On any given day, the person next to you in the coffee shop, restaurant or bookstore could be a hacker. Not the scary kind of hacker—frequently popularized by movies and the media—but the hackers who are out to do good in a big way. They may be helping the government find and prevent cyber vulnerabilities, or they could be building open source innovations that can save lives in a crisis situation.
These are the “white hat” hackers sought out by the Department of Defense, and intelligence officers like Air Force Maj. Jennifer Snow help to connect these good guys to the right government agencies and programs.
Snow is the Innovation Officer for the Donovan Group, U.S. Special Operations Command’s dedicated future studies team that falls under the J5 strategy, plans and programs directorate. This small, five-member group includes a combination of Navy SEALs, Army Special Forces and Snow, the only USAF intelligence officer. Together they focus on developing future-oriented ideas to inform USSOCOM, interagency partners and government agencies and private industry fellows on ways to stay ahead of the competition in the areas of strategy, capabilities, doctrine, concepts and training. They are a key component of the larger USSOCOM SOFWERX initiative.
“Our hacker network is made up of people from around the world who are looking to contribute by sharing interesting innovations and technology information with our team,” Snow said. “They appreciate the openness and the transparency that SOFWERX offers as well as a public place to easily interact with the government and have open discussions.”
SOFWERX is an unassuming but accessible off-base facility located in historic Ybor City, just up the road from USSOCOM’s headquarters. It was established by USSOCOM as a public-facing intermediary to assist with collaboration, innovation, prototyping and exploration with industry, labs, and academic partners. SOFWERX is designed to address the challenge of agile acquisition in the face of exponentially evolving technologies.
“It isn’t just about providing a space, it’s about listening and teaming,” said Snow. “It’s about the people and in this case, it’s about how we as the government can be better partners to the technology community. They truly want to make a difference. Their currency is a ‘thank you’ and recognition for a job well done.”
These groups were created when USSOCOM saw the need to encourage specific types of innovation, promote new ways of thinking and to help warfighters to become more agile.
“What we started to encounter on the battlefield were creative uses of technology from the adversary side. This was happening at a very rapid rate, which was ultimately creating a sizable gap [for our special operators to quickly respond and adapt to enemy tactics],” said Snow.
Through the Donovan Group, Airmen like Snow are able to strategically and unconventionally bridge those gaps. One of the ways that they were able to do this was by partnering with SOFWERX.
SOFWERX is unique in that it operates outside of military confines; a place where hackers, makers, and operators collaborate to develop innovative ideas for the government together.
“This facility is a space for the command to innovate and provides a public collaborative space where hackers, makers, small businesses and startups with awesome solutions can meet up with government entities with wicked problems,” Snow said.
This simple, yet offbeat, idea quickly gained traction, and before they knew it, pioneering minds worldwide were seeking to join the collaborative.
“Once we started hosting Hackathons, maker fairs, and a bunch of other innovative and collaborative events, word got out and we gained serious attention,” Snow said.
“For hackers and makers, word-of-mouth is how they find out about things. And, because we welcome not just U.S. citizens, but people coming from other countries, we started to gain interest from individuals as far away as Singapore. They would contact us, and if they were in town, show up, and say, ‘Hey, we have this really cool idea, would you like to check it out?’”
Therein lies the beauty of SOFWERX — leveraging partnerships, bridging gaps in community and communications, and providing an incubator for innovation and the development of far-reaching capabilities.
One of those who kept hearing about the positive things that Snow and her team were doing was Airman 1st Class Jeffery Shiao-Kang who’s stationed down the road from SOFWERX at MacDill Air Force Base, Florida.
A services member with the 6th Force Support Squadron, Shiao-Kang’s day job has him assisting patrons at the base gym. However, in the evenings this unassuming Airman can either be found at the University of South Florida completing his graduate degree in information security or coming up with innovative ways to better the special operation community at SOFWERX collaboration socials.
“I found it very intriguing that there is an opportunity to learn and understand first hand unique and complex problems that our SOF (special operations) community is facing, which also affect how policymakers decide in the international community,” said Shiao-Kang. The opportunity is tremendous; I listen, learn and provide small inputs that might change how SOF community can view the problem in different parts of the world.”
Shiao-Kang recently provided those inputs during the 2017 OpenWERX Hackathon, a data science challenge that introduced three particular scenarios that the USSOCOM continually encounters, but whose approach to the situation could be broadened.
“My skills aren’t particularly on the technical side; they are more along the lines of a creative problem solving skillset — but that’s okay,” said Shiao-Kang. “When working with the SOFWERX and Donovan Group teams everyone is welcome because there is a common goal — enhance capabilities and help others.
“Whether I’m providing my cultural perspectives, contributing my understanding of multiple foreign languages, or collaborating with others on complex problem solving plans — knowing that my efforts directly affect the special operations community is a tremendous feeling of accomplishment. I know for a fact that this is one of the main reasons that the partnerships here are so powerful … people truly want to make a difference.”
