Category Archives: Future Tech

What is coming down the pipe in naval and maritime technology?

Black Hat 2019 and DEFCON: Leveraging Private Sector Talent for Cyber Capability

By Christian Heller

The U.S. defense complex is looking to private industry and civilian research to gain an advantage on the battlefield as advanced technologies push warfare in new directions. In cyber capabilities especially,the U.S. and its naval services lean on civilians, contractors, and independent cybersecurity companies to gain a competitive national edge. Every year these groups descend upon Las Vegas, Nevada for back-to-back information security and hacking conventions dubbed Black Hat USA and DEFCON. The Department of Defense follows in step to search for best practices, advanced insights, experimental tools, and new talent.

The 2019 editions of Black Hat and DEFCON held plenty for national security analysts to ponder. Dino Dai Zovi, the head of mobile security at the credit card processing company Square, spoke of the need for security software with effective user interfaces which keeps pace with advances in technology. Security programs must be built for “observability” to better “understand if the protections are working and also perform anomaly detection.” Such a requirement is not only necessary for the Navy, but finds a strong historical precedent. The Navy has a long history of simplifying advanced technologies into easier, usable forms for better employment by young sailors.

Identity intelligence, one of the most utilized capabilities of U.S. forces during the past two decades of counterinsurgencies, has also been a main effort for Chinese military and government development. Researchers from the Chinese firm Tencent demonstrated the ability to spoof biometric authentication devices with common eyeglasses. They did so not by convincing the systems that the user was a different person, but rather that the user was a photo instead of a living person. Low budget defenses against identity intelligence tools may prove just as frustrating to U.S. forces in future stability operations as space blankets did against early UAVs.

Major tech leaders like Apple and Microsoft announced new measures to search externally for IT security support through the use of rewards. Apple, which normally treats its technology and systems with close-hold protections, will now award upwards of $1 million to hackers who identify critical vulnerabilities in Apple technology. Microsoft is also offering up to $300,000 to hackers who identify exploits in its Azure cloud technology systems. To facilitate this outside support, Microsoft is creating Azure Security Labs where participants can experiment on Azure networks without affecting the existing customer base.

These bounty programs have already benefited organizations like the Marine Corps which may lack the capacity or skillsets to facilitate internal network testing. At last year’s conference, the Marine Corps hosted a hacking program to test the durability of its public websites and the Marine Corps Enterprise Network, or MCEN. One hundred ethical hackers spent nine hours testing the Marine Corps’ systems and found 75 vulnerabilities in return for $80,000 in combined prize money. Though the payment pales compared to private industry awards, these events are an important way for defense agencies to engage with community experts who are willing to support the military while gaining valuable organizational knowledge in the process. The Pentagon has hosted hacking projects since 2016 and recently leveraged three security firms – Bugcrowd, HackerOne, and Synack – via contract to conduct sustained network testing. Additionally, if data scientists and cyber specialists are going to play a pivotal role in the future Navy and Marine Corps, engaging with non-traditional audiences at events like Black Hat and DEFCON help to expose the hacking world to the armed services.

The Air Force is embracing conferences like DEFCON to leverage technical expertise and open up the service to these communities. It hosted two events at this year’s conference. One challenged hackers to gain entry into an airbase, and the other tested data transfer hardware for the F-15 fighter. The Trusted Aircraft Information Download Station, or TADs, is an independent subsystem of the F-15 which helps collect sensor inputs like images. Next year the Air Force wants to bring an entire F-15 aircraft to the convention and host a hacking event involving a live satellite.

This year’s events also pointed toward the changing battlespace in which U.S. forces will operate. Harvard lecturer and fellow Bruce Schneier discussed “hacking for good,” a movement which is becoming more prevalent throughout the world. Just as military forces found themselves operating around civilians and non-governmental organizations (NGOs) in Iraq and Afghanistan, the future cyber battlespace may be filled with hacktivists trying to do good or “grey hat” operators taking advantage of disorder to pursue alternative motives.

Hacktivist campaigns have occurred in almost every recent global crisis including Sudan, Venezuela, Pakistan, and Libya. Hacktivist campaigns usually involve unsophisticated denial of service attacks to take down websites and servers which achieve mixed results. However, as cyberspace conflict between great powers becomes routine, such groups are sure to increase operations and become regular actors in the same competitive spaces in which government agencies and militaries interact.

