To make this website work, we log user data. By using Shephard's online services, you agree to our Privacy Policy, including cookie policy.

×
Open menu Search

Podcast: Five Eyes Connectivity - Cyber

26th September 2019 - 13:02 GMT | by Studio

RSS

Welcome to Shephard Studio’s special series on Five Eyes Connectivity, sponsored by our partner Viasat

Listen on Apple PodcastsGoogle PodcastsSpotify and more.

In the Five Eyes Connectivity podcast special, we look at the changing face of modern warfare across the land, sea and air domains through the prism of three key technology areas: Satellite communications, line of sight data links and cybersecurity. 

This episode, we turn our attention to the cyber world, and consider the paradigm that as militaries become ever more connected, the threat of cyber-attacks from adversaries becomes a serious reality. 

We hear from two major military services, the US Navy and Canadian Army, and learn how they're shaping their organisations to better deal with the new cybersecurity challenges. 

And we speak to our sponsor, ViaSat, on how the private sector is stepping in to assist militaries further develop these technology areas. 

Find Part 1 in our series here

And Part 2 here

To access bonus content, including more detailed interviews with the Canadian armed forces about how it is enhancing its information sharing, click here

_________________________

The Five Eyes Connectivity podcast was created by Shephard Studio in partnership with Viasat. A big thanks to everyone who gave their time to support the project. 

The podcast series features music and effects by: Bobby Cole; Neil Cross; Romolo Komars Diprisco; Jason Donnelly; Michael Genato and Mark Merlino; Ceiri Torjussen

_________________________

A transcript of this episode is below:

Securing networks and the data that they transmit and host is becoming more challenging almost by the day.

Threat actors are proliferating, and the ever-expanding digital real estate used by national defence departments offers new opportunities for attackers to attempt surveillance, sabotage or worse.

As the military's reliance on digital systems has grown and the threats to using computer networks have become more widely appreciated and understood, so increased resources have been directed to cyber defence projects.

To cite just one example from the Five Eyes nations, the US Navy now regards the electromagnetic spectrum and cyberspace as operational domains in their own right.

After a quarter century of global maritime dominance, the US Navy is now being tested by the return of great power dynamics. The service has realised that as it has become more network enabled for tasks such as sensing communications, navigation, and targeting, a concurrent trend is the vastly improved electronic warfare and cyber capabilities now available to potential adversaries at all levels.

Here's Captain Erik Pittman, who is J6 deputy director at US Indo-Pacific command, talking to us earlier this year about the vulnerabilities the cyber realm brings:

Capt Pittman: ‘Looking at the electromagnetic spectrum nowadays is completely different than it was 10 years ago, or 20 years ago, or 30 years ago. The proliferation of technologies, new radios, cell phones, Wi-Fi, satellite capabilities has really turned the electromagnetic spectrum into something that is much more congested, which means that there's much less of it to be used. We need to be able to make maximum use of the electromagnetic spectrum whenever we need to.

‘On the other side of the discussion, the vulnerabilities inherent in cyber-focused warfare, the vulnerabilities of the radio spectrum itself, congestion of the electromagnetic spectrum, means that if we continue to use the same portions of the electromagnetic spectrum over and over again, we see a lot of radars or radios, then our operating patterns and parameters, those frequencies, pulse-widths and so on are known and therefore vulnerable to adversaries.

‘So, in order to make ourselves less vulnerable, the goal is to operate more agilely within the electromagnetic spectrum which from there, we get the term electromagnetic manoeuvre warfare. So, we're manoeuvring our capabilities within the spectrum in order to maximise the continued use of those capabilities and to prevent us from being cut off from the rest of our forces.’

**

Welcome to Shephard Studio’s special series on Five Eyes Connectivity, sponsored by our partner ViaSat.

In this podcast special series, we are looking at the changing face of modern warfare across the land, sea and air domains through the prism of three key technology areas.

In previous episodes, we focused on the worlds of satellite communications and tactical data links, and heard from the Five Eyes grouping of countries: Australia, Canada, New Zealand, the UK, and the US about how they are preparing their militaries for the day the connectivity they have become accustomed may be degraded or denied.

This episode, we turn our attention to the cyber world, and consider the paradigm that as militaries become ever more connected, the threat of cyber-attacks from adversaries becomes a serious reality.

We hear from two major military services, the US Navy and Canadian Army, and learn how they're shaping their organisations to better deal with the new cybersecurity challenges.

