The U.S. Army’s new “network” is already introducing new combat dynamics by virtue of bringing an ability to connect armored vehicles, drones, helicopters, and dismounted soldiers on a single data-sharing system, a scenario which multiplies attack options, shortens sensor-to-shooter time, and integrates targeting sensors.
There are, however, substantial new risks attending these added advantages, given the growing extent to which weapons systems are interwoven by computer networks. Greater interoperability, range and intelligence-sharing capability also increasingly introduce a need to safeguard or “harden” these networks.
“We have to be able to defend our network and defend operations in cyber. Cyber is a critical part of every single program we bring together. This allows us to compete at a threshold below armed conflict,” Gen. Joseph Martin, Vice Chief of Staff of the Army, told an audience during a recent event at the Foundation for the Defense of Democracies.
Increased networking can also mean a potential intruder can do more damage through a single point of entry, potentially making more combat-sensitive data vulnerable. This means the Army is taking new steps to prevent radio “jamming,” cyber network “hacking,” GPS-signal disruption, and other kinds of enemy interference from compromising integrated combat operations.
There are many elements to these kinds of hardening efforts. One of them starts with cloud migration. By enabling improved access to data in real time across otherwise segregated or dispersed “nodes,” cloud connectivity is already both enabling the Army network and changing combat tactics. As part of any cloud migration, developments are viewed through a two-fold lens; while the cloud brings unprecedented advantages, data pooling and sharing requires additional cyber protections. Should an intruder gain access to a portal of some kind, and have an ability to penetrate portions of a cloud-enabled network, greater volumes of data could be vulnerable from a single point of access.
However, cloud operations can also quickly implement new security measures such as fixes, patches or hardening technologies across a wide sphere of locations, and therefore quickly improve security more broadly across the network. A cloud-enabled security upgrade could simultaneously improve multiple nodes in need of cyber protection. Yet another security-enhancing technique, as described by Army Acquisition Executive Dr. Bruce Jette, is to both enable access while also maintaining an ability to segment or “scale” available data depending upon need.
“By properly scaling where you retain data and how much you replicate and update the protocols you can mitigate a lot of the risk issues that are there today,” Jette earlier this year in an interview with The National Interest.
Building cyber resilience into platforms is yet another large piece of this, as weapons developers can analyze potential vulnerabilities early in the developmental process. Prototypes could, for instance, be tested against advanced cyber threats in order to identify and address potential weaknesses. This is often referred to as “baking in” cyber protections. There is an intelligence component to much of this, as Army weapons developers seek to replicate, anticipate and predict possible enemy attacks in order to identify areas of needed improvement. Much of this hinges upon engineering weapons systems with the requisite technical architecture to ensure software upgrades. Update software integration can at times enable a weapons system to be less penetrable to enemy attack.
Kris Osborn is Defense Editor for the National Interest. Osborn previously served at the Pentagon as a Highly Qualified Expert with the Office of the Assistant Secretary of the Army—Acquisition, Logistics & Technology. Osborn has also worked as an anchor and on-air military specialist at national TV networks. He has appeared as a guest military expert on Fox News, MSNBC, The Military Channel, and The History Channel. He also has a Masters Degree in Comparative Literature from Columbia University.
This article first appeared in September 2020 and is being republished due to reader interest.