Protecting network centric warfare:
a holistic view of secure communications in the battlefield
Network centric warfare is all about exploiting information superiority to maximize battlespace efficiency and effectiveness by bringing more quality information and warfighting assets to bear. While it is generally accepted that it represents the way forward for successful military operations, leaders need to be aware that it can only deliver results if communications are fully protected.
Without a solid network security strategy and implementation, forces risk being outflanked or disrupted in their mission execution. The first question to consider is how an adversary could attack information flows being used within network centric warfare.
Since information can flow from multiple sources, including sensors, mobile devices, vehicles, ships and aircraft, there is a broad spectrum of vulnerabilities in play. Adversaries can eavesdrop on network sensor data in transit, intercepting communication exchanges between decision makers and shooters, and escalating systems privileges in command and control systems to gain access to troop movement information.
Adversaries can also bring attacks to bear on the integrity of information by, for example, transmitting fake GPS signals capable of deceiving receivers, resulting in troop units going off-course. Or they could launch distributed denial of service (DDOS) or ransomware attacks on a network, rendering collaboration applications or video conferencing unusable.
Any device, anywhere, any time
To guard against these risks, military leaders need to adopt a vision that any device used in their ecosystem could potentially communicate with any other device, anywhere, at any time. There are three areas of justification for taking this approach:
Cost economics
The basic building blocks in network centric warfare are the different battlespace nodes – sensors, decision makers, and shooters. Nodes work individually and collectively to create the value generated by network centric operations, and the cost of devices associated with the nodes grow
linearly with the number of nodes. However, the potential value generated due to the interactions of nodes grows exponentially. From a cost economics standpoint, the more devices forces invest in, the higher the potential return.
Innovation
Driven by the commercial sector, innovation in technologies used in the battlefield continues to proliferate. Moore’s law, which says that computing power doubles every 18 months, shows no sign of abating. The military now has the ability to harness both increasing computing power and the proliferation of applications and tools to gain information superiority in the battlespace.
Operational environment
The proposed vision of any device, anywhere, anytime reflects the practical reality of high complexity and highly demanding operational environments across different domains, whether air, land, sea or cyberspace, as well as different layers, from operations to planning to strategy.
Network centric warfare emphasises the centrality of information as the source of power. Information is the lifeline that sustains the proper execution of military operations, and is disseminated to different nodes for purposes of battlespace awareness and knowledge, orienting and decision making, and executing missions.
Security classification
Information used across multiple domains and layers is not of equal importance, nor does it demand the same level of protection. The purpose of security classification is to provide guidance for data classification decision and the associated level of security protection.
Security classification
Access to information within the different security classifications is regulated by personnel security clearance and usage profiles, which are typically composed of the following factors: physical protection around the users, duration of information protection, degree of Internet access, and access to dedicated hardware encryption services.
1
The user operational environment is key to determining access to information at different security classifications. In the public area where physical protection is low, conversations could potentially be eavesdropped upon while data on computer screens could be captured by surveillance devices. The best practice is that access to information at the high (secret) classification can only be made possible if the physical protection employed is able to guard against electronic surveillance and suppress data leakage.
2
Strategic information such as country defense plans or weapons acquisition would require a much longer duration of protection, possibly up to a few decades. Tactical information, such as targeting coordinates that need to be transmitted to shooters for immediate execution typically resides at a lower security classification, and would only require a short duration of protection.
3
Hardware encryption services are inherently more secure than software as different security countermeasures can be applied on the Hardware Security Module (HSM). An HSM is a dedicated, specialised, highly trusted physical device which performs critical cryptographic operations, including key life cycle management (generation, exchange, rotation), authorisation, ciphering, true random number generation and signing of digital certificates.
4
In wartime the Internet continues to be a disruptive force, and militaries that are able to leverage its disruptive force find themselves increasingly gaining an upper hand against their adversaries. Devices with Internet access have a higher risk of being exposed to cyber breaches and this risk has to be balanced with the potential operational gain and proper security measures.
Plotting secret, confidential and restricted information across these four axes will deliver the holistic view of security classification that is needed to create optimum data protection in network centric warfare. In particular, it will ensure that the highest volumes of information are made available to all decision-makers, while ensuring that it is kept safe from adversaries.
The case for a strong encryption program has never been greater. Contact us at Asperiq to find out more about our unique, quantum-proof encryption technology.
This article is based on the white paper "Lifting the fog and friction of military operations: Why secure communications matter".
Download the full white paper here: www.asperiq.com/fog
