On April 1, 2001, a United States Navy EP-3E ARIES II signals intelligence aircraft and a Chinese People’s Liberation Army Navy J-8II interceptor fighter jet collided above Hainan Island, China. Per protocol, the EP crew scrambled to destroy sensitive key-management data onboard the aircraft. However, the team was interrupted by opposing soldiers, and as a result failed to destroy cryptographic keys and other highly sensitive information on the plane. In a matter of seconds, U.S. secrets were in the hands of another nation, including intelligence documents, NSA employee names, defense plans, and other confidential documents.
This exposure of information set back U.S. intelligence enough to impact the nation’s defense strategy for years. Had this aircraft been equipped with hardware-embedded cyber defense capabilities such as instant secure erase (ISE), the complete compromise of sensitive data could have been prevented — U.S. troops would have been able to destroy the data with the press of a button. Solutions that integrate with ISE capabilities built into modern hard drives would have protected this sensitive data.
In 2013, Edward Snowden, a former contractor for the CIA, left the U.S. after sharing quantities of classified details about extensive internet and phone surveillance by American intelligence. Once again, the consequences of this disclosure had a chilling effect on U.S. intelligence missions. In 2017, WikiLeaks published a series of documents claiming that the CIA hacked users’ devices exploiting zero-day vulnerabilities.
Looking back, we know those data dumps could have been detected and prevented. With an integrated user and entity behavior analytics policy management protocol, excessive downloads would be detected and an information rights management solution would prevent the extraction of data or remotely destroy data when needed.
Today we’re well into an era where everything is data-driven, including the confidential information contributing to some of the nation’s most important military decisions. This problem impacts many grid-modernization markets, such as power distribution. Traditional perimeter security and even moving to the cloud isn’t enough — securing the sheer volume of data being transmitted and collected has to start at the hardware level.
Secure Data in Action
It’s mission-critical for military formations to communicate and transmit data across platforms and up and down the chain of command. However, this broadens the attack surface, creating openings for various data security threats — including the enduring danger of equipment-tampering, whether from the unintentional purchase of counterfeit equipment, hardware intercepted and compromised in-transit, or evolving attacks on data-in-motion, and on network locations that aren’t well-monitored.
A robust integration of hardware roots of trust that can maintain a cryptographic list of trusted components and detect any malicious tampering will help prevent and alert users to compromised systems. Counterfeit equipment, on the other hand, can only be solved by a mature supply chain integrity review process that ensures the equipment is sourced from and provided by trusted suppliers. Furthermore, comprehensively safeguarding against counterfeit goods requires integrators to perform holistic checks when they receive equipment for assembly.
The “guns, guards, and gates” mentality for security has shifted. Given the massive amounts of data produced and consumed by military systems and networks, it’s no longer a practical way to approach data-protection. Safeguarding today’s systems requires the integration of core capabilities, including encryption, key management, attestation services, and data-at-rest and data-in-transit security measures along with active information monitoring. Integrating these capabilities, which are available in today’s hardware components and operating systems, and from security software vendors, can better ensure confidential information remains contained in the event of an emergency or cyberattack. These core capabilities enable a system to be hardened with active configuration management, which decreases the likelihood of a successful malware attack and increases the ability to detect insider data theft or tampering.
As they prepare to deploy to dispersed locations around the world, commanders increasingly are turning to COTS-based computing hardware as a way to provide IT-based capabilities in transit and in theater. Under the ongoing threat of equipment-tampering and evolving attacks on weapons systems’ data-in-transit across military networks, there is a need for streamlined, trusted, and secure servers rugged enough to withstand extreme tactical environments and demands. While outfitted for military use, these technologies increasingly are integrating tools favored by the commercial sector, particularly the financial services industry. That includes broader adoption of machine learning and artificial intelligence to execute a range of functions, including detecting abnormal behavior, automating virtual resources, establishing a robust baseline for scalable deployment of trusted systems, and implementing encryption and access control.
Consider, for example, a forward-deployed special operations team that is dispersed across the globe. As they move through and operate in zones where there will be inevitable attempts to compromise their systems and data, it’s critical they can communicate about sensitive matters without risking detection or unintentionally releasing information. The ability to encrypt communications and render data useless to an adversary when needed is a force-enabler in this scenario — and in untold other military and intelligence operations.
Tactical operators can also benefit from cybersecurity solutions in rugged hardware on the ground. Small command posts, for example, are continuously coordinating intel and other classified information. That data sits on hard drives and networks in storage and needs to be encrypted and cloaked, with the ability to wipe the data in the event of a compromise. Through the use of network attached storage (NAS) solutions that provide instant data destruction, dual layers of encryption, and integrated key management, operators can better secure highly confidential data, both in storage and in transit, at the hardware level. Leveraging Trusted Computing Group Opal Standard-compliant hard drives that have completed FIPS 140-2 cryptographic review of the NAS enables the use of cryptographic data erasure that’s in line with NIST 800-88 Guidelines for Media Sanitization.
Securing the Supply Chain
To deploy cybersecurity at the hardware level, it’s essential first to ensure the hardware was developed securely and isn’t vulnerable itself, by gaining full visibility into the supply chain. Unfortunately, according to a National Defense Industrial Association survey, less than 60% of small and medium-sized defense contractors even read the Defense Federal Acquisition Regulation Supplement (DFARS), which specifies the bare minimum security standards for contractor information systems. This general unpreparedness can be preyed upon by nation-states and rogue actors looking to obtain confidential information or gain access to restricted networks.
Per DFARS subpart 239.73, agencies must have complete trust in their supply chain to avoid tampering or the use of vulnerable third parties for critical systems. This requires prime contractors to have visibility that ensures end-to-end chain of custody security and mitigates vulnerabilities. Knowing where and how the hardware is being manufactured adds another layer of security. Suppliers should have the capabilities to trace every component of the supply chain, from the raw materials through the production phases to the delivery of the final warrantied product. This increased visibility dramatically reduces the risk of vulnerable components making it into the final product.
Given the prevalent use of third-party suppliers and open-source code, government agencies have to consider suppliers with extra security features beyond what’s standard in goods and services. These features should include, for example, tamper-evident solutions and tamper-resistant elements starting at the chip, board, drive, network, and software levels.
A “Tamper-Resistant” Future
Securing data shared and stored on the battlefield will require hardware with built-in cybersecurity features to serve as the frontlines of defense and national security. Solutions with capabilities such as FIPS 140-2 certified data-encryption, near-zero latency, instant data destruction, and integrated key management, are necessary to prevent crippling attacks on U.S. military and intelligence in the coming years.
As the U.S. defense pivots away from a “guns, guards, and gates” approach to security, it will be vital that cybersecurity defense starts on the ground. Hardware that is secure against physical and digital threats will only continue to evolve as the first line of defense against threats targeting sensitive, confidential data held by the military and intelligence communities. As edge computing grows in adoption and emphasis, this only reinforces the need for strong protection at the farthest reaches of tactical operations.
This article was written by Jim Shaw, Executive Vice President of Engineering at Crystal Group (Hiawatha, IA). For more information, visit here .