Cyber threats faced by the military
Advancing technology has had the dual effect of improving cybersecurity processes and making cyber threats more complicated and harder to defend against. In recent years high-profile attacks such as WannaCry have put many companies and government organisations on high alert.
Military ambitions for a smarter, more connected arsenal create more potential doors for cyber attackers to enter, creating a need for comprehensive and holistic defence. Fears over foreign powers using cyber-warfare to influence other nations and potentially compromise armies have become a bigger priority for militaries. The Armed forces are increasingly viewing cyber attacks on par with physical threats. Military structures are changing to combat these new methods of compromising security.
The military has been investing in IoT for the last few years. The US Army is investing in the Internet of Battle Things (IoBT), connecting devices across the battlefield to have equipment working as one entity and improving situational awareness. IoT can revolutionise how battlefields work, but they create a new risk where data can be compromised in a number of devices, meaning hackers no longer have a single central computer system to attack, but many entry points.
There is a risk of data from a single device being lost or compromised. With many devices in one network, it could be easy to compromise one while leaving the overall system undisturbed. There is also a risk of data spoofing from any device. This is when false information is sent from a seemingly reliable source. Battlefield awareness could be compromised like this, with fake information about the battlefield being sent, for example, from a surveillance device.
There is also a risk to the overall network. If a hacker can take over one device they can potentially gain access to others. The risk of interconnected devices is that there is no longer one entry point, but many. This can be a golden opportunity for cyber attackers if preventative measures are not taken. As well as threats to the network, the physical destruction of one device could potentially cause far greater harm. If, for example, a surveillance device in one crucial spot is destroyed, this could have a profound effect on an entire operation. There have been previous examples of attackers targeting connected military devices. This can be either to steal information or to dismantle a network of devices.
Both the US DoD and the British MOD have plans for large groups of unmanned vehicles and drones controlled through connected networks and IoT. Attacks on these connected unmanned vehicles could be a big problem, especially if they are used as weapons. The Defence Advanced Research Projects Agency (DARPA) started a project to produce a secure process for multiple Unmanned Aerial Vehicles (UAVs). The organisation was looking for systems that ensured security at all levels of operation, including sensors, platform, platform autonomy, computer processing, and communications. Drones in both the commercial and defence sector have become a target for cybercriminals since they became more commonly used. In 2018, the Pentagon temporarily banned commercial drones in order to patch a vulnerability in their systems. The US has also been wary of Chinese-manufactured drones with fears that data could be obtained by enemy forces. Drones can also be used to initiate cyberattacks. Networks can be attacked with drones carrying equipment to steal or change data.
Drones have been able to highjack Bluetooth devices and spoof data through transmitters. Military facilities have no-fly zones and drone detection perimeters to prevent attacks but powerful transmitters could still pose a threat. Multiple drones working in synchronisation could also be used by cybercriminals, making it more difficult to detect and defend against them. The MAC address of a drone can be altered to evade detection. RF scanners can detect commercial drones based on their brand, but often fail to identify them if they are not triangulated.
Cyberattacks pose a threat to military staff’s personal information. Previous attacks have targeted data on personnel. The increasing digitalisation of personal records poses a risk of cyberattacks. Veterans can be specifically targeted with malware through personal computer systems, often through spam emails and websites. Attackers can use websites that are similar to government sites and offer free downloads. Attackers can even target personal devices such as smartphones and tablets. Scammers also use fake veterans charity websites to encourage users to download apps and information. The malware can then be used to scan the computer’s data and steal information. Experts say that cybersecurity training needs to be improved across military organisations. The US military needs more IT staff, according to a 2017 report from the Defence Contract Management Agency (DCMA). Concerns have also been raised over the security of online databases, following attacks. The Servicemembers Civil Relief Act database has been criticised for allowing scammers to access veteran’s personal information. The database keeps a record of veterans so they can be verified to receive benefits but critics say it has become too easily accessible. Anyone could access personnel or veteran service records through searching a name. It is also feared that enemy forces could target records on troops and veterans. In Australia, concerns have been raised over foreign militaries using domestic technology companies to gain access to army data. Hackers could also target personnel to unwittingly release sensitive military information through online scams.
There have been attacks on military organisations as well as wider government networks. Many attacks are state-sponsored, such as US operations earlier this year targeting Iranian Missile Launch Systems. Cyber attacks are becoming a common feature of warfare, computer systems are a target as they are becoming more crucial to operations. Russia has been accused of tampering with elections and China has been implicated in hacking phones to obtain data.
The Ukranian Military was also allegedly hacked by Russia and the Lithuanian Defence Minister was the victim of a spoofing attack. Emergency services and health providers have also been targeted by denial of service attacks, including the prominent WannaCry attack on the NHS. Cyberwarfare has been used to target ISIS by many western militaries, disrupting communication with coalition forces. In January of this year, the US Department of Justice (DOJ) said that a North Korean Botnet had targeted aerospace companies along with media, infrastructure, and finance.
The US and UK have expressed ongoing fears about Huawei technology in the military. The Chinese company has been accused of being linked closely to the Chinese government, and many countries have discouraged or banned use of its technology, particularly 5G. In Australia, China was accused of using links to universities to compromise National Security. Military organisations such as the Pakistani Air Force, a Swiss Defence Lab, and the Vietnamese army have also been targeted. Defence Industry such as the Australian shipbuilder Austal have also been victims, last year hackers stole ship designs and sold them online.
Military ambitions for technological advancement have to be matched with increased cybersecurity. Attacks on weapons could have disastrous consequences, and cyber warfare is already changing how wars are fought. Cyber attacks mean that national forces with the most capability for cyber infiltration can gain the upper hand. There is an argument for investing in hacking methods as well as taking preventative measures to stop attacks. As they become more prevalent and militaries become more modernised, they are becoming an essential weapon in conflicts of all sizes.
To learn more about cyber security and how your business can stay protected from threats, visit the Cyber Essentials Online website.
If you would like to join our community and read more articles like this then please click here.