Cyberspace holds the world captive, encompassing everything from personal messages and military dispatches to critical infrastructure and everyday devices. It extends to power grids, hospitals, transportation systems, and even home appliances. In today’s interconnected world, cyber-attacks pose one of the greatest global threats. This can include everything from the devastating consequences of hacking for all data and infrastructure, to lethal attempts at financial and military control.
While advancements in detection and deterrence have been made, the ongoing battle between cyber armour and anti-armour continues to escalate. Recognising the severity of the issue, cyber warfare and security departments have emerged across military and civilian entities. Various actors seek different objectives through cyberattacks, such as intelligence gathering and system compromise. Safeguarding against such threats remains an ongoing challenge due to the ever-evolving nature of technology and reliance on electronics.
Rogue software techniques known as “logic bombs” can cause sudden malfunctions when deployed, while computer chips may contain “kill switches” and hidden “back doors” for remote access by unauthorised users. The consequences of such attacks range from theft of personal information to extortion, loss of valuable data, secrets, and new techniques. Exploiting vulnerabilities in military cyber systems can compromise weapons blueprints, operational schemes, and surveillance data, posing a severe threat to national security. Stealthy cyber attack techniques can infiltrate military systems and establish a hidden foothold to exfiltrate sensitive information to foreign servers.
Useful Cybersecurity Strategies for the Military
Most nation-states prioritise the military, using untraceable cyber actions to compromise another nation’s defence. Financial institutions and industrial control systems for essential networks, such as water and power, are also prime targets due to the potential real-world impact of successful cyber attacks.
Navy cyber security experts actively work to protect critical digital systems – such combat information centres on US naval surface warships – from cyber threats. However, individuals remain vulnerable to various automated attacks. There are a variety of methods, but the main ones among them are ransomware and data theft. Military organisations must consider the inherent risk stemming from human nature.
Corporations (both within and outwith the Defence environment) are also prominent targets as cyber adversaries seek intellectual property and competitive strategies. Regrettably, many organisations fail to consider the consequences of such attacks on their companies.
Small-to-medium businesses face increased targeting due to their limited resources and (potentially) lower ability to fully secure computer and digital networking environments. This vulnerability provides attackers with a higher chance of successful compromise.
The severity of the damage varies depending on the target. Industrial control systems and critical infrastructure are at higher risk, as disrupting the power grid can lead to overwhelming system failures and extended shutdowns. For instance, electricity is vital for water filtration plants, and its absence affects the masses, depriving them of drinkable water and power.
1. Building Tactics and Strategy
- The consequences today from cyberattacks far exceed those of the past.
- Companies can face severe harm, and nations are exposed to substantial risks from cyber attacks.
- One widely utilised concept in the cybersecurity field is the kill chain, which outlines the sequential steps that an attacker follows to execute their actions.
- Disrupting this chain empowers defenders to neutralise the operation.
- Although the kill chain is helpful, cybersecurity can draw from numerous military concepts.
- Targeting is another valuable military technique applicable to the cyber domain.
- In the past, it was limited to field artillery and cannons.
- Now, it involves surveying the entire internet landscape to identify potential targets.
- Prioritising the target landscape and adopting effects-based operations are critical.
- Military strategy is not solely about causing destruction; rather, it involves considering the intended impact of each action.
2. Anti-Phishing Training
- Opening an attachment from an unfamiliar source can grant unauthorised access to your information.
- It might seem obvious, but only download attachments from known and trusted senders.
- If the subject matter of the email with the attachment appears suspicious, verify that the email was genuinely sent by the listed sender before opening it.
3. Use the Internet only through a VPN
- A VPN, or virtual private network, offers military-grade data protection.
- This powerful IP changer offers AES 256-bit encryption that prevents any data leaks.
- In addition to data encryption, outsiders cannot find out the user’s IP address.
- This means that all kinds of hacks become impossible or less likely.
- Of course, there is a risk that the user themself will download the virus! (refer to point 2 above).
- Even so, military cyber operations should take place under the auspices of a powerful VPN so that no outsider compromises the data.
4. Think Twice Before Any Action
- It is important to carefully consider both the quantity and nature of the information you share.
- Sharing details that could assist hackers in accessing valuable information poses a significant risk.
- Additionally, posting content that may reflect poorly on you, your fellow unit members, or organisation should be avoided.
- It is crucial to evaluate how much of your personal life you want to expose.
- Is it important to remember that in this era of digital advancement, a single moment can easily become viral and have severe consequences on your personal/professional life.
- Above all, it is essential to prioritise using common sense over seeking attention on social media platforms – any pictures/statements you upload to social media platforms can provide opponents with intelligence data.
- However, it is possible to strike a balance, but your safety (and the organisation’s) should always take precedence, and it is crucial to take precautionary measures from the beginning.
5. Robust Security Settings for Connected Devices
- Mobile/cellphones and laptops with Bluetooth and other wireless features can expose you to potential hacking risks.
- In public places, ensure that you consistently verify your wireless settings and security measures to safeguard your device’s data from unauthorised access.
- Safeguarding information extends beyond social media platforms.