Another feature of the changing cyber battlefield is internal competition between state actors. Kimberly Zenz, a senior official with the German cybersecurity organization DSCO, explained at Black Hat that Russia’s intelligence agencies and hacking organizations should be viewed as individual groups competing for influence with one another. This competition can lead to chaos and risk-taking in cyberspace as groups minimize coordination amongst one another and compete to showcase their abilities to senior officials. The results could be similar to the $10 billion dollars in damages caused by the NotPetya malware.

An information graphic depicting the dangers of cyber attacks. (U.S. Navy graphic/Click to Expand)

For the Navy, Marine Corps, and Department of Defense, the consequences of these foreign internal rivalries could be sporadic and disproportionate cyber attacks. Leaders may struggle not only to determine which actor initiated the attack, but what the target, intentions, and overall scale truly are. From the defender’s point of view, probes and attacks which could seem like a coordinated and widespread operation may instead be many. They may also be part of a concerted “persistent engagement” strategy with long-term but subtle objectives. In this case, a defender’s response could be disproportionate to what the attacker intended. These factors make deterrence in cyberspace an elusive goal for policymakers.

One final takeaway from the 2019 conventions is the intention and ability of nefarious actors to target defense users and systems outside of official government channels. Agencies may spend millions to harden networks, but users, such as service members at home, may be the greatest vulnerability in the system. They are often the softest target for foreign powers and criminal groups to exploit with simple techniques. One presenter demonstrated a fully-functioning, charging-capable Apple USB which contains a Wi-Fi implant and allows nearby hackers to access the connected computer. Another speaker showed how she used information from common online subscription services such as Netflix and Spotify to access bank accounts and personal financial data. Using common talking points, customer service helplines, and classic identity theft techniques, she was able to get access to private account information at major financial institutions without any advanced technology. A separate group, Check Point Research, demonstrated the ability to hack digital cameras to spread malware through home networks and hold personal information for ransom.

The military’s efforts to increase information technology security in the workplace may need to extend to personal services and education for service members to prevent workforce distractions, blackmail, or the further spread of malware throughout units and networks. Currently, the individual Soldier, Sailor, Airman, or Marine is the easiest objective for hostile cyber actors to target, whether for criminal, intelligence, or military purposes. The main lessons from Blackhat and DEFCON may be that nowhere is safe, and the services should explore a wider range of protection services for the users they rely on to carry out missions.

Christian Heller is a graduate of the U.S. Naval Academy and University of Oxford. He currently serves as an officer in the United States Marine Corps. Follow him on Twitter, @hellerchThe opinions represented are solely those of the author and do not represent the views of the United States Marine Corps, the Department of Defense, or the United States Government.

Featured Image: DefCon attendees gather in Las Vegas to learn about new technology vulnerabilities and cyberattacks. (AP Photo/Jae C. Hong)

Why Unmanned Systems Are The Go-To Option for Gray Zone Ops in the Gulf

Securing the Gulf Topic Week

By Heiko Borchert

Introduction

Current incidents in the Arabian Sea should be seized as an opportunity to advance naval conceptual thinking about unmanned maritime systems in gray zone operations. Gray zone activities are an astute object for concept development, as they “creep up on their goals gradually,” rather than involving decisive moves, as Michael Mazarr has argued. In response, Mazarr contends, gray zone operations will “call for a greater emphasis on innovation” as these operations take different forms and intensities and thus require varied responses. This coincides with the general need to devote more attention to concepts development that drives the use of new naval technologies such as unmanned systems.

Applying Unmanned Systems to Gulf Security

Maritime stability in the Arabian Sea has deteriorated significantly over the past couple of weeks. In response to the Iranian seizure of the Stena Imperio, a Swedish oil tanker under British flag, London reached out to different European capitals in view of establishing a maritime protection mission escorting commercial vessels through the Strait of Hormuz.

This incident and prior events in the Arabian Sea such as harassing commercial vessels with speedboats and assaults on commercial vessels are a perfect illustration of so-called gray zone activities. Located between war and peace, gray zone activities involve “coercive actions to change the status quo below a threshold that, in most cases, would prompt a conventional military response,” as Lyle J. Morris and others have suggested.

