How military networks can strike a defensive position
There’s no disputing our ‘networked’ society has brought huge advances in how we as a society organize things, communicate and do business. And as anyone with even a passing knowledge of the defense industry will know, these advances have become increasingly central to how defense forces operate.
Like civilian networks, military ones continues to develop rapidly. They are required for C5ISR (command, control, communications, computers, intelligence, surveillance and reconnaissance). Networks can now carry even more real-time information, data and sensors from multiple sources and defense applications. Applications that include sensor-to-shooter, situation awareness, real-time video, remote radio control, converged services and air-ground-sea integration.
This is what’s meant by ‘network-centric warfare’: the ability to know first, understand, decide and act, rapidly.
As military computing and networks become ever-more complex, so do the technical sophistication, resources, tools and technologies of adversaries. It’s like a digital network arms race. So securing the network against the threat of cyber-attack and subversion becomes critical. Which means more than just keeping up with the metaphorical hacking Jones’, but keeping one step ahead of them.
Know your enemy and their motive
With so much depending on the network, armed forces need particularly strong network protection, not just from conventional battlefield forces, but also from other types of enemies. So who are we talking about?
Think bored teenagers in their bedrooms looking to make a name for themselves. Or hacking collectives such as Anonymous and LulzSec. Or state-sponsored cyber terrorists like Bureau 121, Fancy Bear and Dragonfly. Or highly organized and resourced national cyber warfare divisions. Plus, there’s the threat of an ‘inside job’. And each of these may want to do different things, such as bringing the network down, or stealing data, or listening in to communications, or manipulating data to sow misinformation, or, worst case scenario, taking control of assets or weapons via the network.
That’s a lot of ‘whos’ and a lot of ‘ors’ in that last paragraph, so what’s the solution? Well, we think on one hand it’s about securing the network against physical and logical attack, so protecting both data and operational technologies. And on the other hand, enabling the network to identify and react to real and potential threats.
The best offense is a rock-solid defense
To make that happen, we recommend defense forces looking to create strong networks do three things:1. Conduct a risk assessment of potential physical and logical vulnerabilities
So assessing the risk of physical network elements – from mapping exposed or vulnerable parts of the network and those who might do harm to it to identifying vulnerable network points, devices, applications and systems.
2. Create a mitigation plan for each identified network vulnerability
This could mean a wide range of solutions based on strategic and tactical objectives – from laying fiber deeper underground or adding intrusion detection and protection systems to guard remote or unmanned sites.
3. Implement the right network protection across the right network layers
All network layers are vulnerable, but different layers can be manipulated differently. A rock-solid defense requires a coherent, multi-layer approach that encompasses:
- Fiber and Layer 0 – intrusion and manhole penetration and tapping detection
- Layer 1 or optical encryption – renders data unreadable, adds no latency, eliminates threat of fiber tapping.
- Layer 2 and 3 – includes network segregation and segmentation allowing high-secure multiple independent networks to run over the same infrastructure, as well as layer 2 and layer 3 encryption to protect data crossing the network.
- Layer 4 and above – includes Unified Threat Management (eg, antivirus, anti-spyware, anti-spam, network firewall etc) into one all-inclusive, package. Plus authentication and application control to manage, monitor and identify user access.
Whatever solutions you choose, each has to be robust enough to meet the standards and criteria of defense forces. In this regard, ‘battle-proven’ is best. Also, any solution has to be tailored to the myriad applications and systems any one defense force might use, but also to meet the threats posed by an often unconventional and unpredictable enemy. Whether defense or offence, what is clear is the need for end-to-end protection from a variety of physical and logical attacks at every layer of the network.