And we speak to our sponsor, ViaSat, on how the private sector is stepping in to assist militaries further develop these technology areas.

But first, the US Navy faces a cybersecurity challenge that it describes as both complex and daunting in size.

More than 500,000 computers are connected to its networks, but what the US Navy describes as its cyber platform also includes the ship's hull, mechanical and electrical systems, weapon and navigation systems, as well as the aircraft that operate from the ships.

Here's Captain Pittman again speaking at a forum on cyber at IMDEX in Singapore earlier this year.

Capt Pittman: ‘Electromagnetic manoeuvre warfare, when we start thinking about the ability to actually change what we do in the electromagnetic spectrum, start looking at how things are built, the systems that we've been using up until this point have largely been designed with static parameters. Our radar that we install on a ship, it goes out at a given frequency for the most part. Our radios have a small set of frequencies that they can operate in. They are designed with these static parameters. If your parameters are static, they are therefore knowable.

‘If you are in a fight with somebody and they know what kind of equipment that you have or even where you bought the equipment, they can figure out what the vulnerabilities of your equipment are, and that's not a position that you want to find yourself in. So being able to operate different sets of equipment, to operate in different parts of the electromagnetic spectrum, with the equipment that may be more variable, is part of the practice of electromagnetic manoeuvre warfare.

’Changing the portion of the electromagnetic spectrum that you are using in your pursuit of military action. Here's an example of what the electromagnetic spectrum looks like now according to US law. Obviously, other countries have it divided up differently, which means that ships have a lot to deal with, especially in the higher frequency ranges of the spectrum. We can send a ship from the United States to say, Korea and they may not have the authorisation to use the equipment on board because the spectrum has been reserved for something else in that country.

‘Well, the same thing happens in warfare. We are in an era where the electromagnetic spectrum is exceptionally congested and that in and of itself presents a problem for continuing operations.’

**

But the US Navy is not the only Five Eyes service looking to better get to grips with the new realities, challenges and vulnerabilities brought about by our increasingly connected world.

Colonel Mark Parsons is director of Land Command Information for the Canadian army.

He sat down with us on the side-lines of a land information conference in London earlier this year and outlined the Canadian Army's approach to cyber.

Col Parsons: Because cyber is one of those things that - and as a signals officer, I have been in the Signal Corps now for over 30 years or close to 30 years, I shouldn't date myself - cyber has always been there, but just in different shapes. So, whether we call it the electromagnetic spectrum, whether we called it electronic warfare, elements of those things have been brought together into the cyber domain, but the principles are pretty much the same. So, it has shaped us from both a defensive frame of mind, more importantly of the education of what we actually need to say, "Okay, what are the best practices to make sure that we have a good cyber health?" If you want.

‘And then of course, what everybody wants to talk about, which is the active side and the offensive side is, how do we get the tactical advantage or the operational advantage using cyber when we are deployed. So, definitely, it's something that we have concentrated on in the Canadian Army for the past year, but it is just one pillar of a full approach, a centralised approach that Canadian Armed Forces has been putting forward. We've learned from past experiences of everybody jumping on the really cool thing, doing five or six different variances of the same. We've centralised our cyber efforts under a director general, and then we feed into those capabilities focusing specifically on army applications, whereas the Navy has done the exact same thing. Principles and tenets are the same, but they're looking at their platforms as well.’

**

We will hear more from Colonel Parsons on how the Canadian Army in particular is responding to the cyber challenge later in the episode.

But to outline the threat matrix further from a network provider point of view, let's turn to our sponsor ViaSat to outline the industry perspective.

Ken Peterman is president of government systems at ViaSat. Ensuring the security of data link networks is increasingly a focus at companies such as ViaSat, which is a provider of information assurance to the wide variety of users.

Peterman: ‘We implement cybersecurity as a holistic part of our design and development process so that when we build the network, we build the cybersecurity architecture right into it from the start. That is critically important because bolting a cybersecurity capability onto a network is never going to be as effective as designing it holistically and to be an inherent part of the network design. So that's first and foremost a fundamental difference between how ViaSat approaches cybersecurity and how others may approach it.

‘The second thing is that our global network has a diverse array of users. The internet of things in a household that might involve a refrigerator or a toaster or a teenager doing online gaming or a parent watching streaming videos, that home is a part of our user community and subscriber base, as are luxury yachts, merchant marines, Naval vessels, commercial aircraft, business jets, military aircraft, helicopters. We have businesses, we have hospitals, we have banks. We have a diverse user community that operate on our network.

