recent

By: Arthur Laudrain

The resilience of aerial and space platforms are not the first issue that oomes to mind when cybersecurity is generally discussed. Yet, they increasingly constitute the backbone of our societies, both in the civilian and military worlds.[1] We will address two categories of aerospace platforms: unmanned or otherwise increasingly autonomous vehicles,[2] and geosynchronous objects, such as satellites.

Satellites: a too-often forgotten critical infrastructure

If satellites are not significant components within our mass-communications infrastructure,[3] they are crucial when it comes to meteorology, GPS navigation, high-resolution mapping or outer space surveillance. Satellites are also important for military-specific purposes such as the dissemination of encrypted command and control or espionage. They are, as a consequence, high-value targets through the eyes of cyber-attackers.

If a vulnerability was to be discovered on a geosynchronous object,  it is both technically difficult and expensive to fix or upgrade the hardware. In other words, they are rarely future-proof, especially when it comes to cybersecurity.[4] Thus, the resilience of satellite systems during cyber-attacks is highly dependent on their security by design. This explains why the old GPS satellite constellation of the United States is much less secure than its recent European counterpart Galileo.[5]

Fixing the satellite’s software is significantly easier, since it can potentially be achieved through remote firmware and software updates. However, enabling such a feature raises the challenge of controlling remote access to the core of the system.[6]

The case of military drones and increasingly autonomous weapon systems

Contrary to civilian technologies, one could think that military assets are designed first with security in mind. Yet, cases of either military drones or their supporting infrastructures being hacked are numerous.[7]

For both remotely piloted and autonomous vehicles or missiles, the risks related to cyber threats can be classified as disruption of the system’s availability, compromised confidentiality of sensitive data, and attack on the physical integrity of the system.

Basically, attacks can take on different forms depending on the purpose in which they seek to achieve. Those on availability will attempt to jam or otherwise disrupt communications or control of the vehicle. Attackers seeking to breach the confidentiality of the system will look for vulnerabilities that would allow them to steal or manipulate the data exchanged or stored on the platform. Attacks on the physical integrity of the vehicle usually involve hijacking attempts, which involves actually taking control of its navigation commands. This could be for the purpose of using it as a weapon, or stealing the vehicle for retro-engineering, as it was done by the Iranians when they allegedly jammed the navigation system of a United States RQ-170 drone on December 4^th, 2011.[8]

Finally, the internal system of drones can also be targeted with the aim of using the vehicle as a proxy to gain access to its supporting communication ecosystem. Once the attackers gain access,  they can continue their attack by using a remote malware injection to further disrupt or compromise ground command and control stations. Perhaps this was what happened at the Creech Air Force Base in Nevada in 2011, when their ground command and control computers were infected by a persistent key-logger which may have compromised classified information.[9]

Emerging technologies and platforms

Mirroring the diversity and ingenuity of the threats faced, security answers will increasingly be a mix of hardware and software solutions, designed from their inception to work together. Among them, three stand out: ground-breaking encryption technology, new C4-ISR (Communication, Command, Control, Computer for Intelligence, Surveillance and Reconnaissance) platforms, and artificial intelligence.

Firstly, we are witnessing the rise of new game-changing technologies in the field of encryption and secure communications. One of them, the quantum satellite, is becoming a reality after decades of research. In a few words, it consists of two special onboard lasers that share the quantum property of entanglement, which makes the satellite and the communication flow it handles eavesdrop-proof.[10] The first of its kind, Micius, was launched by China in August 2016.[11] Another example is block-chain technology, which brings the promise of unspoofable virtual signatures and identities, among many other things.

Second, new C4-ISR vehicles are currently in development, namely pseudolites. They are aerial or space platforms with a limited lifeespan ranging from a few days up to five years, and they are aimed at complementing drones and satellites in tasks such as intelligence gathering and dissemination. They can take the forms of large high-altitude solar drones or space zeppelins and are referred as Very High Altitude Long Endurance (VHALE) vehicles.[12] The rise of their development, especially in the US (VULTURE programme) and the EU (Thales’ Stratobus), reflects the need among the armed forces to obtain more persistent yet versatile ISR platforms. Their advantage lies not only in terms of pure technological or tactical superiority. Cybersecurity wise, they can be easily and rapidly fixed or upgraded with new hardware.

