AFRICOM’s Chinese Satellites: How To Lose At Mastermind

THIS ARTICLE WAS ORIGINALLY PRINTED ON MAY 3, 2013 AND IS BEING RE-PRINTED FOR “CHALLENGES OF INTELLIGENCE COLLECTION WEEK.”

Easy to learn. Easy to play. Now, much easier to win.
                                   It gets easier with practice.

For many, the game Mastermind is their first adolescent introduction to cryptology.  A code-breaker is given limited turns to discover the encrypted signal of the code-maker.  By choosing to put AFRICOM bandwidth over state-controlled Chinese satellites in 2012, the U.S. Defense Department decided to extend their PRC opponents exponentially more “rounds” to win the game.  The U.S> has won a tactical convenience at the cost of strategic peril.

Defense Department representatives claim the use of the satellites was secure due to the encrypted nature of the transmissions.  However, as in Mastermind, more exposure reveals more information, with which the code-maker can be beaten.  With an unrestricted treasure-trove of data, the cyber-battle proven Dirty Data Dozen of Chinese cyber-warfare will have plenty of material to compare and contrast until base patterns are found and exploited.  This vulnerability is especially worrisome in an area of responsibility rife with corruption issues and general penetration by state-associated Chinese assets.  That access to the satellite transmissions might be doubly useful because of the potential access to the pre-transmitted data, further easing decryption efforts.  This undermines force-wide communications, providing information that will end up not only in the hands of the Chinese, but the actors with whom their intelligence services cooperate.  The U.S. stands not only to lose one game of Mastermind, but most of the tourney.

You must accept that you won’t always have attractive alternatives. The Big Picture may demand tactical sacrifice.

It was only last month that the CNO, ADM Greenert, said that the cyber-EM environment isso critical to our national interests, that we must treat it on par with our traditional domains of land, sea, air, and space…”  The EM-cyber spectrum may be invisible, but they have the same space constraints as those traditional domains.  During the Cold War, if the berths at Bremerton were full, the U.S. Navy would never have requested berthing space in Vladivostok; if the U.S. Army found itself under-equipped, they would never request use of radio towers in East Germany to communicate with West German patrols.  Resources are limited and must be rationed; put simply by Raymond Pritchett, “If this wasn’t the point to tell someone ‘no’ when they ‘needed’ bandwidth, what point is?”  Refusing to prioritize the strategic long-term viability of U.S. communications security over temporary tactical comfort is the laxity alluded to by the CNO when he highlighted the need for a new attitude.  We can start with the lessons learned from a 1970’s board game.

Matt Hipple is a surface warfare officer in the U.S. Navy.  The opinions and views expressed in this post are his alone and are presented in his personal capacity.  They do not necessarily represent the views of U.S. Department of Defense or the U.S. Navy.

Maritime Cryptology at the Crossroads

After more than a decade of land war and a desire to rebalance to Asia, America’s Navy finds itself smaller, and in many ways weaker in certain respects. One area that should be of great concern is the current practice and future of maritime cryptology.

Cryptology at sea was proven decisive during World War II, beginning with the battle at Midway and the breaking of the Japanese naval code “JN25.”[i] Equally important was the allied program that cracked the German Enigma machines, “Ultra,” especially those used by the German Navy. Winston Churchill famously remarked to King George VI that, “It was thanks to Ultra that we won the war.”[ii]

museum
(A selection of seven Enigma machines and paraphernalia exhibited at the USA’s National Cryptologic Museum. From left to right, the models are: 1) Commercial Enigma; 2) Enigma T; 3) Enigma G; 4) Unidentified; 5) Luftwaffe (Air Force) Enigma; 6) Heer (Army) Enigma; 7) Kriegsmarine (Naval) Enigma—M4.)[iii]
Throughout the ensuring Cold War until the fall of the Berlin Wall, naval cryptology played a vital role in meeting national and tactical intelligence requirements. America gained deep insight and understanding of Soviet and Warsaw Pact allied naval operations and was able to obtain priceless strategic intelligence through collection missions operated by the U.S. Navy. The end of the Cold War, ensuing strategic drift and drawdown was shattered by the terrorist attack of 9/11, yet even in the midst of a worldwide “Global War on Terror,” the pressure remained to cut the naval force. Today, the Navy is at its smallest point since World War I. For the Navy to conduct its maritime cryptology mission, it must have presence in the littorals, especially in key strategic areas of the Western Pacific, Indian Ocean and Arabian Gulf and the Mediterranean and elsewhere. A smaller Navy with fewer platforms means the Navy is not always where it needs to be and when it needs to be there.

