Defending the Fifth Domain
Briefing with 3eTI
Defending military assets from attacks generated through the digital cyber domain means that traditional battle domains – air, land, sea and space – now have a fifth operational category, cyber space. Defending this fifth domain is only going to become more important as military platforms and systems increasingly adopt net-centricity as a central tenet of operation.
Strategy Analytics’ lead defense analyst, Asif Anwar, caught up with 3eTI’s president, Benga Erinle, to discuss a range of issues including how the move towards net-centricity in military operations needs to be balanced with the threats from cyber-security, the impact of budgetary constraints on developing a coherent cyber strategy and linking future cyber requirements with electronic warfare.
How will the move towards net-centricity in military operations be impacted by threats to cyber-security?
The defense establishment has to be efficient and the advent of IP-based communications has opened up new ways of communication. The military has to leverage IP for C2 (command and control) applications, especially as there is increased implementation of sensors in conflict to direct efforts more intelligently in theatre. The move towards IP-based communications therefore offers immense value to the defense community and net-centricity is simply the continuing evolution for military operations in the IP domain.
However, as communications and other capabilities move to the net, this opens up the risks and vulnerabilities associated with operating in cyberspace and therefore it is necessary to employ the right mix of security. As an example, the Global Information Grid (GIG) is an all-encompassing communications project of the United States Department of Defense specifically designed to support a Network-Centric Warfare (NCW) doctrine where compartmentalization moves toward interconnectivity. Building out networks such as the GIG also requires security but rather than tagging security onto networks the emphasis needs to be on weaving security into the network fabric.
Another example is the US Navy’s CANES (Consolidated Afloat Networks and Enterprise Services) program designed to consolidate and enhance multiple legacy C4I (Command, Control, Communications, Computers, & Intelligence) network programs on naval platforms. It will provide a common computing environment infrastructure for C4I applications that currently require system specific infrastructure to operate legacy systems. Northrop Grumman was recently awarded a $37 million contract for a production and limited deployment phase with options that would raise the cumulative value of the contract to $638 million, if all options are exercised. Northrop Grumman's MOSA-C (Modular Open Systems Approach−Competitive) approach is a strategic business and engineering process that realizes the life-cycle benefits of open-systems architecture and commercial off-the-shelf (COTS) components and software. The company has employed extensive testing to verify "plug-and-play" modularity to meet CANES current and future requirements.
The US also recently stood up USCYBERCOM, which is charged with pulling together existing cyberspace resources, strengthening capabilities and ensuring assets are protected over host-based security systems to ensure that threats and vulnerabilities are identified and counteracted. Other initiatives include DIACAP (DoD Information Assurance Certification and Accreditation Process) by which information systems are certified for compliance with DoD security requirements and accredited for operation.
3eTI is supporting the move to net-centricity and aims to weave cyber security into net-centricity for defense networks. The company has deployed its virtual perimeter monitoring systems, based on its VirtualFence solution, with the US Navy and received approval to operate. 3eTI builds out a network which provides baseline security and has the flexibility to allow additional sensors to be incorporated. By establishing a wireless cloud over a base, 3eTI is also providing solutions such as Energy Guard system that can be used monitor energy usage, allowing even legacy, standalone control industrial control/energy sensors and systems to be layered into the network while maintaining independent operation.
Are military networks ready for IPv6?
DoD mandates for IPv6 mandates have been out there for close to a decade and the primary challenge for the defense establishment now is to execute a seamless transition. There is currently a lot of work ongoing across the military enterprise to ensure all systems are IPv6 ready.
One of the first steps is equipment readiness and 3eTI strategy ensures products are on approved product lists and have undergone certification efforts to ensure they are IPv6 compliant.
What will be the impact of budgetary constraints on developing a coherent cyber strategy?
Recognizing that critical infrastructure has to be protected and secured, the US government is looking at a range of initiatives on Capitol Hill with a number of cyber security related bills. From 3eTI’s perspective, the protection of critical infrastructure requires hardware and software used in the network to be subject to independent verification.
In the defense sector the focus on cyber security is nothing new however and information assurance has been a core requirement for decades. The move towards net-centricity will mean that it will conceivably not be possible to perform missions without ensuringcybersecurity. This suggests that cyber security will need to be a mainstay even as budgets constraints impact other aspects of a program programs.
Is it possible to link future cyber requirements with EW?
Electronic warfare has been used to control the RF spectrum within which armed forces are operating. This can be in the form of as well as denying the use of that spectrum to opposing forces and attacks at the physical/RF layer to ensure C2 operations and allow one side to leverage the capabilities at their disposal.
While the primary goal of USCYBERCOM is to strengthen capabilities and ensure assets are protected from threats and vulnerabilities, high profile examples such as the use of Stuxnet also demonstrate how cyber capabilities can be used to disable enemy facilities. The use of cyber is also seen in changing strategies in wartime scenarios. Where previously the focus was to use kinetic warfare to take out radar, communications systems as well as critical infrastructure, more recent conflicts have seen these facilities disabled using cyber.
3eTI sees a convergence of physical/RF and cyber exploits moving forwards and products will need to be resilient enough to handle both types of attacks. Examples of DoD/DHS collaboration point to the establishment of processes to assess both physical/RF and cyber defenses with the move towards net-centricity driving a requirement for companies such as 3eTI to work closely with their customer base to ensure that there is a rigorous evaluation of security of both the network and the devices operating within the network.
Who are the primary competitors for 3eTI?
