Cyber Resiliency: The Military’s Cyber Plans Will Go Beyond Stopping Attacks
Part of the equation pertains to a recognition that cyber defenses must continue, if not even accelerate and increase in intensity, after an attacker succeeds in gaining some kind of access to a system.
Here's What You Need to Remember: Data itself is, not surprisingly, increasingly becoming a cherished weapon of war. Intelligence information has always been of indescribable value, yet the current ability to change the “speed,” efficiency and precision of the combat-sensitive data transmission is fast evolving as a uniquely modern technical phenomenon.
The flight trajectory of nuclear missiles, targeting accuracy of an Abrams tank 120mm cannon and sharing of enemy location intelligence in real time for any weapon increasingly rely on computer systems.
As a result, the danger from possible cyber-attacks continues to multiply in an exponential fashion. This threat is behind the Pentagon’s current massive push to innovate new cyber resiliency tactics, techniques and technologies.
Part of the equation pertains to a recognition that cyber defenses must continue, if not even accelerate and increase in intensity, after an attacker succeeds in gaining some kind of access to a system. This dynamic forms the key premise of cyber resilience which, unlike a pure cyber-security approach, looks at cyber-defense beyond the perimeter or initial points of entry and boundaries of protection. The two are intertwined, yet cyber-security and cyber-resiliency are also somewhat distinct for this reason.
“A lot of technologies are focused on preventing attacks. We have put together technologies to recover files or recover critical memory. If an attack were to be detected, we want to fight through that attack and recover a system’s critical functions. Our R&D pushes the envelope in that direction,” Jacob Noffke, Principal Cyber Engineer, Raytheon Intelligence and Space, told The National Interest in an interview.
Given these realities, cyber resiliency needs to be multipronged, meaning protections need to involve various aspects of the system, such as hardware, software, operating system functionality and methods, and networks in a coordinated manner.
Noffke explained that Raytheon is now working internally on some new innovations aimed at securing both access to data through a cryptographically oriented hardware device called Boot Shield and an operating system information verification system called Countervail. The plan is to further refine these systems and collaborate with or offer them to the U.S. military services.
“Cyber resiliency involves many emerging requirements and is more than just hardening a system. Advanced adversaries will eventually find a way to gain access to a system, so it is critical for components of computing ecosystems to determine information they receive is authentic,” Noffke said.
While to a certain extent it seems self-evident or even obvious, yet securing data flow between systems, platforms and combat “nodes” continues to take on new levels of urgency, given that AI-empowered technologies, unmanned systems and advanced networking are exponentially improving sensor to shooter time. Data itself is, not surprisingly, increasingly becoming a cherished weapon of war. Intelligence information has always been of indescribable value, yet the current ability to change the “speed,” efficiency and precision of the combat-sensitive data transmission is fast evolving as a uniquely modern technical phenomenon.
For instance, the Army’ recent Project Convergence at Yuma Proving Grounds, Ariz., showed that the service now has the capacity to decrease sensor to shooter time from minutes down to seconds. The breakthrough developments in Arizona could easily be characterized as contributing to a large portion of the Army’s involvement in the Pentagon’s Joint All Domain Command and Control (JADC2) effort.
Army program managers say the intent is “to integrate data management capability to better enable data flow across our networks, which will be critical as sensor to shooter data increases as part of CJADC2. Technology being explored includes AI/ML capability, cloud data storage at the edge, advanced tactical servers and processors and cross domain solutions,” Paul Mehney, Director of Communications, PEO C3T, told The National Interest.
Accomplishing these tasks not only relies upon the secure “transmission” of data but must also enable strong protection of the data systems and computer processing mechanisms themselves. Many weapons developers now recognizing the growing complexity with which cyber defense technologies have been forced to embrace, a circumstance which continues to drive new industry innovators to find new generations of protection technologies.
Kris Osborn is the defense editor for the National Interest. Osborn previously served at the Pentagon as a Highly Qualified Expert with the Office of the Assistant Secretary of the Army—Acquisition, Logistics & Technology. Osborn has also worked as an anchor and on-air military specialist at national TV networks. He has appeared as a guest military expert on Fox News, MSNBC, The Military Channel, and The History Channel. He also has a Masters Degree in Comparative Literature from Columbia University. This article first appeared last month and is being republished due to reader interest.
Image: Reuters