Cybersecurity Challenges with Emerging Technologies
How to Leverage New Technologies in Modern Battlefields
By Major Fotios Kanellos, GR AF, JAPCC
It was the end of April 2020 when the first 5G base station was installed by Huawei, together with China Mobile, on the ‘roof of the world’, Mount Everest, at an altitude of 6,500 m, near the Qianjin camp, providing invaluable wireless communication to climbers and researchers. At the summit on the Northside of Mount Qomolangma (the Tibetan name for Mount Everest) the highest 5G tower provides high definition live broadcast and monitors environmental and scientific activities.
Huawei has been one of the leading providers globally of Information and Communications Technology (ICT) and is pursuing the commercialization of 5G technology all over the world, including in extreme environments such as the highest mountain peaks along the Chinese-Nepalese border, the hot deserts of Kuwait, the subarctic areas of Russia and the wet tropical savannas of South America. This giant among IT companies, the world’s second-largest manufacturer with 18% of the global smartphone market and more than 180,000 employees, was founded in 1987.
Initially, Huawei produced communications equipment for mobile phone networks in Shenzhen, southern China, and was founded by a former People’s Liberation Army officer who was also a member of China’s Communist Party. Because of the military background of Huawei’s founder and its dominant role as a supplier of 5G cellular network equipment, an increasing number of countries have raised concern and have serious reservations about trusting its products and services.1 The security risks and threats that 5G networks and smart devices pose due to design and manufacturing vulnerabilities (even intentional) are incredibly high and difficult to mitigate. Because of these risks, United Kingdom’s National Cyber Security Centre (NCSC) published a review (14th July 2020) that changed their initial security assessment of Huawei’s presence in the national 5G network, recommending the government to completely ban the Chinese technology company and remove its 5G kit from UK’s mobile providers’ networks by 2027.2 That decision will have a significant impact on the roll-out of 5G technology in Britain. However, the possibility of controlling the ‘sensitive parts’ of such a promising and advanced mobile network, with a decade-long impact, would risk not only the communications but also some of the most cutting-edge technologies of the 21st century which are based on 5G infrastructure.
Self-driving cars, Artificial Intelligence (AI), Machine Learning (ML), Automation, Virtualization, Smart Cities, Blockchain Networks, Big Data, Internet of Things (IoT), Internet of Senses, Cloud and Quantum Computing are but some of the most transformative innovations that are currently under development, and that are substantially altering the social, financial, business, and military environments. Over the next five to ten years, these emerging digital technologies, together with the sophisticated applications they produce, will generate new opportunities and create new challenges in almost all of the daily activities, especially the conduct of military operations.3
Thanks to 5G’s unique technical characteristics, including data rates ten times faster than present, the capacity to support a huge number of connected devices, almost no delay, continuous mobility, energy efficiency and service reliability, new tools and services are continually being developed. Connecting billions of smart devices, like ‘everything to everything’ (X2X), collecting and analysing Big Data from multiple networks (Cloud Computing) and establishing peer-to-peer networks (Blockchain) are only possible because of the components and functions that 5G technology offers into the new and ever-evolving Information Era.4
Virtualization, for example, is an immersive technology that can provide an effective cyber hygiene ecosystem. It makes computing environments more independent of physical infrastructure and creates virtual scenarios. Together with artificial neural networks and other systems, virtualization may determine, in advance, the vulnerabilities of the networks and the effect of these individual technologies providing the added benefit of building resilience. Virtualization aims at enabling a better understanding of cyber capabilities and vulnerabilities. This knowledge will support Cyber Threat Intelligence (CTI) tracking of malicious attacks and maintaining the required security standards.5
Cloud computing, 5G technology and real-time virtual environments can take military training and exercises to a new level of innovation and agility. Accessibility and flexibility will become key features of new, advanced mobile simulations where trainees will learn at their own pace and in their own space.6 Moreover, Extended Reality (XR) – encompassing Augmented Reality (AR), Mixed Reality (MR) and Virtual Reality (VR) – has been highly developed and empowered by miniaturization and increased processing power. Especially during the Covid-19 pandemic, XR has played an even more significant role by becoming the next ubiquitous computing platform, not only for gaming but also for distance training, retail shopping, working and socializing.