‘That creates a diverse set of use cases of how our network is being employed, how it's being used by those users. And because we have a diverse user base with a very diverse set of use cases, we see a very diverse array of cyber threats. We probably see the most diverse array of cyber threat vectors of anybody in the world. And as a result, we learn faster than others with respect to how the cybersecurity threat is evolving and how it's changing because we see through a much broader lens the number of cyber threats that are occurring. We categorise those threats and we analyse over 30 terabytes of data in every 24-hour period.

‘We see about four and a half billion individual cyber events in a 24-hour period. So, we are able to apply machine learning and artificial intelligence very effectively in order to characterise these threats, model and understand their behaviour in order to be able to increasingly predict how threats will behave, when they will occur and the types of behaviours we should expect to see in a certain situation. So, we don't just apply a perimeter defence from our cybersecurity perspective, but we implement a defence in depth and we continuously monitor the internals of our network. We assume that the cyber threat will be inside.

‘Then we use machine learning and artificial intelligence to watch the inside of our network, see behaviour, predict behaviour, and then lure these threats that we see into deception networks so that: first of all, they're put in a position where they can't harm our network; but second of all, then we can tease them and stimulate them in order to increase the learning of how that threat behaves. We also create a lack of confidence in the adversary because they're never quite sure whether their cyber actor, their bad actor, is in a real network or is in our deception network. So, it causes them to behave differently, which creates advantage for us, it kind of tilts the scale, so to speak.’

**

Clearly there is a growing recognition of the increasing centrality of cyberspace to Five Eyes' national security and the changing nature of warfare.

Platforms across the air force, army and navies and now integrated with numerous electronic and software systems to enable data exchange.

However, this makes them vulnerable to threats from state and non-state actors that have been rapidly advancing their own techniques.

Captain Pittman outlines the threat environment in more detail.

Capt Pittman: ‘... and the environment that we find ourselves in. We've all seen the news stories, the articles online, we talk about jamming, we talk about spoofing, and we can talk about monitoring. GPS jamming, drone jammers, you can Google those and find them for sale online. Cell phone jammers, same thing. WIFI jamming equipment, satellite jamming is a big problem, especially when you're talking about a ship and how they communicate while they're out at sea. Spoofing we've seen news stories about autonomous vehicles being taken over by less than friendly personnel by spoofing the signals.

‘And monitoring…. By trade, I am a submariner, so I have this mindset where every transmission that you make is a vulnerability. It tells your adversary where your ship is, which may be a good thing if you want them to know and maybe a bad thing if you don't, and also allows them to do analysis on what you do, learn your patterns, your behaviour.

‘And of course, the cyber vulnerabilities that exist on our ships. They are increasingly complex, interconnected systems of systems, networks of networks, well beyond just administrative networks like they used to be where you were dealing with cargo or something like that. Now, ship control systems, navigation systems, aircraft that land on the ship or other vehicles that may dock with the ship, not to mention unmanned aerial vehicles or unmanned surface vehicles.

‘There are all kinds of problems that could be connected to the ship and present a cyber vulnerability. Then as we mentioned, difficult but not impossible, a hybrid electronic warfare or cyber-attack where a control signal is sending a legitimate signal to something, but it's not doing what you want it to do. Somebody else's making it do something, also a vulnerability.’

**

Despite the growing number of cyber threats and their potential to disrupt increasingly connected military operations, it is not all doom and gloom.

As we will hear, services such as the US Navy and Canadian Army are taking the issue head on while the private sector is bringing capabilities developing in the commercial arena to the protection of military networks.

Back to Captain Pittman to explain the US Navy's response.

Capt Pittman: ‘So what can we do about all of these uplifting and exciting problems? Some of the things that we have been practicing in recent years include agile command and control. Having the ability and the expertise on your ships to be able to shift to different communication methods, different command and control methods, to not always use the same one and therefore be predictable and therefore vulnerable. Multiple methods of communications and monitoring. Again, bringing the submarine mindset into the rest of the Navy, and I've had many discussions on that very thing.

