO is the integrated planning and employment of military capabilities to achieve desired effects across the interconnected analog and digital network portion of the battlespace. NWO is conducted in the information domain through the dynamic combination of hardware, software, data, and human interaction. These topics include, but are not limited to:

a.   Network Attack (NetA). The employment of network based capabilities to destroy, disrupt, corrupt, or usurp information resident in or transiting through networks.
b.   Network Defense (NetD). The employment of network based capabilities to defend friendly information resident in or transiting through networks against adversary efforts to destroy, disrupt, corrupt, or usurp it.
c.   Network Warfare Support (NetS). Actions tasked by or under direct control of an operational commander to search for, intercept, identify, and locate or localize sources of access and vulnerability for the purpose of immediate threat recognition, targeting, planning, and conduct of future operations. NetS provides information required for immediate decisions involving network warfare operations. NetS data can be used to produce intelligence, or provide targeting for electronic or destructive attack.
d.   Technologies/concepts for developing capabilities associated with computer network attack (i.e., to disrupt, deny, degrade, destroy or deceive an adversary’s information and information system). This should address but not be limited to the following:
i.   Mapping of networks (both data and voice)
ii.   Access to networks
iii.   Denial of service on current and future operating systems and network devices
iv.   Data manipulation
e.   Technologies/concepts for developing capabilities for IO modeling and simulation.
f.   Situational awareness that gives the operator near real-time effectiveness feedback in a form that is readily observed by the operator.
g.   Technologies/concepts for developing capabilities to assess and visualize non-kinetic effects.
h.   Technologies/capabilities/concepts for generating and distributing dynamic electronic target folders to include non-kinetic courses of action (COAs).
i.   Processing of multi-level security information.
j.   Technologies/concepts for developing capabilities to support rapid implementation of effects-based capabilities.
2.   Proposed concept papers may also address new tactics, techniques, procedures, and mature technology applications that may affect Air Force IO doctrine and strategy.
3.   Security Requirements: The submittal process under this BAA is intended to be as streamlined as possible in order to allow the Government to leverage the latest technology advances; however, every precaution must be taken to protect potentially sensitive or classified material. Such material should not be transmitted across open-source media like public phone, fax, internet, or e-mail. If a submitter has any reason to believe their concept may reference ideas or operations that require special protection, the submitter should immediately contact Mr. Michael Gamble, OL-AA 950 ELSG/KIS Security Officer, at (210) 925-6628. In general, potentially sensitive submissions should be sent via REGISTERED MAIL to the mailing address listed in Section A of this BAA. Submitters who are supported by an accredited security office may be bound by specific laws and regulations directing the proper methods for transmission of classified concepts.
4.   Other Special Requirements:
a.   DO NOT SUBMIT PROPOSALS AT THIS TIME. ONLY CONCEPT PAPERS ARE TO BE SUBMITTED.
b.   Successful offerors must comply with the Privacy Act, AFI 37¬-132.
c.   Offerors are advised that only Warranted Procuring Contracting Officers are legally authorized to commit the Government to an award under this BAA.

C.   ADDITIONAL INFORMATION:
1.   Offerors are requested to provide their Commercial and Government Entity (CAGE) code.

2.   It is preferred that only non-proprietary data be provided; however, proprietary data may be submitted. Proprietary data shall be clearly identified and marked. Any respondent consents to the Government allowing the MITRE Corp., a Federally Funded Research and Development Center, and advisory and assistance contractors, access to the concept demonstration papers. They will assist the Government on as needed basis in evaluating the capabilities of the companies responding to this BAA.

3.   The role of the support contractors is purely advisory, and the exclusive responsibility for defining requirements and evaluating responses will remain with the Government. The contracts with these support contractors prohibit the unauthorized use or dissemination of any proprietary information companies may submit in response to this BAA. Supporting contractors have signed a nondisclosure certification form prior to being granted access to proprietary information. These executed forms will be available for examination at the OL-AA 950 ELSG/KIS location.  Unless a company responding to this BAA indicates otherwise, any respondent consent to the Government allowing support contractors listed below access to proprietary information submitted for evaluation purposes.  950 ELSG/KIS support contractors currently are: BAE Systems, Northrop-Grumman – TASC, L3/ Titan, ARINC, Booze-Allen, AT&T, and ManTech/Aegis.  This list is subject to change.

4.   Notice to Foreign-Owned Firms: Such firms are asked to immediately contact Mr. Isaac O. Jones Jr, Contracting Officer, upon deciding to respond to this announcement. Foreign contractors shall be aware that restrictions may apply which could preclude their participation in this acquisition.

D.   CONCEPT PAPER PREPARATION INSTRUCTIONS:
1.   The cost of preparing concept papers in response to this announcement is not considered an allowable direct charge to any other contract, but may be an allowable expense to the normal bid and proposal indirect cost in FAR Part 31.205-18.

2.   Offerors can respond to all or part of the areas of interest announced in this BAA found on the HERBB web site.

3.   Every effort will be made to protect the confidentiality of the concept paper and any evaluations. The submitter must mark the concept paper with a protective legend IAW FAR 52.215-1(e).