Third, the progress of artificial intelligence and deeplearning techniques continues to empower traditional cybersecurity solutions. The cyber-aware sentinel is a combined software-hardware solution deployed both onboard the vehicle and the ground station dedicated to the detection of and protection against cyber-attacks. It is able, amongst other things, to analyse the consistency and integrity of data and navigation orders and to detect unusual or illogical behaviours.[13]

Regardless of the platform or operational sector, cybersecurity is as much a matter of policy and organisational management than it is a technical issue.

Notes:

[1]Rosenzweig (2016), Lawfare

[2]Which includes manely UAVs, but also munition-based platforms such as ballistic missiles.

[3]Valerie C. Coffey (2014), « Sea Change: The Challenges Facing Submarine Optical Communications », Optics & Photonics News, p.31.

[4]David Livingstone and Patricia Lewis (2016), “Space, the Final Frontier for Cybersecurity ?”, Chatham House Research paper.

[5]Ibid.

[6]UK HM Governement (2014), “National Space Security Policy”, UKSA/13/1292, p.2.

[7] http://smallwarsjournal.com/blog/the-‘palestinian-idol’-that-hacked-into-israel’s-drones

[8]Greg Jaffe and Thomas Erdbrink (2011), « Iran says it downed U.S. stealth drone; Pentagon acknowledges aircraft downing », The Washington Post

[9]Unless it came from a simple USB stick, which would be a bit embarassing to admit for USAF. See Brian Prince (2011), “Mysterious Keylogger Infects U.S. UAV Fleet”. Security Week.

[10]Robert Young (2016), « China’s quantum satellite could make data breaches a thing of the past ». Phys.org.

[11]Unclassified briefing by an analyst of the NVAD, the Netherlands’ security services, at Rotterdam, in August 2016.

[12]Joseph Henrotin (2016).

[13]Barry M. Horowitz and D. Scott Lucero (2016), « System-Aware Cyber Security: A Systems Engineering Approach for Enhancing Cyber Security », Insight Journal, Vol. 19, Iss. 2. p.39-42.

Image Credit: Thales Alenia Space – Photo presented by Jean-Philippe Chessel during a conference talk on 2016-03-01 available at https://commons.wikimedia.org/wiki/File:Stratobus_artiste.jpg

By: Cheng Lai Ki

Over the last century, human experiences have progressively benefited from continuously advancing information technology (IT) systems. Within civilian domains, advanced IT services have facilitated the globalized sharing of commercial and financial information critical to the prosperity of private conglomerates. Within governmental domains, IT enabled technologies have supported the distribution and transference of essential diplomatic intelligence critical in the function of national security and international relationships. Collectively, the nexus of civilian and governmental IT systems forms a new spatial environment known as ‘cyberspace’.[1] Like other dimensions of Land, Sea, Air, and Space; cyberspace has progressively been recognized as a new domain of warfare, conflict and thus securitization.[2]

As global commercial and military dependencies on advanced IT systems increase, humankind has witnessed the rise of several new high-function sensory and reconnaissance platforms (i.e. Unmanned Aerial Vehicles) that are critically dependent effective IT systems interacting with geosynchronous space-based platforms (i.e. Satellites). As such, cybersecurity has become the centrepiece of security sector discussions within both commercial and state domains. Nations and non-state actors are accumulating cyberspace enabled tactics and strategies for offensive and defensive operations.  Guided by these broad considerations, most contemporary literature regarding cybersecurity often focus on the technical elements of computer network exploitations (CNEs), the implications for national level topics (i.e. Political Security; Economic Stability) and technical advisories.[3]

While it is important to understand the technical and national security implications, it is also equally important to understand the vulnerabilities and security implications in more specified sectors, such as maritime security as well. These areas remain relatively under-researched and receive minimal media coverage. This four-part series attempts to illuminate and provide insight into these areas within the cybersecurity studies by drawing upon the knowledge of practitioners and academics from cybersecurity and military sectors. This Strife Series analyses these topics from a practitioner’s perspective. What does the cyber landscape mean to them – does it differ from security-scholars? What concerns and issues are faced by practitioners from the various (i.e. commercial; security) sectors? The objective of this article is to illuminate the reality of cybersecurity considerations beyond the theoretical and provide readers with an insight into its practice.