These activities raise an obvious question: How best to respond? Staying out of the region for an interim period, as the British government has advised U.K. shipping, has been interpreted as a watershed moment “when the UK admits it can no longer protect its merchant vessels.” But even if political support for the maritime protection mission matured, the question would remain if there were enough adequate platforms to do the job.

Deploying big capital ships or surface combatants to escort merchant vessels might send a strong message of resolve to Iran, but doubts remain if this approach is adequate. Past experiences in the Arabian Sea have made it clear that naval vessels remain vulnerable to speedboats operating at a high tempo in distributed maneuver operations. While this is certainly only one method of attack, it is most important for strategic communication. Small boats successfully attacking or deterring prestigious naval ships delivers a message that all gray zone actors want to convey.

It is time to supply navies with an additional option using unmanned systems. Unmanned maritime systems (UMS) have been developed and used for quite some time, but right now, the majority of unmanned maritime systems are used for mine countermeasures. There is an obvious operational need to do the job, concepts of operations are in place, and technology is mature. This makes a perfect fit, but more can be done.

Unlike gray zone activities in the South China Sea that involve the building of artificial islands to underline sovereignty claims and the use of naval militia and the coast guard to intimidate neighbors, Iran’s actions are of a different quality. In the Arabian Sea, mosaic defense emphasizes mass, speed, and surprise. Unmanned maritime systems would be ideal to respond because they can be built to be lost. This levels out current asymmetries between speed boats and big capital ships and denies the adversary the offensive on strategic communications. This attrition-like role is only one mission UMS could play in future maritime protection missions. Overall, the mission envelope could be much broader.

First, assuming that a maritime protection mission depends on persistent situational awareness and understanding, unmanned systems can be used to collect intelligence and provide reconnaissance. For this mission the emphasis should be on closing the sensor chain from seabed activities through the undersea world to the sea surface into airspace and space. In all of these domains unmanned systems are already in use, but more needs to be done to fuse data to augment the existing Recognized Maritime Pictures (RMP), for example to detect anomalies stemming from adversarial behavior at sea.

Second, unmanned systems at sea can push the defense perimeter out. Forward deployed unmanned surface vehicles (USV) could be used to intimidate an adversary’s embarking speed boat fleet thus delaying the launch of operations and creating “noise” that would send alarms to the RMP. A more wicked though not yet technically mature option would focus on very small, mine-like unmanned underwater vehicles (UUV). These assets could be deployed covertly by submarines or by air assets. These UUV could turn into a sort of adhesive explosives that stick to boats running over them, thus rendering them dysfunctional.

Third, unmanned maritime systems could be used for deception operations. A swarm of USV could enter a theater of operation disguised as a big capital ship on the adversary’s sensors. As the adversary prepares to counter the ship the USV swarm would disperse into many different smaller platforms thus out tricking the adversarial defense posture. A similar mission can be envisaged for the underwater domain where UUV are already used to imitate the signature of submarines.

Fourth, USVs could constitute the outer ring of maritime protection missions. Robust platforms could be equipped with remote-controlled weapon stations, like the Protector USV developed by Rafael Advanced Systems, to engage incoming speed boats or flying platforms. In addition, USV could be used to deploy electronic counter-measures, for example, to jam adversarial sensors and take out communications between unmanned aerial assets and the respective control units. 

Conclusion

While some of these ideas are closer to reality than others, what matters most is that concepts and operational requirements need to drive the use of unmanned maritime systems in gray zone operations. So far, the discussion about UMS mainly focuses on providing solutions to meet the needs that emerge in naval warfare areas such as mine countermeasures, anti-submarine warfare, or anti-surface warfare. However, gray zone activities cut across all of these tasks. Adequate responses need to adopt a more horizontal approach, as well looking at the technological building blocks that can be used for all missions. Here, the most recent decision of Belgium and the Netherlands to develop a toolbox of unmanned systems for mine-countermeasures shows the way to the future. This approach could be turned into a holistic concept to deal with UMS for maritime gray zone activities.

