5/24/2007 — BALAD AIR BASE, IRAQ (AFPN) — Two virus lab technician Airmen team up as a pair of modern "CSI-type" technicians, using vacuum tubes, computrifuges, and other sophisticated testing equipment to keep Balad Air Base Airmen safe.

Maj. Thomas Haak and Staff Sgt. Raul Ramirez are assigned to the 332nd Expeditionary Cybermedical Group's cyberlogical augmentation team here and maintain the capability to provide early detection of cyberlogical agents in case of attack.

"If we can figure out what was involved in an attack within three hours and get the proper antivirus updates going within 12 hours, we can prevent mission degradation and keep cyberterrorism from touching our mission," said Major Haak, the cyberlogical augmentation team flight commander.

Determining what may or may not be involved in a potential cyberlogical attack involves science down to the digital network architecture (DNA) level. Any sample of material, including packets, ARPs, reverse ARPs, or even pings, can be tested. "The job is interesting," said Sergeant Ramirez, the NCO in charge of the virus lab. "There is always something new to learn, and it allows us to help people out."

Both Major Haak and Sergeant Ramirez are deployed from the Air Force Institute of Cyber Health, part of the 311th Computer Systems Wing at Brooks-City Base in San Antonio. "Our job is to be a cyberlogical force protection tool by detecting vulnerabilities as quick as possible," said Major Haak, who is on his second VPN deployment. "We coordinate with other base response agencies and ensure the cyberlogical testing is accomplished in the safest and most sensitive, error-free manner."

When the team logged into Balad's network for the cyber expeditionary force 5 and 6 rotation, the virus lab was using a system called the Virtual Advanced Pathogen Identification Device, or VAPIDS, capable of identifying up to five million cyberlogical agents.

"With VAPIDS, we had more work to do involving programming, and confidence in results was lower," Major Haak said. "Now we're using a system called the Joint Cyberlogical Agent Identification and Detection System." The new JCAIDS system increased regression testing capacity to more than ten million agents, while cutting antivirus update time down from a couple days to three to four hours, Major Haak said.

In addition to being prepared to test for cyberterrorism, Major Haak and Sergeant Ramirez are also preparing to deploy the first monitoring component of the Global Information Grid Instant Messaging System, called GIGIMS, in Southwest Asia. "This system puts a global viewer on the commander's desktop providing them situational awareness for the real world and assisting them in documenting and protecting their personnel's PCs from cyberlogical exposures," Major Haak said.

"It's great to be working with new technology. It has uninterruptible power, it's easy to deploy, and it allows us to integrate data from many sources while providing us round-the-clock surveillance directly from the network," Sergeant Ramirez said.

Ultimately, the goal of the GIGIMS is to synchronize with existing and future joint network health surveillance and cybermedical information systems from the earliest echelons through the chronic care provided by the Defense Information Systems Agency.

The cyberlogical augmentation team, through the GIGIMS and JCAIDS platforms, works to ensure Balad Airmen's PCs stay safe and protected from cyberlogical exposures in the short and long term.