The hope was that through force shaping, automation and remote operations, maritime cryptology could continue to thrive in an ever more complex electromagnetic (EM) environment. Adversarial communications have become far more challenging to detect, exploit and prosecute. The Radio Frequency (RF) environment of today is incredibly complex, with tactical, strategic and data communication links operating in all areas of the spectrum and often at frequencies with a very low probability to intercept. Modern encryption techniques have evolved from mechanical electronics to the use of quantum mechanics.[iv]

crypto

The effects of force shaping, automation and remote operations are beginning to take their toll on the tradecraft of maritime cryptology. Today’s junior Sailors and officers have had their training time cut in order to meet growing operational demands on a shrinking Navy. To be successful in the art of cryptology – and it is a practiced art – one must have a deep understanding of the fundamentals of radio signal transmission as well as more than a passing familiarity with the collection equipment. A junior cryptologic technician and junior officer should be able to draw a basic transmitter-receiver diagram and trace the origin of a signal from its original state, such as voice or data, through the transmitter, across a medium and into the collection gear and the operator’s ears. Foundational knowledge required that the basic operator have a working knowledge of the equipment and be able to perform diagnostic and troubleshooting tasks in the event of a malfunction. Finally, operators and junior officers must understand the process of signal intelligence reporting to the tactical unit at sea (indications and warning intelligence) as well as to the national signal intelligence system.

spectrum

At the same time, emerging cyberspace communication networks place entirely new pressures on maritime cryptology. Modern communication, command, control and information sharing are a “network of networks,” an “Internet of things” that require new skill sets and new acquisition and exploitation technologies. Yet the complexity of data systems and volume of data being passed is growing exponentially, outpacing our acquisition and procurement capability. The Navy has tried to mitigate this by relying on commercial off-the-shelf technology (COTS) but this entails its own set of problems. COTS technology must be compatible with legacy systems – some more than twenty years old and built on architecture and code from the late 1980s and early 1990s – and it relies on bandwidth levels that are not always available and reliable. We often find out the hard way that equipment which works well in the sterile lab environment is not up to the task of performing reliably at sea under arduous conditions.

Maritime cryptology is at a cross roads. We must return to the fundamentals of signal intelligence at the same time we are trying to realize the potential of cyberspace operations at sea. This will require a renewed commitment to recruitment and training, and for many middle grade and senior enlisted cryptologic technicians and officers, it means new formal training. Right now, senior enlisted and officers are being asked to take leadership roles in an emerging cyberspace operations field for which they are receiving inadequate or no formal training. We must reconsider recruitment of new junior Sailors and officers who have the background skills, education and knowledge and provide them a career path that emphasizes cryptologic expertise across the spectrum, from “traditional” signals intelligence to modern wireless exploitation. This career path must be grounded in recognizing that maritime cryptology is more art than science, and to become proficient and experienced, one must practice.

The author would like to thank CDR Kevin Ernest who kindly provided his thoughts on the challenges of modern maritime cryptology.

LT Robert “Jake” Bebber is an information warfare officer assigned to the staff of U.S. Cyber Command. The views expressed here are his own and do not represent those of the Department of Defense, the Department of the Navy or U.S. Cyber Command. He welcomes your comments at jbebber@gmail.com.

[i] http://www.navy.mil/midway/how.html

[ii] http://www.history.co.uk/study-topics/history-of-ww2/code-breaking

[iii] http://en.wikipedia.org/wiki/Enigma_machine#cite_note-9

[iv] http://blogs.scientificamerican.com/guest-blog/2012/11/20/quantum-cryptography-at-the-end-of-your-road/

Time to Wake Up: Snowden’s Cost

THIS ARTICLE WAS ORIGINALLY PRINTED ON MAR 30, 2014 AND IS BEING RE-PRINTED FOR “CHALLENGES OF INTELLIGENCE COLLECTION WEEK.”