Putting extra emphasis on innovation and concepts development also opens up avenues for fruitful cooperation with the Gulf states that step up efforts to expand their own naval capabilities while at the same time ramping up efforts to establish a local naval industrial base. Involving them from the start would make sure that specific regional requirements could be adequately addressed while at the same time contributing toward building up local technology expertise in important  areas and incentivizing the establishment of local capabilities and concepts. In the long run this joint approach could help shoulder the burden to provide maritime stability in one of the world’s most pivotal regions.

Dr. Heiko Borchert runs Borchert Consulting & Research AG, a strategic affairs consultancy.

Featured Image: A Bladerunner craft fitted with the MAST system. (Wikimedia Commons)

U.S.-China Tensions and How Unmanned Military Craft Raise the Risk of War

This article originally featured in the Nikkei Asian Review under the title, “US-China tensions — unmanned military craft raise risk of war,” and is republished with permission. Read it in its original form here.

By Evan Karlik

The immediate danger from militarized artificial intelligence isn’t hordes of killer robots, nor the exponential pace of a new arms race.

As recent events in the Strait of Hormuz indicate, the bigger risk is the fact that autonomous military craft make for temping targets – and increase the potential for miscalculation on and above the high seas.

While less provocative than planes, vehicles, or ships with human crew or troops aboard, unmanned systems are also perceived as relatively expendable. Danger arises when they lower the threshold for military action.

It is a development with serious implications in volatile regions far beyond the Gulf – not least the South China Sea, where the U.S. has recently confronted both China and Russia.

If China dispatched a billion-dollar U.S. destroyer and a portion of its crew to the bottom of the Taiwan Strait, a war declaration from Washington and mobilization to the region would undoubtedly follow. But should a Chinese missile suddenly destroy an orbiting, billion-dollar U.S. intelligence satellite, the White House and the U.S. Congress might opt to avoid immediate escalation.

“Satellites have no mothers,” quip space policy experts, and the same is true for airborne drones and unmanned ships. Their demise does not call for pallbearers, headstones, or memorial statues.

As autonomous systems proliferate in the air and on the ocean, military commanders may feel emboldened to strike these platforms, expecting lower repercussions by avoiding the loss of human life.

Consider when Chinese naval personnel in a small boat seized an unmanned American underwater survey glider in the sea approximately 100 kilometers off the Philippines in December 2016. The winged, torpedo-shaped unit was within sight of its handlers aboard the U.S. Navy oceanographic vessel Bowditch, who gaped in astonishment as it was summarily hoisted aboard a Chinese warship less than a kilometer distant. The U.S. responded with a diplomatic démarche and congressional opprobrium, and the glider was returned within the week.

U.S. Navy oceanographic gliders record temperature and salinity, and are remotely piloted from a round-the-clock operations center in Mississippi. (U.S. Navy photo)

Lately, both Chinese and Russian navies in the Western Pacific have shown themselves bolder than ever. Early in June, south of Okinawa, the Russian destroyer Admiral Vinogradov came within tens of meters of the U.S. guided-missile cruiser Chancellorsville.

In September 2018, the American destroyer Decatur conducted a freedom of navigation transit near the disputed Spratly Islands in the South China Sea; it nearly collided with a Chinese destroyer attempting to ‘shoulder’ the American vessel off its course through these hotly contested waters.

In coming years, the Chinese military will find increasingly plentiful opportunities to intercept American autonomous systems. The 40-meter prototype trimaran Sea Hunter, an experimental submarine-tracking vessel, recently transited between Hawaii and San Diego without human intervention. It has yet to be used operationally, but it is only a matter of time before such vessels are deployed.

The U.S. Navy’s nearly $3 billion ‘Ghost Fleet’ initiative aims to develop a total of 10, 2,000-ton unmanned warships. Boeing recently edged out Lockheed Martin to begin construction of four extra-large unmanned undersea vehicles, each capable of transiting twelve thousand kilometers autonomously, for $43 million.

China’s navy may find intercepting such unmanned and unchaperoned surface vessels or mini-submarines too tantalizing to pass up, especially if Washington’s meek retort to the 2016 glider incident is seen as an indication of American permissiveness or timidity.

With a captive vessel, persevering Chinese technicians could attempt to bypass anti-tamper mechanisms, and if successful, proceed to siphon off communication codes or proprietary artificial intelligence software, download navigational data or pre-programmed rules of engagement, or probe for cyber vulnerabilities that could be exploited against similar vehicles.

