As adversaries and nation-states turn to cyberattacks as a weapon war, their new approach is changing the way military leaders view the interconnections between computer systems.
“Cyberthreats have changed the way Army looks at the network, data, and networked systems,” Gen. Paul Nakasone, the former head of U.S. Army Cyber Command who now leads U.S. Cyber Command, said in a news release last year. “[The network] is not only an enabler for mission command and day-to-day business operations, but also a weapons platform for cyberspace operations.”
In this environment, military leaders are tasked with upgrading creaking legacy networking architecture, and they say they are looking to industry to help lead the way.
The Army, for instance, last fall announced a sweeping effort to modernize its networks to support concepts such as multidomain battle in its joint operations. The service said it would take a deep look at modifications needed to make networks more responsive to war-fighter needs, including demands on the cyber front.
Army documents specifically point to industry solutions as the means to “to rapidly upgrade network mission requirements,” which will result in “better protected and resilient network capabilities for the Army as it integrates joint and coalition partner solutions.”
Such efforts can be seen across the armed services. The Coast Guard has said it is looking to commercial solutions to upgrade its 1990s-era computer networks in support of stronger cyber operations. The Navy is likewise looking at networks as the front line in the cyber fight.
Capt. Michael Abreu, the Next Generation Enterprise Network program manager, has said that cybersecurity is a high-priority item to modernize the network. “Navy cybersecurity requires everyone to treat Navy networks like a weapons system,” as one Navy document describes it.
Industry experts say it makes sense for military leaders to look to the commercial side in their efforts to bolster their networks’ cyber defense.
Volume alone suggests commercial players may be well-placed to support that fight. AT&T, for example, sees some 170 petabytes of internet data flowing through its network daily. “You can imagine what kinds of information that provides to the threat landscape, how that feeds into detecting threats before they happen,” said Mike Leff, vice president for global defense at AT&T Public Sector.
The Air Force last summer launched a monitoring system to watch over the health of all Air Force networks. The scale of that effort helps define the scope of the problem: its roughly 800,000 end points generating some 100,000 security events every hour.
“If you just think of the sheer scale of the network, and the number of connections that happen every minute, it can be mind-boggling,” said 1st Lt. John Bennion, a data analytics pathfinder program manager at Air Force Life Cycle Management-Hanscom, in an Air Force news release.
Given the complexity of the problem, military leaders say they plan to tap into industry’s ability to automate responses to cyberattacks using cognitive networks, artificial intelligence, neural networks and other sophisticated defenses.
“If we fail to achieve that vision of the network, we fail as a nation,” said Lt. Gen. Paul A. Ostrowski, principal military deputy to the assistant secretary of the Army. “This is serious stuff.”