Regardless of how you feel about Edward Snowden’s domestic surveillance program revelations, it’s time to get real about the cost we are paying for Snowden’s leaks about America’s signals intelligence programs. In a conversation a few months ago with a very senior former US intelligence official, I was struck by their apocalyptic assessment of the damage Snowden’s leaks had caused America’s intelligence capabilities. While he naturally considered the domestic concerns overblown, he was even more upset at Snowden undoing of decades of groundbreaking American work securing our own communications and spying on foreign governments.

Success in signals intelligence relies almost entirely on the opponent not knowing where and how he is being spied upon. As soon as your methods are discovered, your opponent can evade your espionage or, even worse, spoof you with false intelligence. Be detailing the methods that the US uses to spy on other countries, Snowden’s revelations immediately and directly limited the NSA’s capabilities. We are just now beginning to see the fruit of that.

The Crimean crisis has revealed tremendous gaps in American SIGINT and comms against the very country in which Snowden happened to take asylum. Just over a year after Snowden’s releases, it is no coincidence. Now, I don’t mean to give Snowden all the credit – the Russians have maintained aggressive measures against American SIGINT since at least the mid 2000s. But it is not clear that, before the Snowden revelations, they were certain how effective their countermeasures were. By laying bare the sorts of measures the NSA has honed to break open world communications, Snowden has given the Russian military and IC exactly what it needs to craft communications in the American blindspot. Thus, the American intelligence community was blindsided by the Crimean invasion – while they observed the Russian military buildup, the lack of an increase in comms traffic lulled them into a false sense of optimism. Thanks to Snowden, the Russians could be confident that their countermeasures would be effective.

There is another piece of this puzzle that has been troubling me; Over the past year, there have been a number of alarming communications security breeches that have embarrassed US, EU, and Ukrainian officials in ways very convenient for the ongoing Russian information war. Now, I can’t speak to the sources of the EU and Ukrainian leaks (I wouldn’t want to deprive some poor GRU operative his due!), but I was very alarmed by the US breech. Senior (and even not-so-senior) US officials working in the Former Soviet Union are subject to very strict regulations around communications. Now, it’s possible of course that Victoria Nuland and Amb. Pyatt made some error. But this isn’t the first rodeo for either of them: Nuland is the former ambassador to NATO, and Amb. Pyatt is a career FSO with decades of experience working in sensitive areas, including at the IAEA. We know that Nuland was surprised by the leak, calling it “pretty impressive tradecraft.”

There are two likely scenarios of how these communication leaks happened; both of them alarming. The first possibility is that the conversation was had in the clear on an embassy line. Intercepting embassy communications still involves a level of tradecraft above merely intercepting something over Ukraine’s telecoms network, and embassy comms being intercepted indicates a dire but not surprising familiarity with our diplomatic communications system. Nonetheless, such a breech would indicate that our diplomats had not necessarily followed protocol. The more alarming possibility is that the secure line itself was compromised. Prior to Snowden, such a breach was nigh unthinkable. But, prior to his time at the NSA, Snowden worked for the CIA…securing their communications from foreign postings. Now, I’m not suggesting that Snowden is sitting in Lubyanka Square hacking American comms. But it should scare the hell out of us that someone so intimately involved in securing American communications in addition to building American SIGINT capacities now relies on the generosity of his Russian hosts for his breakfast, lunch, and dinner.

It is possible that Snowden could compromise American intelligence in ways he is not even aware; was Snowden really clever enough to completely prevent the Russians from peeking into his document archive? Is he really smart enough to detect whether some of the security problems he might work on for his Russian clients might not actually be FSB tricks to get him to divulge how an American cryptographer might approach security? What frightens me is not the possibility that Snowden is maliciously working against the US. But the Russian intelligence community has access to people who are smarter than he is, are better hackers than him, and are world-class manipulators. Snowden’s naïveté has already harmed the US, but his hubris is positioned to do even more damage, and damage that we will not know the extent of until it is too late.

I realize that this line of analysis has a certain Ian Fleming-ish feel to it; a US cryptanalyst absconds to Russia, and a year later, American SIGINT begins to experience unusual failures and breeches. But that is the reality we are living in, and we need to wake up to it. The damage Snowden has done to America’s information security and intelligence capabilities is not hypothetical and hypothesized. It is real, it is urgent, it is extensive, and it is just starting.