‘Limiting the number and duration of your transmissions to those absolutely necessary, practicing, operating that way. Practicing both the shore and the ship, giving and receiving orders that are condensed and not long winded. Trusting the ship to execute the orders. Basically, driving a change in culture in the way that we manage our ships and their captains. And of course, randomising communication windows. If they are semi randomly randomised and coordinated with the shore, but nobody else knows what they are, you are less likely to present an attack vector, less likely to give away your position.

‘And of course, cyber security is always on our minds. We are continuously updating and frequently testing, we are driving penetration tests and things. We are looking for increased ways to increase the training of the personnel, improve their tools that they have onboard their ships.’

**

A further approach the US Navy is embracing is one that is steeped in the distant past when naval fleets were not guaranteed constant communication links back to command headquarters.

Captain Pittman says that the way fleets operated autonomously in the 1950s and 1960s with only minimal guidance and by following broad orders could be applied in any future conflict as a simple but effective counter to an adversary’s cyber-offensive operations. Or in other words, what was old is new again.

Capt Pittman: ‘We keep trying new things and finding ways to increase the reliability and the resiliency of our command and control networks.

‘Being unpredictable, silent running, operating without transmitting for a given period of time, planning things well in advance so that we can do that. Also, mimicking other units. If we make use of electromagnetic spectrum, especially things like commercial radars - if we have military radars that are transmitting on the same frequency, pulse rate and so on, does that help hide us amongst the flow of other shipping? If we need it to, obviously. Basically, we are teaching ourselves to be uncomfortable all the time.

‘What is all old is new again. The way that we used to operate back around the 1950s and 1960s is now the way that we are learning to operate again because we are convinced that continuous connectivity between our ships and the shore is not something that we can rely on, and it's not something that we can plan on in a conflict and therefore, we need to operate like we're not going to be able to use it so that we are proficient if the time comes. And we are practicing these things, not only when it is a planned event, but we are sometimes telling our ships to do it when they had no idea that it was coming to see how the operations go and to practice at all times.’

**

While purposely restricting the amount of data fleets are exchanging may be one way to mitigate the cyber threat, intelligent management of the frequency spectrum is also a critical part of the puzzle.

Captain Pittman describes how AI and machine learning technologies are also being investigated by the Navy to determine new methods and architectures that would ensure continuous information flow in the face of jamming or cyber-attack.

Capt Pittman: ‘And then we do have some technical developments going on. The next DARPA grand challenge involves spectrum management, AI enabled and machine learning enabled systems for frequency management of not just a given ship and its systems, but fleets and other large scale task forces to be able to determine what frequencies are available and change things as necessary on the fly to go quickly, even in the middle of a conflict if, for example we are encountering jamming from enemy sensors and systems… changing what we're operating on to maintain the fight because the fight's not going to stop just because communications do.

‘Use of cloud architecture is very much the rage in certain circles, and we are trying to determine methods where that could be of use in a maritime environment. There are some offerings that are promising, but that is something that is new and not yet fully developed. We are definitely looking to improve our remote sensor netting, being able to use a radar on one ship, send its data to another ship, and use that information as the impetus for firing, say a missile, just as an example.

‘And of course, technology keeps advancing, new radios, new modems, new methods of multiplexing. All of those are being evaluated as methods for us to use in the future to maintain our command and control. And of course, then there is always the part that I don't get to talk about much because giving is good as you get means using all of the bad guys procedures against them. And obviously, we like to keep those particular cards close to the chest.’

**

With Captain Pittman getting as far as he can in an unclassified arena, let's turn to the role that the private sector plays.

Companies such as ViaSat have invested heavily in the automation of network management to help ensure the security of data link networks.

The next step in the technology's trajectory is to apply AI and machine learning so that cybersecurity capabilities become even more responsive.

So not only will the network manager understand what is happening on the network with greater clarity, they can also forecast the kinds of threats that might emerge next and even proactively take measures to deal with them.

ViaSat's Ken Peterman outlines how the military is able to take advantage of private sector investment in this field.

Peterman: ‘Well, what we're seeing is a convergence of the technologies and the cybersecurity approaches in the private sector and commercial market. We're seeing those converge with the military use cases and the military requirements. It used to be that the military requirements were far and away the most difficult, challenging requirements that a network provider or a cybersecurity provider would deal with. But when you stop and think about the security requirements for online banking or for medical care or for video telemedicine and those kinds of things, it's critically important that the connectivity be assured, be secure and that the information flowing over the network be trusted.