Since 2019, the British Army has been working on a project to switch from individual training to collective XR-based training. Using advanced XR Head-Mounted Displays (HMDs), several dozen trainees may operate together in the same virtual world and a variety of training scenarios based on agile operational demands. Such high-tech collective XR-based systems can also be deployed as mobile training services.7
This leads to the application to the Air environment, where this technology has proven to be especially important for air-to-air combat operations by improving human-machine teaming and communication. To automate such complex air operations, certain levels of trust, scalability and autonomy must be reached and matured. Human-machine interactions are built on three levels of autonomy: semi-autonomous (human-in-the-loop); human supervised autonomy (human-on-the-loop); total autonomy (human-out-of-the-loop).8 Autonomy and intelligence are the key factors in determining the range of ‘reality-virtuality continuum’, transforming a human experience, increasing situational awareness and refining the decision-making process. The new communication patterns and unlimited connectivity in the Joint Air domain may also transform the level of Command and Control (C2) across NATO and enhance even more the interoperability of such a networked operating environment.9
On 20 August 2020, the Defence Advanced Research Projects Agency (DARPA) completed its AlphaDogfight Trials (ADT) project which can be considered the epitome of the collaboration of multiple advanced technologies such as AI, Virtualization, Automation, ML, and Cloud Computing. During a three-day simulated aerial combat ‘tournament’ between an AI-driven ‘pilot’ and an experienced US Air Force F-16 pilot, the former went undefeated in all five rounds of mock air combat.10 Through advanced algorithms, the Heron Systems’ F-16 AI agent quickly and effectively learned how to execute aggressive and precise manoeuvres that the human pilot could not match.11 The within-visual-range air combat manoeuvres (dogfights) clearly represent the rising interest in AI and autonomous capabilities within the military aerospace environment.
However clear it is that those technologies will radically change how people work, communicate, think, and even fight in the near future, they simultaneously generate great concern that state-sponsored actors could interfere and disrupt their features and services, posing a massive threat to strategically vital networks. 5G technology has the potential to drastically increase the attack surface and the number of entry points for hackers because of the large number of connected devices (from baby monitors to refrigerators and fire alarms) with weaker security features. However, not only do low-cost interconnected devices introduce vulnerabilities, the communication between these devices can be the weakest link in 5G’s security. Under this rationale, the UK government decided to mitigate the risk (if not eliminate it) by restricting Huawei’s 5G kit despite the consequences of a two to three years delay on the roll-out of the technology and the additional costs of up to GBP 2 billion.12
Similarly, cloud computing technology consists of computer storage, front-end technology (laptops, Personal Computers), networking infrastructure and cloud-based applications which may also be disrupted and exploited. Most of this risk applies both to the extended commercial clouds (Google Cloud Services, Microsoft Azure, Amazon Web Services) and to the smaller-scale cloud services used for classified operations and secured sensitive data. Speed and security level are defining the different types of clouds and depend upon ‘off-premises’ and ‘on-premises’ equipment. However, meeting the essential security demands, especially from a military perspective, while leveraging the multi-cloud capabilities and benefits, may be challenging. Aerospace and defence supply chains can take great advantage of the multi-cloud services involving different defence contractors of varying sizes by pulling data from multiple sources and delivering them to a single location and single application.13 Autonomic Logistics Information System (ALIS), a complex, web-enabled, interconnected and distributed military logistics service, supporting the world’s fifth-generation fighter, F-35 Lightning II, exemplifies the integration of advanced technologies in military operations.
