Articles

Enterprise Cyberdefenses Needed to Defend Embedded Networks

August 09, 2021 | BY: John Wranovics

Published in Military Embedded Systems

In order to achieve and maintain warfighting overmatch, coordinate deployed forces, and enable new warfighting capabilities, the U.S. Army, Air Force, Navy, Marine Corps, and Space Force are actively looking to new programs such as Joint All Domain Command and Control (JADC2) to ensure warfighters have maximum situational awareness. This push to upgrade is driving the development of end-to-end networks linking the cloud, command posts, combat platforms, and dismounted warfighters. It also anticipates the addition of vast numbers of sensors and video feeds – backed by big data processing, artificial intelligence, and machine learning – to speed decision-making across all warfighting domains.

This vision of a networked battlespace includes standardized and interoperable data formats and application programming interfaces (APIs), which would break down barriers and stovepipes between information sources, applications, and platforms – enabling commanders and data analysis systems to develop common operating pictures. While the benefits of this vision are compelling and easy to understand, it raises a concern that should not be ignored: As the size and complexity of these networks grows, so does their cybersecurity attack surface. That is, the network will have more places where it can be attacked and will have more vulnerabilities that must be managed. This type of network proliferation also has a side effect of introducing cybersecurity threats into locations that traditionally were less vulnerable to outside attackers, such as embedded systems. This situation is only exacerbated by widely acknowledged, increased warfighting activities in the cyber domain by our near-peer adversaries.

This vulnerability is not a theoretical risk, and the U.S. Department of Defense (DoD) will be wise to learn from lessons in the industrial sector, which has experienced attacks on embedded systems typically used for so-called operational technologies (OT), those systems used for applications such as process control over manufacturing equipment. Historically, the industrial sector has used “air gap” techniques to isolate OT, using barriers to keep certain operations safe from highly connected networks. However, the benefits of interconnecting these devices and automating IT management of OT has opened up the threat landscape. A recent incident involving a ransomware attack on gas-pipeline operations (as reported by CISA [Cybersecurity and Infrastructure Security Agency] at https://us-cert.cisa.gov/ncas/alerts/aa20-049a) provides an excellent example.

Read the full article.

Author’s Biography

John Wranovics

Director of Public Relations

John Wranovics has over thirty years experience in the management of media relations and the promotion of high technology products. He has been with Curtiss-Wright since 2003. He has a degree in English Literature from the University of California, Berkeley.

Share This Article

  • Share on Linkedin
  • Share on Twitter
  • Share on Facebook
  • Share on Google+
Want to add a comment? Please login
Loading...
Connect With Curtiss-Wright Connect With Curtiss-Wright Connect With Curtiss-Wright
Sales

CONTACT SALES

Contact our sales team today to learn more about our products and services.

YOUR LOCATION

PRODUCT INFORMATION

Support

GET SUPPORT

Our support team can help answer your questions - contact us today.

REQUEST TYPE

SELECT BY

SELECT Topic