Monday, December 21, 2009

Cyber Wars: Wireless Networks, Drones and Hacking

When the Wall Street Journal broke the story that Iraqi insurgents have been intercepting video communication signals from United States Predator drones over the last year, they characterized the actions as “the emergence of a shadow cyber war within the U.S.-led conflicts overseas.”

The truth is that cyber war has been the fifth warfare domain for some time, a new theater of war teeming with invisible enemies. The frequency and sophistication of cyber attacks is increasing daily, driven home by the insurgents’ wherewithal to both know that a $26 piece of pirating software could intercept these video signals (the Pentagon admits assuming local combatants wouldn’t know how to exploit the vulnerability), and actually pull it off.

Dale W. Meyerrose, head of Harris Corporation’s National Cyber Initiative and former Director of Command Control Systems at NORAD Headquarters, is quoted in Government Computer News that characterizing the incident as “hacking” is inaccurate; he likens it more to criminals intercepting police radio traffic than breaking into secure computer networks.

What is not being brought to light, is that whether or not the intercepted packet-based video was securely encrypted, the Iraqi insurgents potentially obtained location information about where the video is being sent – a much more severe disclosure than the targets of the surveillance.

Rajive Bagrodia, founder and president of Scalable Network Technologies, explains in a Defense Systems article that that “passive eavesdropping can be used to reveal the location of other network nodes, and the traffic pattern used to deduce other strategic information. If a wireless device is physically captured or hijacked, it risks revealing location information and packet contents while the rest of the network remains unaware. The most secure mobile wireless networks must therefore operate in a ‘trust but verify’ mode with every other peer node, and protect information, including routing information, at every layer of the network stack.”

However you spin it, the exposure of this year-long espionage shines a bright light on the severe vulnerability of wireless network transmissions—which the military is becoming more dependent upon in the larger shift to net-centric warfare. The specific ability to “eavesdrop” on drone-to-ground video transmissions, and what to do about it, was the subject of a demonstration conducted at this year’s I/ITSEC Conference by SNT of Los Angeles, CA. SNT has pioneered a new class of advanced network simulation and emulation tools called software virtual networks (SVNs) that are capable of rigorously vetting net-centric communication systems, particularly the most vulnerable domain of mobile wireless networks.

A recently article by Kevin Coleman in Defense Tech , Drone Video Hacks — The Cyber War Salvo , states that the military is scrambling to encrypt UAV video feeds in the wake of this disclosure. It further postulates that updating decade-old components will present a major encryption challenge to U.S. military technicians, and security needs to be built in, not bolted on later.

This is exactly the kind of wireless network and application engineering challenge that SVNs were created to overcome. First introduced in 2008, SVNs are exact digital replicas of physical networks in virtual space – indistinguishable from a real network. SVNs are based on emulation, which makes them able to interoperate with applications, devices, management tools, and people – at real time speed. SVNs emulate all of the layers in IP networks and can also emulate networks as large as thousands of nodes. This provides cyber security planners high fidelity results that are comparable to physical testing—but faster and at much lower cost. This in turn enables application developers and network engineers to do exactly as Mr. Coleman suggests – design security into the networks and applications themselves.

Courtesy of Camille Cox: camille@onrampcomm.com .