4.   Unnecessarily elaborate brochures or proposals are not desired.

5.   Use of a diagram or figure to depict the essence of the proposed demonstration is strongly encouraged.

6.   Submitter’s concept papers shall not exceed ten (10) pages using Microsoft Word format using 10 pitch font. Concept papers in excess of ten pages will be returned to the offeror for resubmission in accordance with the page limits.  Fold out pages will not be accepted.

7.   Additionally, the offeror shall submit an unclassified, non-proprietary title and summary, not to exceed one (1) additional page each.  These pages will not be counted in the ten page limitation.

8.   Multiple concept papers addressing different topic areas may be submitted by each offeror. However, each concept paper must address only one concept.

9.   Each concept paper must contain as a minimum: Title, Period of Performance, Estimated Cost, Company Address, Technical and Contracting Points of Contact, Phone, Fax & Email, Task Objective, Technical Summary and Proposed Deliverables. OL-AA 950 ELSG/KIS will evaluate concept demonstration papers against the criteria listed in paragraph E below and will determine which concept demonstration papers to pursue based on their applicability and consistency with the intent of the BAA.

10.   The following information for classified submissions shall be added: Classified level at which company is cleared, CAGE code, contractor address for forwarding classified material, (name, address, zip code), cognizant security office (name, address, zip code), offeror’s security officer’s name and telephone number.

11.   The concept paper should include the anticipated period of performance as well as a rough-order-of-magnitude (ROM) cost. The ROM cost consists of the total cost plus profit/fee, if any. The ROM should be a best estimate of the anticipated cost of the effort. The ROM should be consistent with any dollar value or ranges, if any, specified in the announcement, as well as the level of work being proposed.

12.   The concept paper should not include a cost proposal or any of the material which usually accompanies a cost proposal.  It must include a short technical description of the concepts and plans to accomplish the technical objectives. It should also briefly describe the technologies to be pursued in the effort. It should also identify any Independent Research and Development (IR&D) work underway within the company which may have direct application. The concept paper should address only that specific part of the BAA that the offeror intends to accomplish. A single concept paper that attempts to address the whole scope of the technology described in the BAA will not be accepted.

13.   Those offerors whose concept papers are of interest may be invited to submit a formal proposal. Offerors whose concept papers are determined to not be of interest are not precluded from submitting a proposal and may request proposal instructions if they so desire. All offerors submitting concept papers will be contacted by the Technical Point of Contact either with a letter informing them that the effort proposed is not of interest to the Government, or with a request for a formal cost and technical proposal approximately forty-five days after concept paper/proposal submission.

14.   It is recommended that concept papers be received by the following dates to maximize the possibility of award: FY07-08 –  31 Jul 2007, FY09 –  30 Jun 2008; FY10 – 30 Jun 2009.  Concept papers will be accepted at any time, but it is less likely that funding will be available in each fiscal year after the dates cited.

15.   Organization Conflict of Interest (OCI) mitigation plans will be accepted by 950 ELSG/KIS when a contractor is notified to send a technical/cost proposal.  Contractors shall submit their OCI mitigation plans prior to or with its technical/cost proposal.

E.   BASIS FOR AWARD:
Multiple awards for the NWOC concept paper initiative are anticipated.  The principal funding and the anticipated awards as a result of this BAA will start in 4Q FY07, and will be in the form of contracts, cooperative agreements, or other transactions depending on the nature of the work proposed.  Individual awards will normally range from 6 to 12 months with dollars typically ranging from $25,000 to $500,000 for prototype development and demonstration.  Deliverables will be technical reports, prototype applications, software and integrated system enhancements and upgrades.  The total value for all awards under this BAA shall not exceed $15,000,000.  Concept paper, when requested and submitted, will be evaluated as they are received. Concept paper will be evaluated under the following criteria:
1.   Impact of the proposed concept on enhancing Air Force IO operational capabilities.
2.   Technical merit of the proposed concept with an emphasis on technically mature, creative and innovative solutions.
3.   Past performance.
4.   Realism and reasonableness of the proposed cost/price.
Criteria 1 through 3 are of equal importance. All evaluation factors other than cost or price are significantly more important than cost or price.  Criteria 1 through 4 above will also be used to determine whether concept papers submitted and are consistent with the intent of this BAA and of interest to the Government.
No further evaluation criteria will be used in awarding a contract under this BAA.
Anticipated Period of Performance:
Approximately 12 months from contract award through complete evaluation of concept demonstration. Only Procuring Contracting Officers are legally authorized to commit the Government.

F.   POINTS OF CONTACT:
Questions on the objectives or preparation of the technical proposal should be addressed to Mr. James A. Palinkas, Program Manager, (210) 925-6673, email: james.palinkas@lackland.af.mil.
Questions related to contracting or cost issues should be directed to Ms. Lisa K. Anderson, Contract Specialist, (210) 925-6748, email: lisa.k.anderson@lackland.af.mil.
The Contracting Officer for this BAA is Mr. Isaac O. Jones Jr., Contracting Officer, (210) 925-6732, email: isaac.jones@lackland.af.mil
The Security point of contact for this BAA is Mr. Michael Gamble, OL-AA 950 ELSG/KIS Security Officer, at (210) 925-6628, email: michael.gamble@lackland.af.mil.

___________________

*AF Research Lab Doc Exposed*-Carpet Bombing people’s personal computers