The increased speed of the connections and the wide range of services and applications will introduce a plethora of new security challenges. Malware, Phishing, Man-in-the-middle (MitM), Distributed Denial-of-Service (DDoS) and Social Engineering attacks have been growing daily, creating many challenges and infecting the digital ecosystem. After all, the great power competitions of the future will probably not take place on battlefields or in boardrooms but on smartphones, computers and on the digital infrastructure that supports them. In countries like China and Russia, the government and the private sector are working closely together, developing and deploying new technologies and applications that will have a global reach, which they consider vital for their cyberspace sovereignty.14 On 1 June 2017, exactly three years after China’s Cybersecurity (Internet Security) Law was implemented, another document was published, entitled ‘Cybersecurity Review Measures’, setting the rules of security and supply chain standards that ‘Critical Information Infrastructure (CII)’ products and services should apply.15
Cyber Threat Intelligence
In spite of introducing more vulnerabilities, emerging technologies can also provide essential help tackling cybersecurity challenges by offering useful tools to clean the cyber threat landscape. AI, for example, can automatically gather, analyse and disseminate intelligence and valuable information across various global networks providing capabilities to indicate cyberattacks and mitigate anomalies based on optimum prevention strategies. This CTI is an important factor for all armed forces in combating cyber threats from both a defensive and offensive perspective. According to the Allied Joint Doctrine for Cyberspace Operations (CO), published in January 2020, ‘… freedom of action in cyberspace may be as important as control over land, air and space, or sea.’16 In an increasingly interconnected environment, ‘it is more difficult to distinguish between the strategic, operational and tactical levels’.17 Since cyberspace is a domain of operations ‘an operational shift to a focus on mission assurance is needed’.18 Managing a real-time, dynamic, and complex framework that can predict and prevent cyberattacks can be a real game-changer to ‘ensure the continued function and resilience of capabilities and assets … critical to the execution of NATO mission-essential functions in any operating environment or condition’.19
Effective CTI primarily deals with exploiting ML and advanced AI technology, enabled by a dynamic, specific knowledge base to understand potential threats and what might motivate an adversary to launch an attack.20 Delicate ML tools, together with sophisticated AI algorithms, can maximize accuracy in attack attribution. These two technologies combined can ‘find correlations between events that may appear random and unrelated to the human eye. Only AI can analyse such a vast amount of information in real-time …’21 Therefore, training AI and feeding ML processes necessitates increasing data from diverse sources. Monitoring user information and analysing user behaviours, device usage, network activities, location and application data can, hence, be a source of both protection and threats.
Many hacker groups, surprisingly, do not vary their procedures when attacking either military targets or civilian facilities, making attribution a straightforward task. Most of the time, those actors simply pause their behaviour for a specific period before they deploy a new automated tool (i.e. bots22 ). Based on this pattern, it is possible to use automation to track and analyse raw threat-intelligence feeds and provide quick and reliable information that could reveal whether something has changed over time against specific criteria.
ML and AI algorithms can also enhance Incident Management by reducing the number of the security events and queries that need to be addressed and solved by human operators to 10%, shifting the status from man-in-the-loop to man-on-the-loop level. Moreover, cloud services and infrastructure not only have the inherent ability to store vast amounts of data from diverse sources, like the hundreds of sensors of a military aerial platform [daily data generated from IoT devices are estimated to exceed 5 quintillion bytes (1 Billion Gigabytes)]23 , but also can establish sets of rules and practices that can be replicated across all different data sets providing high-security standards. Incredibly, for aerospace and defence supply chains, the use of Blockchain technology in a cloud environment can even further secure and simplify processes. In particular, this would create ‘digital identities’ for all components and parts in the supply chain and enable the tracking of movement around the chain in a safe manner working as a secure ledger.24
The extraordinary capabilities of these emerging technologies have extended and endowed cyberspace with capabilities beyond the hyper-connectivity of the Internet itself. These breakthroughs, however, have not only been enormously advantageous. The expanded network infrastructure and increased number of connected devices (even those that appear not to be connected) introduce more vulnerabilities to intrusions. Furthermore, the enormous volumes of data processed and shared among the vast numbers of Internet-connected nodes become increasingly likely targets of exploitation and distortion.
State and non-state actors who seek to develop sophisticated methods of manipulation and surveillance, particularly by exploiting emerging technologies, will shape the conflict in the geopolitical arena for years to come. The information ecosystem ‘becomes more polluted, segmented, and rigidly controlled’,25 making it even harder for democratic countries to build resilience and respond to external threats. Therefore, it ‘is essential to the Alliance’s successful functioning in peace, crisis and conflict’26 to coordinate, synchronize and execute cyberspace and information activities that will deliberately create comparable counter effects, leveraging the tools and capabilities the emerging technologies may offer.