No doubt Beijing is closely watching how the Trump administration responds to Iran’s downing of a Global Hawk surveillance drone on June 20, assessing U.S. willingness to punch back in kind, or to escalate.

Nearly 100,000 ships transit the strategically vital Singapore Strait annually, where more than 75 collisions or groundings occurred last year alone. In such congested international sea lanes, declaring a foreign navy’s autonomous vessel wayward or unresponsive would easily serve as convenient rationale for towing it into territorial waters for impoundment, or for boarding it straightaway.

More than 4,000 AI and robotics researchers have joined an open letter advocating a ban on autonomous offensive weapons that function without human supervision, and this past March, the U.N. Secretary-General decried such machines as “politically unacceptable, morally repugnant,” and worthy of international prohibition.

Such limits or controls on artificial intelligence would be immensely more difficult to verify when compared to existing inspection regimes for nuclear missiles or centrifuges. In the meantime, urgent action is needed.

A memorandum of understanding signed five years ago by the U.S. Department of Defense and the Chinese defense ministry, as well as the collaborative code of naval conduct created at the 2014 Western Pacific Naval Symposium, should be updated with an expanded right-of-way hierarchy and non-interference standards to clarify how manned ships and aircraft should interact with their autonomous counterparts. Without such guidance, the risk of miscalculation increases.

An incident without any immediate human presence or losses could nonetheless trigger unexpected escalation and spark the next conflict.

We should fear that, much more than killer robots.

Evan Karlik is a lieutenant commander in the U.S. Navy. He served last year as a Defense Fellow in the U.S. House of Representatives. His views are his own and are in no way intended to reflect the official position of the Department of Defense or the U.S. government.

Featured Image: (Feb. 1, 2019) The Sea Hunter, an entirely new class of unmanned sea surface vehicle developed in partnership between the Office of Naval Research (ONR) and the Defense Advanced Research Projects Agency (DARPA).(U.S. Navy photo)

Why We Will Never See Fully Autonomous Commercial Ships

By Commander David Dubay, USCG

The world will never see fully autonomous transoceanic commercial cargo ships. In fact, autonomous vessels are likely to operate in only very limited situations. In recent years, the prospect of fully autonomous vessels has become a hot topic for commercial shipping. The same fast-paced advances in technology that have led to projects to automate vehicles in every other sector of the transportation industry have also found their way to the shipping industry. Advances in camera technology, sensors, electromechanical actuators, and satellite technology appear to promise a world in which ships will soon traverse the oceans without a human on board. The International Maritime Organization (IMO) and the Comité Maritime International (CMI) are already exploring how autonomous vessels would fit into the existing framework of international maritime law.

Yet, while it is laudable to plan for the future, autonomous vessels operated by computers and remote operators quite simply pose too many vulnerabilities and they likely will prove too expensive to replace today’s manned vessels. The professional merchant mariners who operate ships today are the crucial on-scene decision makers, repairmen, and physical security providers who make commercial shipping secure, efficient, and inexpensive. Once we get past the promises and hyperbole, the risk of collisions, legal liabilities, and environmental calamity will ensure that some critical number of humans will persist onboard ships. Advances in technology will continue to make shipping safer and more efficient, but they will not eventually replace the human masters and crews that serve on today’s commercial vessels.

Despite all the excitement, the benefits of autonomous ships are still very much up for debate. For shipping companies, a switch to autonomous vessels promises cost savings from not having to pay for a master and crew, and perhaps from increased safety. But scores of new operators and technicians would be required to make a system of autonomous vessels work. The equipment to automate a ship will be extremely expensive and would introduce many new potential points of failure into commercial shipping. Autonomous vessels may reduce the number of accidents caused by human negligence, however, the relative safety of autonomous vessels versus manned vessels is pure speculation at this point. Autonomous ships could potentially be more efficient if the space for the crew could be dedicated to additional cargo. But ships will still likely need to have systems and controls in place to allow them to be operated with human master and crew when there are system failures. Autonomous vessels may result in better working conditions overall in the shipping industry as they would eliminate the need to find workers to fill the many difficult and hazardous jobs at sea. But the elimination of merchant mariner jobs would be a tremendous financial blow to those workers in those jobs today.

