Protecting the Protectors (Part III)
November 2, 2021
Protecting the warfighter with cybersecurity measures
By: Alan L. Lewis
As I alluded to at the onset of the Protecting the Protectors blog series, it’s essential for America’s defense industry to equip our warfighters with mission-critical technology and solutions to counter existing and emerging threats and protect military personnel, civilians, and vital infrastructure worldwide. Part I discussed Satellite Communications (SATCOM) safety in system-level design, and Part II highlighted some enemy countermeasures relative to SATCOM. Another worthwhile consideration to accomplish the ideal of providing protective measures for our Warfighters is cybersecurity.
As the DoD’s systems and networks become more interconnected and collaborative, greater and faster access to mission-critical data is made possible. Warfighters rely on these communications systems (including SATCOM) for in-theater situational awareness. Commanders rely on these systems to make quick, agile mission decisions. The timely transfer of vital orders and bi-directional dissemination of perishable information is essential during combat or training exercises. This increased interconnectedness, however, gives the enemy a larger attack surface on which to execute electronic and cyber exploits against our networks, sensors command and control, and IT infrastructure. The volume of cyber-based attacks is increasing exponentially, and hostile actors’ methods and tools are becoming more sophisticated.
A cyber approach, capabilities, and methods to counter cyber threats ensure networks containing sensitive information regarding capabilities, locations, operations/ missions, plans, etc. remain secure, thus protecting the warfighter. Maintaining robust cyber hygiene practices can ensure optimum system health and strengthen online security. For basic “cyber housekeeping” we must lean on the National Institute of Standards and Technology’s Cybersecurity Framework guidance and Department of Defense Cybersecurity Analysis and Review, a framework that performs threat-based, cybersecurity assessments on architecture. MITRE ATT&CK™, a globally accessible, centralized repository of known techniques and attacks that adversaries use to exploit systems should be used in tandem with other cyber hygiene practices.
SATCOM designers must work to protect the most vulnerable components of the SATCOM ecosystem—the satellite to ground link, or the transmission element. The satellite to ground link is susceptible to kinetic attack, jamming, interception, or other degradation; therefore, actively developing new techniques and technologies to counter these challenges is important. Three of the greatest SATCOM vulnerabilities include credential compromise, Denial of Service, and attacks on supply chain.
A transport virtualized ecosystem allows rapid development of solutions interoperable within the warfighter’s operational architecture and Cyber-Resilient within the theater. By having a true virtual development environment, defense industry engineers must develop cutting edge secure communications capabilities, like quantum-based communications for quantum key distribution, making eavesdropping by rogue actors virtually impossible. These capabilities can be tested with other components within the virtualization of network capabilities (i.e., modems, routers, switches, etc.). This enables the Cyber Test and Evaluation teams and developers to not only harden the system, but also evaluate adversarial attack tactics and techniques in a controlled, repeatable scientific manner.
Securing Against Cyber Attacks
Figure 2: Prominent SATCOM Vulnerabilities
Conclusion
Enemy cyber assault problems are broad and diverse. The solutions are complex and must be laser-focused to effectively mitigate the risks. Solution providers would be wise to employ a cadre of cyber professionals who can address the far-reaching implications of compromised networks, stay well-informed regarding the evolution of DoD cybersecurity policies, and adopt best practices to keep information secure—offensively, and defensively.
By Alan L. Lewis, CP APMP, Senior Proposal Manager at Envistacom
Subject Matter Expert Contributor: Steve Reeder, Sr. Architect (Cyber & Engineering)