‘And that's the same requirement that our military has always had. If you think of the use case of connected cars, think of cars rolling down highways at 80 or 90 miles per hour that have no drivers. Now, the connectivity has to be assured, the latency's got to be low, the information flow has to be trusted. These cars might be moving at high speeds, they might only be 30 or 40 feet apart. So, the cyber defence has to be real. It has to be comprehensive for this kind of a technology to evolve and be put into use.

‘This is the kind of requirement that our military has always had, but now what we're seeing is in the commercial and private sector the same kinds of requirements are coming into play. So, there's an opportunity there. There's an opportunity for the military for the first time to tap into private sector technologies, private sector cyber security approaches, and to readily employ and deploy those to our military uniform users more effectively and more rapidly than ever before. The military is able to take advantage of private sector investment.

‘It's obvious that a multi-trillion-dollar global economy, say in these Five Eyes countries, that enormous investment, private sector investment is going into communications, infrastructure and networking and cybersecurity to support the economies of the Five Eyes countries. And so, our military to a greater extent than ever before, is able to leverage and exploit that. There's a technology dividend that can be tapped into, whereas militaries and defence organisations had to invent these technologies, satellite communications and mobile networking and cybersecurity… they had to invent these things 30 or 40 or 50 years ago.

‘Today, they can rapidly apply these private sector technologies and leverage the enormous investment that the private sector is making in these very same technologies because the requirements are increasingly similar and aligned. And so, there's a technology dividend or an opportunity to be tapped into there in a way that's never been possible before. The other side of the coin is that this technology trajectory in the private sector is resulting in increasing threat vectors because adversaries are using this technology to penetrate and attack dedicated military purpose-built systems with a greater velocity and a greater intensity than ever before.

‘It's imperative that Five Eyes' defence organisations both tap into the untapped opportunity of this private sector, rapid technology trajectory, and they need to do it offensively to empower and enable our war fighters to be more mission effective and operate safer. It enables a great many war fighter capabilities. On the other hand, it's important they tap into that so that they can keep out in front of the accelerating threat vectors that in many ways are leveraging the same technology trajectories.’

**

Despite all the automation efforts currently underway, there is likely to be an important human element in network management for the foreseeable future.

But again, Ken Peterman argues that the scale private providers operate on today as well as the vast variety of threats they have to respond to give such companies insight that military customers are able to leverage?

Peterman: ‘Because we have such game changing capacity in our network, we have the overhead to be able to implement cyber defence in a more effective and exhaustive way than others can. If you're constrained in the bandwidth of the network, it impedes your ability to do things like implement a comprehensive cyber defence. Because we have enormous capacity - 10, 100, 1000 times the capacity of other networks - we're able to implement cyber defence in a much more exhaustive, a much more holistic and a much more a comprehensive way. That's the first thing.

‘The second thing is we see a much broader array of threats, so we learn faster and we have governments, Five Eyes governments come to us to be able to learn what we're seeing. Because if you're only operating a military network, you only see military cyber threat vectors, but we're operating a network that includes medical applications, banking applications, a home video and home applications, as well as military applications and government applications. So, we see a broader array of threat vectors and we're able to learn faster.

‘In many times, we are the first ones in the world to see an emergent malware or cyber threat, and we're able to communicate that to governments and sound the alarm, so to speak, on situations that they've not yet seen.’

**

Indeed, cybersecurity is now such an integral part of military operations that knowing which nodes in the network are trusted and which ones are not, and being able to establish a figure of merit and showing it on a dashboard so that network operators can monitor both performance and security, is increasingly important.

Ken Peterman says the company's approach had allowed it to increasingly get ahead of cyber-attacks and events and implement proactive counter measures often, even before the event occurs.

Peterman: ‘One of the things that I think is important is again, we see cybersecurity as a continuum. We do data capture analytics, we do behaviour analysis, we do probabilistic algorithms to look at how threat vectors are behaving. We do predictive analysis to determine what they'll do next. We apply machine learning and artificial intelligence, and in many cases, that enables us to apply counter-measures and defence before the cyber event happens. So, we're increasingly able to get out in front of cyber-attacks and cyber events and implement proactive measures ahead of that.

‘That's really a game changing approach that we're using across our network. And then because our networks, because we implement a DevOps model in our network and we're constantly improving and optimising network performance, we're also continuously improving and optimising our cyber defence in real time. So, the cyber defence that might be implemented in our network on day one, 30 days or 60 days later, we are continually advancing and changing and adapting our cyber defence to the changing tactics of the adversary. And we do that in real time across our network.