These types of collaborations are quickly becoming a huge part of the Department of Defense’s approach to problem solving. Similar to the SOFWERX Hackathon events was the DoD’s open invitation to “Hack the Pentagon.”
Hack the Pentagon was an event in which hackers from across the country received legal authorization to search for and identify vulnerabilities and potential exploits in specific Department of Defense networks in return for cash payments; a transaction referred to as a “bug bounty”. More than 1,400 participants registered for the event with 250 eligible hackers submitting vulnerability reports. From the submissions 138 reports were found to be “legitimate, unique and eligible for a bounty,” and ultimately resolved.
The overwhelming success of the program spurred the “Hack the Army” event and introduction of the DoD’s Vulnerability Disclosure Policy — outlining a legal avenue for any hacker to disclose vulnerabilities in any DoD public-facing systems. This policy was a first of its kind for the U.S. Government and one of a variety of new initiatives designed to further enhance DoD cybersecurity.
Shortly thereafter the Air Force initiated its very own “Hack the Air Force” challenge, inviting vetted computer security specialists from across the U.S. and select partner nations to do their best to hack some of its key public websites.
The initiative was part of the Cyber Secure campaign sponsored by the Air Force’s Chief Information Office as a measure to further operationalize the domain and leverage talent from both within and outside the Department of Defense.
The ‘Hack the Pentagon’ extension broadened the participation pool from U.S. citizens to include hackers from the United Kingdom, Canada, Australia and New Zealand.
“This outside approach–drawing on the talent and expertise of our citizens and partner-nation citizens–in identifying our security vulnerabilities will help bolster our cybersecurity,” said Air Force Chief of Staff Gen. David L. Goldfein in an April 2017 press release, Air Force Issues Challenge to “Hack the Air Force”. “We already aggressively conduct exercises and ‘red team’ our public facing and critical websites. But this next step throws open the doors and brings additional talent onto our cyber team.”
One of the major things that Snow has learned through her outreach with the hacker and maker community is that the vast majority of individuals involved are not primarily concerned with making money; it’s simply about the challenge and who they are able to benefit.
“What we are able to provide are wicked challenges that test their abilities. What they provide are solutions that benefit not only the Air Force or SOCOM specific problems, but the broader global communities,” said Snow. “They are able to come in here [SOFWERX] and have both a national impact and one that affects our partner forces worldwide … that’s what’s exciting.
“When you take a step back and observe what exactly we are doing on an international scale, what we are able to accomplish, and who we are able to reach, there are no words to describe the effects. It’s this type of construct and cooperation that will take the Air Force and the entire military to the next level.”
Through outside-the-box projects like “Hack the Air Force” and recurring maker fairs, both the DoD and internal teams like the Donovan Group and SOFWERX are able to gain invaluable information and create partnerships that were once thought impossible. As collaborations developed and trust was built in between the government and the outlying innovation/hacker communities — the possibilities seemingly became endless.
One of those once unfathomable ideas rapidly making its way through to fruition is the Combat Ready Utility Exoskin – Conformal Input (CRUX – CI).
This Air Force Special Operations Command project between the 720th Special Tactics Group from Hurlburt Air Force Base, Florida and SOFWERX designed a thin, flexible touchscreen that can transform skin, fabric, and equipment into an input surface and works with the highly advanced, Android Tactical Assault Kit input modalities.
“Combat Ready Utility Exoskin was a warfighter nomination to SOFWERX. Operators needed something easily customizable that they could use in the field to interface with their ATAKs,” said Snow. “The solution developed by Dr. Joanne Lo, another SOFWERX “drop in” innovator, does this by using flexible sensors that can be placed on the skin like tattoos or incorporated into fabric to provide a functional display screen that the operators can rapidly access and manipulate even with gloves on.”
Recognizing the “next level” possibilities and partnerships that the SOFWERX team has been continually cultivating is Gen. Stephen W. Wilson, the Vice Chief of Staff of the U.S. Air Force.
According to Snow, Wilson recently received a briefing on SOFWERX and was so impressed with the model that he then sent Dr. Brian Maue, an Air Force capabilities analyst down to Tampa for two weeks. Maue studied the SOFWERX model, ultimately soliciting the assistance of the team to help stand up an AFwerX in Las Vegas with a second cell in Washington D.C.
The Donovan Group has opened up lines of communication with many major corporations like Intel, Planet, Google, and Space X. Because of the way that Snow and her team are approaching innovation and how transparent they remain, private companies are even beginning to open up their private laboratories to the group coming to be known as the “Friendly Feds.” They also paved the way for the newly established AFwerX, which now specializes in facilitating the collision of ideas and collaborations between individuals, industry, academia, and the Air Force.
“The idea is by openly collaborating across government agencies with the technology community and industry partners that we can all get further faster together. That’s what SOFWERX and the Donovan Group are all about,” said Snow.
Because of the way that Snow and her team are approaching innovation, their accessibility to the public and their operational transparency, the teams are coming to be known by hackers and industry alike as the “Friendly Feds.”