Are Defense Networks Up to the Near-Peer Challenge?
The days of the United States’ stature as a force without equal appear to be over. The threat of near-peer competition with increasingly sophisticated adversaries is growing. As Secretary of Defense James Mattis says in the National Defense Strategy, "America has no preordained right to victory on the battlefield."
After enjoying a period of time without peers following the collapse of the Soviet Union, we now find ourselves facing threats from a slew of invigorated adversaries. Russia, China and even terrorist groups like ISIS have developed sophisticated cyber attack capabilities. Technology is cheaper, faster and more widely available to these enterprising bad actors. Meanwhile, the Army has begun implementing its Multi-Domain Battle concept, which integrates traditional land, air and sea offensives with space and cyberspace initiatives. There is little doubt that other nation states will eventually follow suit with similar plans.
Network administrators must be prepared to deal with this reality right now, particularly when the stakes are so high and communication is so critical. When North Korea launches a missile, for example, a series of calculations—wind speed, arc, projected path and more—must be made in seconds. Information then needs to be relayed quickly to all relevant personnel through reliable and secure communications networks.
Ensuring that adversaries are unable to gain the upper hand requires education.
Defense agency IT professionals cannot hope to defend their networks against near-peer threats without proper awareness of those threats. They must understand what they are, where they are coming from and how they are evolving. Through this intelligence, they can be properly informed with the information required to lay the groundwork for threat mitigation.
The U.S. Army’s Training and Doctrine Command provides publications and resources that federal IT professionals can tap into to learn about the threats posed by adversaries. Although these documents are not IT-specific, administrators can use them to gain a good overview of the potential cyber capabilities of near-peer competitors and gain a better sense of what they need to do to protect their own networks.
This foundational awareness is essential for the development of effective security policies and risk countermeasures. Cyber warfare has evolved from basic Distributed Denial of Service attacks to include intelligence, surveillance and reconnaissance functions. For example, governments now have the ability to hack into operating systems to gain intelligence about military operations—much like Russia did when it tracked Ukrainian military operations through Android.
Agency security technology must evolve along with attackers’ initiatives. Practicing good fundamental security hygiene, including network monitoring, device tracking, patching security holes and other security essentials is important to developing an effective framework. Complementing those with the ability to use forensic data to track intrusions back to their sources and using historical analysis to prevent future attacks are also vital components of a robust security policy built to combat near-peer adversaries.
Frameworks should also be tested. Red team-blue team exercises can help security teams identify potential weak spots and bolster attack readiness, as well as expose vulnerabilities and knowledge gaps in team members. Those gaps can be addressed by offering additional education and building awareness among team members, thereby implementing a continuous cycle of knowledge gathering followed by security fortification.
IT networks may not fire the weapons the Army, Air Force or Navy uses, but they connect all of our armed services professionals with one another and provide them with the information they need to make split-second decisions. Defense Department IT professionals need to tackle the growing near-peer threat head-on to ensure that their networks continue to remain secure and up to the challenge of supporting U.S. military missions.
Paul Parker is chief technologist, federal and national government, at SolarWinds.
Comments