1. Bowler, Tim, ‘Huawei: Why is it being banned from the UK’s 5G network?’, BBC, 14 Jul. 2020 (accessed 11 Sep. 2020).
2. National Cyber Security Centre (NCSC), ‘Huawei advice: what you need to know’, 14 Jul. 2020, available at https://www.ncsc.gov.uk/information/huawei-advice-what-you-need-to-know (accessed 11 Sep. 2020).
3. Heren, H., ‘Future Developments Panel Introduction’, JAPCC Read Ahead 2020, available at https://www.japcc.org/future-developments-panel-introduction/ (accessed 11 Sep. 2020).
5. Cowan, G., ‘Cyber Threat Intelligence: Industry solutions begin to lean on AI and ML advances’, Jane’s, 24 Oct. 2019 (accessed 11 Sep. 2020).
6. MS&T Magazine, ‘Industry Vectors in AI, XR, 5G & More’, Volume 37, Issue 1.2020.
8. Pappalardo, D., ‘The Role of the Human in Systems of Systems: Example of the French Future Combat Air System’, OTH Journal, 27 Jan. 2020 (accessed 7 Sep. 2020).
9. Presa, C. and Perkins W., ‘Air Warfare Communication in a Networked Environment: An Interdisciplinary Analysis’, JAPCC, Jul. 2017, available at https://www.japcc.org/portfolio/air-warfare-communication-in-a-networked-environment/ (accessed 26 Oct. 2020).
10. Trevithick, J., ‘AI Claims “Flawless Victory” Going Undefeated In Digital Dogfight With Human Fighter Pilot’, TheDrive, 20 Aug. 2020 (accessed 11 Sep. 2020).
11. DARPA, ‘AlphaDogfight Trials Foreshadow Future of Human-Machine Symbiosis’, available at https://www.darpa.mil/news-events/2020-08-26 (accessed 11 Sep. 2020).
12. Ibid. 1.
13. Cowan, G., ‘Cloud computing: Armed forces aim for the sky’, Jane’s, 24 Oct. 2019 (accessed 11 Sep. 2019).
14. Rosenberger, L., ‘Making Cyberspace Safe for Democracy’, Foreign Affairs, May/Jun. 2020, p. 146–159.
15. Dudley, L. et al., ‘China’s Cybersecurity Reviews Eye “Supply Chain Security” in “Critical” Industries’, 27 Apr. 2020, available at https://www.newamerica.org/cybersecurity-initiative/digichina/blog/chinas-cybersecurity-reviews-eye-supply-chain-security-critical-industries-translation/?fbclid=IwAR33yv-q06LZ6cT5p94_yzUjXL8zdQQ-QjqB1umqgW0It-9GFTjYNK7gB_o (accessed 10 Sep. 2020).
16. AJP-3.20, ‘Allied Joint Doctrine For Cyberspace Operations’, Jan. 2020.
20. Ibid. 5.
22. Bots are software programs that perform simple repetitive tasks (scripts) over the Internet, much faster than a person could.
23. Ghosh, I., ‘AIoT: When Artificial Intelligence Meets the Internet of Things’, 12 Aug. 2020, available at https://www.visualcapitalist.com/aiot-when-ai-meets-iot-technology/?fbclid=IwAR3fV3p76bi_o4e6h3HXWy-ktzNi_u1Lpf-BMNmflLhe3Nv5acDlA9nTTTs (accessed 10 Sep. 2020).
24. Ibid. 12.
25. Ibid. 13.
26. Ibid. 15.
Major Fotios Kanellos
graduated from the Hellenic Air Force (HAF) Academy in 2003 as an Electrical Engineer with specialization in Telecommunication and Computer Science. He holds two Master degrees, one in Technical-Economic Systems from the National Technical University of Athens (NTUA) and another in Environmental Sciences from University of Patras.
Major Kanellos served as an inspection engineer for T-2 C/E aircraft and system engineer for the T-6A Flight Simulator at the Hellenic Air Training Command (HATC) in Kalamata. His previous appointment was at the HAF Support Command (HAFSC) managing IT and Cybersecurity projects. His current appointment is as a Cyberspace SME at the Joint Air Power Competence Centre.