Military Organizes for Cyber Warfare

December 01, 2018

Military Organizes for Cyber Warfare

Excerpts below from article published in Military & Aerospace Electronics
Authored by: J.R. Wilson

The ubiquitous use of computers has elevated the significance of military signals intelligence (SIGINT), imagery intelligence, geospatial intelligence, measurement and signature intelligence, and technical intelligence to far greater significance than ever before.

That same explosion of technology also leads to the rapid evolution of two new classes of military conflict: electronic warfare (EW) and cyber warfare (CW). It is the Pentagon’s responsibility to keep America and its allies at the cutting edge of offensive and defensive EW/CW — and to use all of its ISR capabilities to know and understand what EW/CW abilities that potential adversaries employ...

Targeting Computers

Cyber warfare represents the use or targeting of computers, online control systems, and networks through offensive and defensive acts of electronic espionage and sabotage. While it often is equated with EW, which is the subject of several programs and studies throughout the U.S. Department of Defense (DOD), cyber warfare has been declared a domain of war with the 2010 creation of the joint U.S. Cyber Command, which brought together the individual cyber capabilities of the Army, Navy, Air Force, and Marines.

China, which has touted its intention to become the world’s dominant cyber warfare superpower, also has unified its cyber capabilities. Russia has employed cyber warfare at least twice in the past decade — in its 2008 military incursion into Georgia and in a 2014 cyber attack on Ukraine.

Israel also is considered one of the world’s new breed of cyber superpowers, based in part on its estimated 10 percent share of global computer and network security technology sales.

While not as active or public as the others, the United Kingdom in recent years has invested heavily in expanding its cyber capabilities to become the European center of cyber warfare technology...

Parallel Attacks

...This holds true for the military, as well — even though each service has a cyber component in CYBERCOM, and DOD puts increasing levels of people and money into cyber research.

“A lot of the government side is a little helter-skelter on cyber,” says Steve Edwards, director of secure embedded solutions at the Curtiss-Wright Corp. Defense Solutions division in Ashburn, Va. “We don’t do back office enterprise systems; we deal with hardware that gets deployed air-land-sea. There are lots of people involved and they’re still trying to figure out how to have a cohesive strategy.

Everyone has his own opinion about what’s important in cyber warfare, Edwards says. “Even with commands in the same service, you get different perspectives. Within each division, they are working on that. We’ve taken part in a couple of meetings on the Air Force side and the standardization push they’re trying to make across the Air Force, but it’s a slow process.”

Under today’s military structure, the individual service cyber commands focus on the needs of their warfighters. Some of the technologies and materiel are the same, but how they are applied can be different. CYBERCOM functions as an umbrella command, setting national policy and ensuring there is no duplication of effort...

Cyber defense is not exclusively an end-user concern, it begins at the beginning, with the contractors who build the systems, subsystems, and components that comprise a cyber or cyber-protected program.

“The threats are ubiquitous,” notes David Sheets, senior principal security architect at Curtiss-Wright Defense Solutions. Defense contractors, he says, “have to understand the risks and make sure we have all the correct procedures and processes in place so we can tell our customers we have done the due diligence to assure they will have a secure system once they put all the boards and such together. That impacts our supply chain management, production flow, all of which have to go together to ensure there are no kinks in the armor as you integrate these systems.

“Multiple people have been trying to wrap their heads around the intersection of cyber security and safety-critical systems and how those work together,” Sheets says. “I don’t think anyone has a good answer to that yet — there is a lot of synergy in some areas, while in others, cyber may say one thing and safety something else.”

Read the full article here

Steve Edwards

Steve Edwards

Director and Technical Fellow

Steve has over 25 years of experience in the embedded system industry. He leads Curtiss-Wright Defense Solutions’ efforts in addressing physical and cyber security on their COTS products and represents the company in defense related security conferences. Steve has worked collaboratively in several standard bodies, including a time chairing the VITA 65 OpenVPX, and as lead for the Sensor Open Systems Architecture (SOSA) Security Subcommittee. Steve lead the design of Curtiss-Wright’s first rugged multiprocessor and FPGA products and was involved in the architecture, management, and evangelization of the industry’s first VPX products. He has a Bachelor of Science in Electrical Engineering from Rutgers University.

Trusted Computing for Defense & Aerospace

Curtiss-Wright goes well beyond standard approaches to Trusted Computing to provide truly secure solutions for air, ground, and sea platforms. We keep cybersecurity and physical protection in mind, from design and testing to supply chain and manufacturing. This comprehensive, end-to-end approach creates an effective mesh of protection layers that integrate to ensure reliability of Curtiss-Wright products in the face of attempted compromise.