Jon is a 2013 Healy Scholar, a MPhil in International Relations candidate at University of Oxford, and a Research Assistant at Georgetown University. 

Why Intelligence Matters, And Nations Need Think About Collection Methods

In the military sense, intelligence means something approximating a combination of knowledge and understanding of others – whether they are friends or foe. In the modern risk averse world the temptation has been to rely upon more and more distant observation methodologies; using satellites especially to monitor communications, movement and equipment – prima facie the what, the where and the why of information available.

The trouble is that knowing that an order has been given does not give the why – it does not give the thought process, or even more than a glimmer of the thought process, that has gone into the decisions made leading to that moment. Without such understanding of the decision, judgements are not actually judgements or even estimates, they are guestimates – they are hopes that the enemy repeats the same thought process, the same conclusions, and same actions without having any idea why. This is all ‘Human Intelligence’, and unfortunately not something that can be acquired with a satellite or the snippets of conversation  normally accessible in terms of other nations’ (or really any actors on the world stage) command personnel.

Although there is a lack of human intelligence, it is not due to any real failure of intelligence services – they would never have the resources to be able (for want of a better phrase) ‘stalk’ all the people necessary. So as the intelligence services can’t be expected to do a job so big, the question is why does the lack of it matter? What effect can the lack of it have on operations?

The impact is simple: with increasing costs, budgets being cut, and the consequently shrinking force structures (as well as the roll on effect in presence and response), the armed services are being expected to do more with less. The potential risks of making the wrong decision are multiplied as any losses equate to a larger proportion of total forces. Furthermore, loss does not need to be destruction, but could mean being in the wrong part of the world – as again a man, a tank, a plane, a ship, whatever is considered can only be in one place at any one time. Yes, ships can be moved easily as they are self-contained and self-propelled; aircraft can be moved (if there is logistics/suitable air base/support personnel) – the same goes for men and tanks. The moves are not instantaneous; though it seems that each generation of leaders has to relearn this for themselves.

Many ministers (some of whom had themselves served in WWII or other conflicts[i]) were shocked when they discovered the time it would take to deploy forces from the UK to take part in the 1982 Falklands War; ultimately, it took 47 days from the first ships of the Task Force departing from the UK on April 5th to the San Carlos landing commencing in the Falklands on May 21st[ii]. More recently, HMS Illustrious, which was conducting counter piracy operations in the Indian Ocean at the time, was ordered to provide support for the 2013 Typhoon Haiyan aid mission November 14th; however, after picking up over 500tons of supplies at Singapore, it did not arrive until the 25th of November[iii]. Apart from being a salutary example of the fact that navies do not have peacetime/war time difference in operational tempo, it again shows the realities of time. This makes the requirement for gaining as full an intelligence picture as possible—including both the knowledge and the understanding thereof—a premium; the better the intelligence picture, the lower the likelihood of a country being caught by an unanticipated surprise. This is not to say a nation will not be caught by surprise, but that it will be more prepared for that surprise when it comes. Thus, how can a nation’s understanding be increased to allow for this if the intelligence services cannot be turned into ‘stalkers anonymous’?

This solution largely depends upon the service and their national requirements; for navies, it becomes about presence, the concomitant diplomacy of port visits, and the training/interaction opportunities that occur. These roles build relationships between practitioners; yet if people do the same the job and fulfill the same role (even when using different equipment, and representing different nations), then they are usually half way to understanding the other anyway. Whilst it does work both ways—giving understanding to the other nation/actor as well as gaining it for their own—it still provides a better overall position and a level of understanding than that which no interactions provides. But as a proposed measure for improvement, how can it be implemented?

For the navies of nations which are local or even regional powers, this naturally represents less of a challenge (and less of a strain on limited resources), since the operations can, for the most part, be supported from home ports, and could utilise shorter range vessels such as patrol boats[i]. However, for the navies of nations with national interests of a range that require a broader interaction—a global approach—it becomes more difficult. The emphasis such navies often experience, on building first rate, top of the line vessels for all roles, means their ships are often too expensive for them to build in the numbers that would be required for a proper presence[v].

