Monday, March 26, 2012

Air Force Electronic Attack and Cyber

Good article on Aviation Space and Week a few days ago I had to share. Not surprisingly, it was written by David Fulghum, who wrote several other articles in the past I've referenced in the IW area. He does a great job finding interesting, unclassified stuff to write about in the DoD and IO/IW/EW community activities, although it is not always easy to substantiate.

The article quotes several senior AF executives describing aircraft-oriented attack technologies by the USAF and other countries (namely China and Russia). I'll quote them below:
The Air Force is pursuing “cyber-methods to defeat aircraft,” Gen. Norton Schwartz, the service’s chief of staff, told attendees at the 2012 Credit Suisse and McAleese Associates Defense Programs conference in Washington March 8. But Lt. Gen. Herbert Carlisle, the deputy chief of staff for operations, says the same threat to U.S. aircraft already is “out there.”
Ashton Carter, deputy secretary of defense, is pushing both offensive and defensive network-attack skills and technology. “I’m not remotely satisfied” with the Pentagon’s cyber-capabilities, Carter says.
“The Russians and the Chinese have designed specific electronic warfare platforms to go after all our high-value assets,” Carlisle says. “Electronic attack can be the method of penetrating a system to implant viruses. You’ve got to find a way into the workings of that [target] system, and generally that’s through some sort of emitted signal.”
The Chinese have electronic attack means — both ground-based and aircraft-mounted — specifically designed to attack E-3 AWACS, E-8 Joint Stars and P-8 maritime patrol aircraft, he says.
Interesting comments. First, if they are really interested in "cyber methods to defeat aircraft". Second, that he would think stating that goal at the Credit Suisse and co. conference was a good idea. Third, that Ash Carter's not "remotely satisfied" with our cyber capabilities. And fourth, that Herbert Carlisle claims the Russians and Chinese have already designed platforms to attack "all our high value assets".

The article goes on to rehash earlier claims regarding USAF airborne attack capabilities. Wikipedia summarizes those using the three previously mentioned articles from Aviation Space and Week, and two others here. There are two even more detailed articles on the topic, mostly expanding the events in Syria in Air Force Technology that I'd not seen before. You can find part one here and two here.  

While reading Fulghum's article I also read a couple of new ones he wrote on NGJ, including a focus on autonomous platforms and info on weapons/AESA radars. I updated my Navy Airborne Electronic Attack post accordingly.

It all reminds me of that saying, "May you live in interesting times." I'd say that's accurate and only accelerating!

Thursday, March 15, 2012

Army Cyberwarfare R&D

Just ran across this interesting article from August of 2011 with Georgio Bertoli, the Army's I2WD Offensive Information Operations Branch Chief. Some highlights:
There are few specifics Bertoli can provide about his work because so much of it is classified. But the primary goal of cyber warfare, he explains, is to provide warfighters with a non-kinetic means of striking enemies without permanently destroying infrastructure. The second goal is to disrupt, deny and degrade enemy operations and prevent them from strategizing and communicating.
His team, which consists of 20 government engineers and support contractors, uses software-defined radio, electronic warfare, signals intelligence and other technologies to help build what the Army refers to as its future force.
"Just like a handgun versus a Howitzer," he says, "there's a whole spectrum of tools."
 To give an example of some of those approaches, here's a good presentation he gave at the C4ISR conference that's worth a review. In it, he highlights the differences between CNO (Computer Network Operations) and EW (Electronic Warfare) and the pros and cons of each.