3eTI sees many aspects to cyber security and the multidimensional nature of the problem requires a range of capabilities and technologies. By being part of Ultra Electronics, 3eTI is able to bring these broader capabilities to market, an area in which 3eTI believes larger integrators struggle to provide a complete solution. Specifically, 3eTI sees four areas of cyber, namely:
- Data defined as the information in the cyber domain
- Devices are the technology on which data is processed in the cyber domain
- Networks are defined as the connections and communication traffic between devices in the cyber domain
- People - the participants within the cyber domain
A vendor must be able to guarantee availability, integrity and confidentiality across these four categories while bringing together a range of technologies that protect, defend, assess and allow recovery for the various cyber domain components.
While there are specialty companies that focus on specific elements, 3eTI believes the company is uniquely positioned to bring the required multiple technologies to enable not only C2 capabilities but also expand to C6I include cyber while ensuring the reliability and integrity of networks and providing effective training and processes for defensive and offensive exploits. For example, while General Dynamics competes at the secure wireless level, 3eTI expands beyond wireless to encompass wired networks also.
Outside of specialty companies, the capabilities of larger defense contractors such as Northrop Grumman, Raytheon and Thales are still evolving; and 3eTI believes the company’s ability to ensure the integrity of devices, maintain network security as well as guarantee confidentiality and availability positions the company as a market leader.
What will be the impact of the “Internet of things”?
As more devices establish IP connectivity, the challenge for the military establishment will be effectively harnessing the efficiencies that can be enabled by adopting a net-centric approach, while recognizing the vulnerabilities that will come from having devices constantly broadcasting. A successful strategy will require recognition of these vulnerabilities from the outset when budgeting for costs and establishing processes to implement net-centricity. Cyber-security will need to be woven into devices and networks, and this will become even more important in the face of declining budgets. It will not be cost effective to implement security on a case-by-case basis or to add security as a bolt-on solution after the devices and/or networks are in place.
Furthermore, if security is not implemented from the outset, then other regulations will follow dictating the use of devices and networks that will potentially dampen the efficiency gains that can be achieved through moving towards a net-centric domain.
This means that the deployment of a solution will need to focus on requirements and also security from the outset, to offset the potential vulnerability faced by stove piped systems that are now being integrated into a large enterprise environment. This is being recofigured by the military establishment and solution suppliers. For example, the CANESRfP carried a provision not only to provide effective integration but also effective security so that transmission between nodes not only will be secured but also monitored.
3eTI is using the same methodology to provide monitoring of legacy energy systems and facilities for the military and defense establishment with its “Energy Guard” product. “Energy Guard” takes legacy systems and facilities and brings them into the enterprise and IP environment with built-insecurity.
What will the strategies for cyber look like moving forwards?
The issue of cyber defense or offense is a complicated one. Historical war fighting strategies typically meant that penetration of borders, attacks on infrastructure would be considered an act of war. While cyber attacks on systems and companies are in many cases being generated from a state sponsor, the extension of a declaration of war to cover these attacks is still under discussion.
This issue is being addressed though not in the public domain at this time. In the meantime, the strategy of most governments including the US remains focused on ensuring defensive capabilities are in place since, engaging a threat directly may not necessarily be the most effective way of combating attacks and a more effective solution may be to ensure networks are invisible. As well as building networks and monitoring attacks, this is part of the strategy proposed by 3eTI with solutions like the company’s proprietary DarkNode technology that “cloaks” the presence of sensitive systems, making systems impervious to hacking, pinging or other compromise.
3eTI, an Ultra Electronics company (www.ultra-3eTI.com), helps protect critical networks and the information they handle. Federal and defense agencies, and industrial companies turn to 3eTI for military-grade solutions that ensure a secure and resilient cyber environment:
- CyberFence technology creates an impenetrable cyber perimeter while enabling information transport across commercial networks.
- The EtherGuard family of products provides high speed data encryption for enhanced performance and reliability, along with impenetrable multi-key data security that enables the ultimate in secure applications for DoD network operators.
- Proprietary DarkNode technology “cloaks” the presence of sensitive systems, making systems impervious to hacking, pinging or other compromise.
- EnergyGuard, a secure energy management solution, that will enable a defense-in-depth framework for ensuring energy security
3eTI cyber security solutions are designed to function in the most rugged and demanding environments and meet all DoD and federal agency security requirements.
Olugbenga (Benga) Erinle
President , 3eTI, an Ultra Electronics company
A co-founder of 3eTI, Mr.Erinle has more than 25 years experience in aligning technology to the needs of business and in transforming start-ups into viable business organizations. He has an excellent track record of building new business segments, achieving revenue and profit growth, securing customer loyalties, shaping new business opportunities and transitioning such into repeatable business. Mr.Erinle is very effective at transforming technology concepts into sustained Federal / DoD programs including the leveraging of Congressional / Government Affairs to establish new programs. He has demonstrated core competency in Federal Contracting with 20+ years of federal contracts experience. Prior to joining 3eTI, he led AEPCO, Inc.'s Navy Networks division including developing a significant role for AEPCO in the Navy Smart Ship program. He has also managed contracting efforts with the Departments of Defense, Homeland Security, Energy, and Transportation.
Recently, Mr.Erinle, was appointed by NATO’s Civil-Military Planning and Support Section (CMPS) and the Euro-Atlantic Partnership Council (EAPC) as an Electronics Communications Expert in Critical Information Infrastructure Protection (CIIP). As a selected Subject Matter Expert (SME), Mr.Erinle will provide technical advice and guidance on protecting Information and Communication Technology (ICT) and Critical Information Infrastructures (CII) systems and services which are relied on by millions of people around the globe and that are crucial to successful threat deterrence.
Mr.Erinle holds an MBA from the University of Maryland, a B.S. in Electrical Engineering from Howard University, and a B.S. in Mathematics from Bowie State University.