This presents a problem for those navies and in a way it requires both a greater acceptance of the role of services in ‘peacetime’[vi] from leadership (supported by navies finding a way to highlight this more, perhaps by being less reticent about what they do, perhaps by borrowing some of the showmanship exhibited by other government organisations to demonstrate why they matter); it also needs those navies to look at building ships for which in warfighting terms would be described as ‘Task Group vessels’. Ships which could never be a picket, either for anti-submarine or air defence, but which can provide extra security for auxiliaries, aircraft carriers and amphibious ships. Ships which will have small crews, but good range and very good wining & dining facilities. Ships which will probably carry a small helicopter, some drones, boats and marines[vii] in order to maximise their presence wherever they are. They would not need to be big, but they would need to be flexible. Most of all they would need to be cheap, not cost effective, cheap; they must cost not a lot to build (so everything should come off the shelf) and not a lot to run.

For example the solution for the RN is quite easy to see:

  • Hull/design- a slightly enlarged River class vessel, with a hangar,
  • Sensors – a suitable radar,
  • Naval Gunfire Support (for helping out with amphibious or littoral operations) – A medium calibre deck gun,
  • Defensive weapons – a Close in Weapon System such as Phalanx plus a small number of Sea Ceptor (the RN’s name for its new Point Defence Surface to Air Missile System, which is part of the tri-service Common Anti-Air Modular Missile) to help it with defending itself if caught by surprise, but most importantly defending the ships as described above
  • Offensive weapons – perhaps some Stanflex modules[viii] (or other equivalent of the shelf modular system) could be acquired from Denmark to support torpedoes, towed sonar array and anti-ship missiles; if not decisions have to be made about what is necessary, rather than trying to fit it all, perhaps the route of the Type 12 Leander class would be best where each batch was focused on a different mission for the task group[ix], so some could carry torpedoes (or maybe as a class would rely upon their helicopters entirely for that), some anti-ship missiles and some perhaps land attack weapons (or a system could be chosen which was capable of both missions on an equal or nearly equal basis).

Going into such detail makes this example sound bigger than it reality is[x], but this goes to demonstrate how capable and how complex even a cheaper ship would have to be fulfill its role as a presence/task group ship; the fact is though that if everything was bought ‘off-the-shelf’ rather than developed fresh, then the costs would drop dramatically. This would happen because it’s the research which costs the money (especially as unit numbers have fallen at the same time as complexity increased, accelerating cost-per-unit growth), not the hardware. Such ships though would not be an easy sell, as their role would not be to replace anything, but to support it[xi]; therefore the case would need to be made well as, whilst not much (in the context of what services they would provide), new money would have to be found.

For navies that succeeded in making the case, in securing some more of their national budgets and then acquiring them then these vessels would be of huge benefit. In Peacetime they would be the vital global presence[xii], they would provide a much needed supplement to the first rate ships of the escort force (as well as the modern Capital Ships, the Aircraft Carriers and Amphibious Ships) as representatives of their nations and its national interests around the world. They would act in peacetime, as escorts always have, as their nations diplomats of the sea, police of the maritime highways, eyes and ears of the homeland in distant quarters[xiii]; whilst in war time they would again take a supporting role that would free up the more capable ships for pickets, providing the inner layers of defence to help protect those vessels upon which their nations primary capability projection rests.

As an intelligence paper, this paper should conclude with a focus on exactly that: intelligence matters because, when properly conducted, it will make leaders’ decisions easier and safer. The best way to increase understanding is to improve the level of interaction so as to allow those expected to make the decisions to learn it first-hand. For navies, this means cranking up the presence abroad, which will necessitate increasing the ‘presence’ at home to secure the funding necessary – something which will be even more crucial for those navies which serve nations with extensive global interests, as they will need to acquire the resources to build these vessels in the numbers necessary without compromising on crucial existing projects; a very tricky task in the modern world.

Dr. Alexander Clarke is our friend from the Phoenix Think Tank and host of the East-Atlantic edition of Sea Control. He recently received the rest of the paperwork necessary to put a well-deserved “Dr” at the beginning of his name.