‘We analyse about 30 terabytes of data every day. That's a remarkable amount of data. We're looking at and capturing about 4.5 billion individual cyber events every 24 hours. So clearly, you can't do that with people because people don't scale to those kinds of magnitudes. So, what we do is we implement policies and practice that automatically deal with these threats in real time. And a very small percentage of those threats are actually worked through our filter so that they're actually touched by human beings that do analysis and those kinds of things. And then we adapt and change and improve our policies and our practice and our cyber techniques in order to deal with the new events that we haven't seen before.

‘Now, in addition to that, we have threat hunters, they're like detectives and they sift through all the data analytics and the machine learning. They look at tera and petabytes of data to find individual intrusions, especially the intrusions that we call crown jewels, which are in network elements, subsystems and data repositories that are crucial to our operations. And then we implement policies and practices to foil those or to defend against those. The people that are involved in our cybersecurity team, many of those are these threat hunters or detectives that are sifting through these the metadata, looking for these bad actors.’

**

ViaSat's position allows it to look at security across a broad spectrum of threats, including malware that sometimes attacks the network, sometimes attacks the platform on that network, such as an aircraft or a ship, and sometimes tries to attack an individual user device.

This has enabled the company to develop some innovation solutions, such as its Mobile Dynamic Defence cybersecurity software.

As Ken Peterman explains, the MDD enables security policies to be enforced on an individual user device, even when it is disconnected from the network.

This has advantages over systems that enforce security centrally so that the device has to be connected in order for the security policies to be invoked or changed.

Peterman: ‘Well, the Mobile Dynamic Device protects the individual user device regardless of whether the device is connected to the network or whether the device is isolated and disconnected from the network. So, it has a unique kind of bilateral capability that most cybersecurity characteristics don't have because it is able to protect both when you're connected to the network and when you're not connected. And that's probably the fundamental differentiation in our MDD. We developed it as a part of network warfare and net soldier programs in the Five Eyes countries. We have deployed it in the UK, in Canada, in Australia and the US, in some limited numbers.

‘And part of this is it provides security for our user community, but we're also continuing on the learning trajectory and the evolution as use cases evolve. Then we're adapting and evolving our MDD capability to keep pace with that and maintain alignment with these emergent use cases and emergent threat vectors.’

**

One military service that is currently defining its cybersecurity challenges and procurement strategies is the Canadian Army.

Earlier we heard from Colonel Mark Parsons, who as a reminder is Director Land Command Information.

Colonel Parsons told us that the operation to increase the cyber resilience of the Canadian Army was being led on two fronts, with one key element being that of cyber mission assurance.

Col Parsons: ‘We've let in on two fronts. What we've identified as basically, what I call the alligator that's closest to the boat is about Cyber Mission Assurance, CMA. How is it that we take the known cyber or the unknown cyber threats and apply it against those three parts of a platform? So, we're looking at the command and control systems you're looking at the weapon systems or the weapon platform that's on it. But then the platform itself, all of the, what we call the vetronics, the vehicle electronics that are onboard.

‘And just like if you buy a new car, it's more like a computer than it is more of a car now. That's a critical element that really we never looked at it at the past. So when the commander's tenant is that he wants to be able to shoot, move and communicate, you want all, but the end of state is, as long as his shooting is okay, but he wants to be able to shoot and move for survivability and then he wants to be able to communicate to be able to reshoot again. From a cyber perspective, what we want to do is to address how we are in the capability development perspective, look at introducing new methodologies to capture some of the vulnerabilities that are there. So, it's a really difficult space on several fronts.

‘One is that it's not like you're showing up with everything new and everything is there and it hasn't been used before. So, you've got the legacy fleet that's already in use. And we've been using some of these vehicles since the 1970s. So how is it that we look and validate what is that mission assurance threat that exists on existing fleets? And then as you start introducing new platforms into the army, how do you actually try and catch the vulnerabilities from a cyber perspective as they are rolling out the assembly line and being delivered to the army? One of them is enough, but trying to do both simultaneously is a big job.

**

Colonel Parsons explains that the service had completed the first step, which was to define cyber requirements across the service.

This included the appointment of dedicated specialists while cyber capabilities were written into procurement strategies and common standards defined, so vendors were able to deliver cyber certified equipment.