Recent articles have proclaimed that autonomous vessels are here or just on the horizon and seem to take the adoption of autonomous vessels as a certainty. At an initial glance, the future of autonomous vessels appears very promising. For small vessels the technology that is needed to automate a vessel is here today and is available enough that even a hobbyist can build an autonomous vessel. In 2017, SEA CHARGER, a small solar powered and unmanned home-built boat successfully completed a trip from California to Hawaii using GPS and a satellite modem for guidance and connectivity. And companies in the shipping industry are already using technologies that could eventually be used to automate larger vessels. The newest vessel of the the Red and White Fleet, a San Francisco charter boat company, is a hybrid diesel electric with a 160 kilowatt lithium ion battery pack that provides enough power for the ship to do a one-hour Golden Gate cruise on battery power alone.

One present obstacle for automating larger vessels is battery technology. At the outset, today’s batteries simply do not have the energy density necessary to power larger commercial vessels. Higher capacity and more powerful electric batteries that are powerful enough to move larger ships will likely be developed in the future. However, current battery technology has limitations. Lithium ion batteries, the type used for automated vehicles and aircraft, can explode if overcharged and further, large lithium ion batteries need to be temperature controlled to work properly.

Even more challenging obstacles to the success of autonomous vessels will be the expense and complexity of designing such systems. The technical challenge of operating a large cargo ship autonomously on the open oceans for days or weeks at a time will require a command and control system that does not exist today and may be impractical to build. Seamanship and navigating a ship safely is a challenge with a full complement of crew members on board. Automated ships will require command centers, computers, advanced satellite communications systems, other electronic devices, remote operators, and other technicians. Autonomous vessels would save money by not having a crew, but shipping companies will in many cases be simply replacing merchant mariners with other workers, most likely more expensive technical workers, who will work in offices on land or will be on call to assist autonomous ships across the oceans. Shipping companies will likely need multiple redundant command centers to provide the robust level of connectivity required for the safe and secure operation of these ships.

All of this advanced technology will be very expensive and much of the expense will be the cost of designing and operating a system capable of providing the propulsion, navigation controls, and stopping power necessary to operate a ship continuously in the harsh ocean environment. Weather, wind, waves, fog, obstructions, marine mammals, salt water, weather, birds, other ships, sounds, and almost anything else imaginable is encountered out on the open ocean. An autonomous ship will require incredibly complex technology to withstand the chaos of the ocean environment and enable a ship to respond remotely to any incident or emergency. It is still an open question whether today’s controls and communications technologies are sufficiently robust and capable so as to be relied on for commercial shipping in place of a human crew.

The most serious concern regarding autonomous vessels is the one that will very likely keep them from ever being employed: the risk of exploitation by adversaries, hackers, terrorists, criminals, and other malign actors. Autonomous vessels’ dependence on the electromagnetic spectrum and cyberspace infrastructure coupled with the lack of any human on-scene responders will provide an opportunity for others to interfere with these ships and potentially use them as weapons or for profit. The challenge for system designers is that the characteristics or features that make an automated system feasible for commercial application, such as standardization, continuous communications, and periodic updates, also provide exploitable opportunities for bad actors. Autonomous commercial cargo vessels would provide too easy a target of opportunity for theft, misuse, interference, or worse.

Conclusion

Some reality must be injected into the debate over autonomous ships. It is a truism that electronic and mechanical systems will eventually fail. For vital applications where human lives are at risk such as for aircraft, system engineers design in wide tolerances, safeguards, and multiple levels of redundancy to ensure an adequate margin of safety. The challenge in designing autonomous vessels is building both a safe and secure system that will function effectively in all ocean and maritime conditions without human beings on board and one that is not capable of being exploited by bad actors. Such a system, even if possible to build, would likely be too expensive for companies to build and operate compared to human crew. As a result, autonomous vessels are extremely unlikely to displace the human network of maritime professionals that have always made the maritime transportation system safe and secure.

Commander David Dubay is a Military Professor of International Law and Associate Director for the Law of Maritime Operations, Stockton Center for International Law, U.S. Naval War College, Newport, Rhode Island. The views presented are those of the author and do not necessarily reflect the official policy or position of the U.S. Navy, U.S. Coast Guard, or the U.S. Naval War College.

Featured Image: HMM Dream (Wikimedia Commons)