[i] For example in 1982 the Deputy Prime Minister & Home Secretary William Whitelaw (1st Viscount Whitelaw) had served in the Scots Guards with 6th Guards Tank Brigade during WWII, http://en.wikipedia.org/wiki/William_Whitelaw,_1st_Viscount_Whitelaw (06/07/2014), the Defence Secretary Sir John Nott served with the 2nd Gurkha Rifles in Malaysia, http://en.wikipedia.org/wiki/John_Nott (06/07/2014), and the Foreign Secretary Peter Carington (6th Baron Carrington) served throughout WWII with the Grenadier Guards, http://en.wikipedia.org/wiki/Peter_Alexander_Rupert_Carington,_6th_Baron_Carrington (06/07/2014)

[ii] http://www.telegraph.co.uk/news/worldnews/southamerica/falklandislands/9181252/The-Falklands-War-timeline.html, (05/07/2014)

[iii] http://www.royalnavy.mod.uk/news-and-latest-activity/news?s={271126E5-06D3-4721-BEA9-9F8011615CE3}&page=6 & http://www.royalnavy.mod.uk/news-and-latest-activity/news?s={271126E5-06D3-4721-BEA9-9F8011615CE3}&page=5 (both 05/07/2014)

[iv] The other factor to be increased alongside visits will be the quantity of reports; i.e. all Officers, NCOs and even some ratings should provide write ups of their experience that could be provided to the intelligence/command communities – they may have nothing useful, but it’s the overall picture that the information helps to create which will be of service; the more details gathered the greater the understanding that should be gained.

[v] http://www.europeangeostrategy.org/2014/07/centrepiecebut-rest-board/ (06/07/2014)

[vi] With Counter-Piracy, Counter-Narcotics, Counter-Human Trafficking, Counter-Terrorism, Freedom of the Seas, Fishery Protection, Search & Rescue, Humanitarian Aid, Allied Training, Maritime Security (including national and allied standing patrols), Constant At Sea Strategic Deterrence and of course various Diplomatic duties (naming just the major mission clusters) for ‘peacetime’ read even more for navies to do, but more than li

[vii] http://www.royalnavy.mod.uk/news-and-latest-activity/news/2014/may/28/140528-hms-somerset-drug-bust, http://www.royalnavy.mod.uk/news-and-latest-activity/news/2014/january/13/140213-rm-receives-lsgc-medal & http://www.royalnavy.mod.uk/news-and-latest-activity/news/2014/march/17/140317-rm-practise-pirate-take-down (all 06/07/2014)

[viii] http://en.wikipedia.org/wiki/StanFlex (06/07/2014) – on the face of it a system with a lot to offer that has been around a long time, if it had been developed and used by a larger navy then more than likely more nations would be using it.

[ix] http://www.hazegray.org/navhist/rn/frigates/leander/ (06/07/2014) – a total of 44 of these ships were built, 26 for the RN which were built with a range of capabilities, a state which was expanded as time went on and they were upgraded http://en.wikipedia.org/wiki/Leander-class_frigate (06/07/2014); for more information http://www.phoenixthinktank.org/2011/05/future-surface-combatant-%E2%80%93-is-this-the-successor-of-the-leander-class/ (06/07/14)

[x] Possibly have gone into too much detail for what this work is supposed to be, but it seemed necessary to help illustrate the point.

[xi] Although arguably they could be said to be taking on what was traditionally a significant part of the peace-time cruiser role http://www.britishnavalhistory.com/sverdlov_class_rn_response/ (06/07/2014)

[xii] http://amphibiousnecessity.blogspot.co.uk/2013/11/october-2013-thoughts-extended-thoughts.html (06/07/2014)

[xiii] Just recently for example the RN has met the Russian’s of the West Coast of Scotland, http://www.royalnavy.mod.uk/news-and-latest-activity/news/2013/october/31/131031-royal-and-russian-navy (06/07/2014), exercised with the Indian Navy in the Indian Ocean, http://www.royalnavy.mod.uk/news-and-latest-activity/news/2013/november/01/131101-hms-westminster-indian-navy (06/07/2014), and has taken command of a multi-national Maritime Security Task Force East of Suez, http://www.royalnavy.mod.uk/news-and-latest-activity/news/2014/april/17/140417-ctf150-command (06/07/2014).

Fostering the Discussion on Securing the Seas.