The army's fleets of legacy vehicles have also been inspected to further identify cyber vulnerabilities. Now, the service is turning to the next step - creating a cyber savvy workforce - which encompasses a number of training strands.

Col Parsons: ‘The second then is to build that workforce. And we are focusing on some of the more critical areas that we have that are close to the boat of specialists that are in the military, but aren't on a day to day basis: which is the reserves. So, there is a lot of leverage that we can have in the reserves for our reservists that do this on a daily basis in their civilian jobs. So, we're providing what we call mission tasks to specific units across Canada that we'll be focusing from an army perspective on a basic looking at that cyber bit. So how do we leverage their expertise and the training that they've all received, make sure it matches in with our ethics and our way of doing business in order to identify these problems?

‘So, they will be given both defensive cyber as well as mission assurance tasks, and be given the ability to do the surveys, the evaluations, the audits and those types of things. Bring all that together and provide it back to the centre so that we're actually getting an edge up. We'll then use that information from the reserves to see and evaluate: how do we establish this full time? How do we make this a part of our day to day operations? And what actually needs to then carry over to the regular force knowing that there are people that are looking at it from a strategic perspective, so that it now becomes a modern state of mind of how we're dealing with cyber.

‘That half that I talked about is the education bit because just like with any other electronic warfare or any other signals intelligence, cyber is one of those disciplines that require discipline. When you're going into theatres, like we are right now in Latvia or Iraq, again, it's all about, how do you keep reminding the soldier, a sailor or air person to say: "Hey, when you see a USB lying on the ground or in the market, you don't pick it up and put it in your computer to see what's on it." That's just health and preventative medicine that you have wherever you go.

‘But from a cyber context, you need to be able to explain to them, “These are the things that will affect not only your mission, but also your family and those type of things.” Because again, social media is one of those things we didn't really have a strong understanding of, or even existed 10 years ago, that now puts things into perspective. So that half is another part of our thrust. How do we get the soldiers educated when they're doing things on hourly basis? And in my case, almost every minute on some type of social media platform. How does that translate when you move over into an operational environment and the best practices there?

‘That's another thrust that I know that the commander is really concerned about. It's just making sure that we're there when they're launching out and coming back to make them understand what they're doing is a very critical to operations.’

**

Over the past three episodes, we have learned about the need to develop the technologies that enable multi-domain operations.

For Five Eyes militaries, this has clearly become more critical alongside the rise of China as an increasingly technological, sophisticated military force and the emergence of an increasingly muscular and self-assertive, Russia.

Resilient and secure satellite communications and tactical data link networks underpinned by robust cybersecurity systems and policies remain at the heart of effective multi-domain operations.

However, despite the huge amount of progress made across the Five Eyes communities, with the cybersecurity challenge in particular causing services such as the US Navy to reshape the way it approaches information sharing, much still needs to be done.

Here's Ken Peterman with a final thought.

Peterman: ‘The challenge is that, in our Five Eyes countries, we have an acquisition community. We have policy and practice as well as a culture that was predicated on the invention of technology. And in many cases, our challenges adapting that culture or transforming that culture to only inventing when we have to invent and applying and adapting and adopting these commercial and private sector technologies, and leveraging this technology dividend and this private sector investment whenever and wherever we can.

‘A great example would be when the US put a person on the moon in 1969. We had to invent enormous numbers of technologies in order to achieve that objective. NASA probably let 10,000 contracts, everything from nuts and bolts to rocket engines to all kinds of things in order to achieve mission success. Today, with the advancement in private sector technologies, you might be able to issue a one-page statement of objective that say, "We'd like to go to the moon and back, who could offer us a ride?" And you might find companies that would bid that on a fixed price basis and say, "We can get you to the moon and back within a year. When do you want to go?"

‘And so, there is an enormously proud culture in organisations like NASA that is justified because they've done remarkable things. But the private sector in many ways has caught up and surpassed and is moving faster, more agilely, with greater investment than these defence organisations are able to muster today. So, we needed to take advantage of that.’

**

The Five Eyes Connectivity Podcasts Special was created by Shephard Studio, and produced by Tony Skinner in partnership with our sponsor, ViaSat.

A big thanks to everyone who gave their time to support the project. Until next time.

Studio

Author

Studio


Shephard Studio works closely with companies and event organisers across the aerospace and defence industry …

Read full bio

Share to

Linkedin