First in the series is Marcelo Malagutti who is the founder and former Projects Director from Fóton Informática, a Brazilian software company specializing in banking automation. Marcelo will kick off the series by presenting ‘software power’ as a complement and alternative to the processing power of supercomputers. Utilizing various practical examples, Marcelo illuminates the software-hardware relationship and the vitality of effective software platforms running on clusters of ‘commodity hardware’ in processing large amounts of information.

Secondly, we have Arthur Laudrain from the French Military who will be exploring cyber-related vulnerabilities of unmanned remote-control and autonomous platforms. The article explores the cybersecurity vulnerabilities of drones and other aerospace platforms. He specifically relates his discoveries to C4ISR (Command, Control, Communication, Cyber for Intelligence, Surveillance and Reconnaissance) platforms and the ever evolving landscape of cyber-augmented platforms utilized by intelligence and military organizations.

The third author in the series is Cheng Lai Ki who will be examining the cybersecurity vulnerabilities of maritime platforms, ranging from seafaring vessels (i.e. Naval Frigates; Cargo Freighters) to oceanic installations (i.e. Oil Rigs). The globalized maritime sector is critical to state expansion, global economies, and national naval capabilities.[4] Here, he specifically explores how navigational systems could be exploited by attackers and the ramifications for maritime operations.

The fourth article is written by Nicolas Castellon, a cybersecurity specialist with the CGI Group who will be discussing the importance of understanding and developing a comprehensive crisis-management infrastructure for cyber incidents. As commercial and national infrastructures are progressively brought online, we need to cultivate effective and rapidly deployable teams for scenarios where entire computerised systems are compromised. As a practitioner himself, Nicolas’ article provides an incredible insight into the operational sides of cybersecurity within the commercial world today.

The fifth article, also contributed by Cheng Lai Ki, concludes the series by examining and outlining the current cybersecurity landscape within professional sectors. In this final article, he aims to firstly addresses emerging threats that are simultaneously affecting the government, commercial and civilian sectors. Subsequently, he will reveal emerging security development trends currently being developed by various companies within the cybersecurity sector utilizinging information gathered from his experiences at the IP Expo Europe 2016[5].

According to Jason Healey, the future of cyberspace ‘is a jump ball, undecided, and it may be more sensitive to state-sponsored technological disruptions than many governments currently understand’.[6] Equipped with new cyber-enabled tools, criminals, militaries and grand-spymasters are potentially able to exploit computer network vulnerabilities in an unrestrained fashion. This could lead to systematic disruptions within critical national infrastructures or obstruct kinetic operations that could have disastrous implications on our physical security. Therein lies the importance to understand practical aspects of cybersecurity outside the general technical and generalized cybersecurity narratives.

About the Author:

Cheng is a graduate from the MA Intelligence and International Security program at King’s College London, his Master’s thesis examined the characteristics and trends defining China’s emerging cybersecurity and cyberwarfare capabilities. He was a finalist at the 2016 Cyber 9/12 Student Challenge in Geneva, contributed to other security journals such as IHSJane’s Intelligence Review and was a Former Managing Editor (Blog) at Strife.

Notes:

[1] Byrant, R. ‘What kind of space is Cyberspace’, Minerva – An Internet Journal of Philisophy, 5, (2001); 138 – 155.

[2] Even, S. & Siman-Tov, D. Cyber Warfare: Concepts and Strategic Trends, (Tel Aviv: Institute for National Security Studies), May 2012.

[3] Anderson, R. J. Security Engineering: A Guide to Building Dependable Distributed Systems, (2nd Eds.), (Indianapolis, IN: Wiley), 2008.

[4] Dutta, S. ‘Securing the Sea Frontier: China’s Pursuit of Sovereignty Claims in the South China Sea’, Strategic Analysis, 29(2), 2015 pp. 269 – 294.

[5] The IP Expo Europe 2016 was an event held in at the London Expo Centre near Greenwich (LDN) that featured multiple tech companies within the areas of Cybersecurity, DevOps and InfoSec. Although fundamentally a sales environment, the event hosted several discussions and keynote speeches by experts within the sector and thus providing valuable insight into the workings of the cybersecurity industry today.

[6] Healey, J. A Fierce Domain: Conflict in Cyberspace, 1986 to 2012, (Vienna:VA, Cyber Conflict Studies Association), 2013; ISNB-10: 0-9893274-0-X; pp. 11.

Image Credit: https://i.vimeocdn.com/video/540928465_1280x720.jpg (Accessed 28 October 2016)