- It encompasses the technology in laptops resting on desks or mobile/cellphones held in your hand.
- Utilising technology wisely and a dose of common sense are effective keys to personal/professional protection.
6. To Defend, You Need to Think Like an Attacker
- Thinking like an attacker has long been a familiar concept in the military (and also cybersecurity).
- Security conferences frequently feature demonstrations and instructions on hacking to address this.
- It is now crucial to adopt the mindset of nation-state attackers as well.
- By doing so, even as a defender, you can gain insight into the mindset of the organisation that seeks to breach your network, industry sector, or country.
7. Red Team Penetration Testing
- Tactical military operations involve armed soldiers in the physical realm.
- However, in the cyber domain, individuals wield keyboards to execute these operations.
- One variant of a tactical operation is a red team penetration test.
- Unlike traditional military combat, organisations must consistently maintain a defensive stance.
- Therefore, one must devise mechanisms to enable organisations to ‘use force’ as a deterrent against attackers.
8. Cyber Armies
- Applying military strategy and tactics to cybersecurity not only enhances comprehension but also addresses the presence of ‘active armies’ in the digital realm.
- Organisations, regardless of size, will (and have) become targets of nation-state adversaries.
- Therefore, organisations must understand the digital battlespace and establish effective defences and warning processes.
- Collaborating with other organisations in the same sector is one way to amplify overall security.
9. Attribution Requires Intelligence
- Attribution, a crucial element of military operations, has now expanded into the realm of cybersecurity.
- This involves actively identifying the root cause and origin of an attack.
- Achieving accurate attribution requires intelligence, a capability that the US government possesses for tracing back attacks.
- While individual organisations can also perform attribution to a lesser extent than a government, they can effectively attribute cyber threats by leveraging their available assets and integrating threat intelligence feeds.
10. Do Not Share Personal Information on Social Media
- When using social media, it is crucial to limit the sharing of personal/professional details.
- Revealing information such as your address, birth year, phone number, location, work undertaking can have serious privacy implications and potentially dangerous consequences.
- Protecting oneself and your organisation should be a priority from the very beginning.
11. Cultivate Talent
- Retaining and recruiting a skilled cyber workforce is crucial.
- An organisation can achieve this by implementing the following measures:
- Increasing the promotion of science, technology, engineering, and math classes in grade schools to foster the growth of cyber talent.
- Hosting competitions and implementing other strategies to identify exceptional cyber specialists capable of tackling the organisation’s toughest cybersecurity challenges.
- Offering incentives for computer science-related jobs within the organisation to attract talented candidates who may otherwise choose the private sector.
- Examples of these incentives include rotational assignments at other organisation’s (both military and civil) , specialised training opportunities, and expanded compensation packages.
- Optimising the mix of military service members, civilians, and defence contractors to effectively support the mission.
12. Strengthen Alliances
- To accomplish this mission, an organisation must expand and reinforce its cyber-cooperation.
- This can be achieved by establishing reliable partnerships with private-sector entities that play a vital role in supporting military operations.
- Additionally, sharing information with other government organisations, as well as foreign partners and allies who possess advanced cyber capabilities will significantly enhance an organisation’s effectiveness.
- It is also of great importance to seek opportunities for crowdsourcing, such as hack-a-thons and bug bounties, to identify and rectify vulnerabilities.
- Lastly, during peacetime, an organisation must uphold behavioural norms in cyberspace.
How Does a State Fight Cybercrime?
A government must implement policies to manage cyber security by standardising operating procedures in cyberspace. This is done to protect classified networks, information, and privacy, which may contain sensitive data and support important operations. Sharing best practices among team members promotes operational norms for cyber security, especially in dealing with grave threats.
The goal is to develop enduring cyber security governance and practices in fast-paced cyberspace, with a focus on deterring interference and attacks. Improving warning capabilities, defining roles for the private sector and international players, and establishing appropriate responses for both state and non-state actors.
Given the reliance on privately owned critical infrastructures, an organisation can advocate for and extend cyber security governance and practices into these domains. For example, in the US a partnership between the Federal Government, public, and private sector owners and operators of Critical Infrastructure and Key Resources actively addresses security and information assurance efforts across the cyber infrastructure, aiming to increase resiliency and operational capabilities. Public-private sharing of information regarding cyber threats and incidents is also prioritised in each government and critical infrastructure and key resources (CIKR) partnership.
Maintaining effective cyber security involves protecting military networks against cyber threats. The vast network of computers in cyberspace requires close cooperation, timely sharing of cyber events, and knowledge of emerging actors and threats to improve collective security standards. The military should actively explore ways to defend its networks, invest in people, technologies, and research & development, and sustain vital cyberspace capabilities for national security.
Recognising cyberspace as an important military domain, it is crucial to allocate resources for procuring sophisticated weaponry and developing skilled personnel to serve in both military and intelligence organisations. Failure to do so poses a significant threat to and organisation’s future prosperity and security. Protecting government defence systems is of utmost importance due to the potential damage that even a slight negligence to these confidential data can cause to the entire nation or society. Hence, such knowledge requires high-level security.