Some other comments from the article:
Unlike kinetic warfare, in which one weapon potentially can thwart multiple enemies — "a bullet is a bullet," Bertoli notes — cyber-warfare typically requires a family of tools. For instance, what works on one particular waveform or network may not work on another.
"So now you have this huge toolbox. How do you manage that? How do you train somebody to be proficient in them?" Bertoli asks. It would be akin to teaching soldiers to use a different gun for each enemy. His team at CERDEC is working to create a common look and feel for cyber tools so they're easy to learn, and to develop a common framework so developers don't have to start from scratch with each weapon.
That reminded me of a solicitation hit the Internet that his group put out that solicited technologies from industry back in 2009. I went online to see what they were asking industry to provide for ideas and found as of Feb 2012 it's the same BAA from 2009. The document is available on the Army site here, and has lots of fun stuff for all the hackers out there. I won't include all of it for brevity, but here's what is listed under Computer Network Operations:
CNE and CNA support shall include but not be limited to:
    • Network discovery and mapping tools capable of operating in a relatively low bandwidth tactical environment and avoid or circumvent network/host-based IDS 
    • Destroy, disrupt, deny, deceive, degrade, delay, target, neutralize, or influence threat information system networks and their components, and Threat C4-ISR systems and nodes and other battlefield communications and non-communications systems
    • Understand various types of tactics, technologies, and tools used to perform CNO.
    • Vulnerability identifications and testing of both wired and wireless networks 
    • Techniques that can be used to find and route communications data through predefined path (accessible route) or to a particular location (cooperative nodes)
    • Methods for performing both distributed and coordinated CNO missions
    • Non-Access dependent CNO technique R&D 
    • Identification, capture and manipulation techniques for data in transit. 
    • Stealthy, real time, precise (within one meter) geographic location and mapping of Threat/adversary logical networks and their components. This includes, but is not limited to the following:
    Ø Individual work stations, terminals, and/or PCs, either networked or stand alone
    Ø Computer networks of any scale (both wired and wireless)
    Ø Virtual Private Networks (VPNs) (both wired and wireless)
    Ø Computer network components (local and/or backbone)
    Ø Displays
    Ø PCS and other commercially available wireless device types
    Ø Government owned or managed private communications networks (military or non-military)
    Ø Trunked Mobile systems or other networked commercially available communications systems
    Ø Telecommunications equipment (e.g., Private Branch Exchange (PBXs), corded and cordless phones)
    Ø Cryptographic components
    Ø Other peripheral components
    • Stealthy, non-cooperative access to logical networks and their components, that overcome threat/adversary best attempts to protect such networks and components. Proposals submitted under this sub-topic shall specify both hardware and software protection measures forming the basis of the target network environment
    • Stealthy, non-cooperative access to RF devices, communications networks and their network components, non-communications networks and their components, and other RF-centric networks and their components, to develop revolutionary TTPs that overcome threat/ adversary best attempts to protect such networks and components. Proposals submitted under this sub-topic shall specify both the hardware and software protection measures forming the basis of the target network environment
    • Stealthy, non-cooperative network discovery software tools, countermeasure capabilities and TTPs that overcome threat/adversary best information assurance/protect measures. Proposals submitted under this sub-topic shall specify both hardware and software protection measures forming the basis of the target network environment
    • Stealthy, non-cooperative network characterization tools and TTPs that overcome threat/adversary best information assurance and protection measures. Proposals submitted under this sub-topic shall specify both hardware, software, and protocol or transmission protection measures forming the basis of the target network environment
    • Stealthy logical network exploitation and/or countermeasure software schemes and TTPs capable of surgically inserting intelligent software agents into threat/ adversary logical networks, regardless of protocols in use or available
    • Stealthy intelligent software agents and TTPs for exploitation and countermeasures of threat/adversary logical networks, and other network-centric networks and their components, and/or Command and Control networks and their components.
    • Stealthy component mapping of logical networks and location data correlation and deconfliction with other all-source intelligence data 
                TTP is Tactics, Techniques, and Procedures for the uninitiated. They also have sections talking about their interest in a CNO framework, software agents,  and EW/IW techniques.

                If anyone has ideas in those areas they have submission information on their acquisition page. Not anywhere near as user-friendly as DARPA's Cyber Fast Track (CFT), and I'm confident they won't be as quick either. It's not been as well advertised though, so I'm sure they'd love to hear from some innovative people out there interested in building cyber tools. Sounds like fun!