Tag Archives: cyber

“Was it Over When the Drones Bombed Pearl Harbor?”

"It's not delivery, it's deceptive."
“It’s not delivery, it’s deception.”

After months of patient progress the drones reached their targets. Over the span of a few weeks they silently arrived at their pre-assigned loiter boxes (lobos) in the many harbors of Orangelandia. Having been launched from inconspicuous commercial vessels in major shipping lanes, the transit time was shortened by a good month. Yet for the few who knew of the operation, the anxious waiting was plenty long enough. The policy makers monitored the gliders’ headway via secure satellite datalinks and assured themselves that the operation, sold as a precautionary measure, was warranted in light of heightened tensions with Orangelandia.

As the weeks passed tensions only increase. Orangelandia declared its claimed EEZ closed to all foreign military vessels and threatened to sink any violators. After making good on its promise in a naval skirmish against a neighbor with rival claims to an island chain, Orangelandia was given an ultimatum by the U.N. Security Council* to stand down. With no sign of the occurring, the policy makers decide it’s time to act.

——

Darkness falls in Orangelandia. Satellites command the gliders forward. They drift further into the harbors, their targets are naval vessels they’ve monitored for days. The sailors on watch see and hear nothing more than what they attribute to the usual debris floating by on a moonless night. The gliders release their payloads – smaller drones that specialize in climbing the hulls of ships. After clamoring aboard the weatherdecks, the small machines avoid the sealed doors of the ships’ airlocks and feel out the superstructures, their goals the exhaust stacks for the ships’ engines and generators.

On a few ships at anchor the drones encounter humming engines and generators, beckoning the heat-seeking drones. Burrowing past the louvers the drones drop down through ducts and move towards the ships’ mechanical hearts. As the heat of the exhaust on the active vessels melts the drones’ exterior sheathing, thermal-triggered explosives carried in the drone cores detonate, delivering mission kills and rendering the ships immobile for weeks-to-months of critical repair. On the inactive ships it takes longer for the drones’ schematics-recognition features to determine the stacks’ location but the outcome is more devastating. The drones are able to move further into the exhaust system’s interior, detonating once progress is blocked, and increasing the likelihood of destroying the engines or generators themselves. Within the span of a night the majority of Orangelandia’s in-port fleet is crippled.

My other drone is a Reaper
My other drone is a Reaper

The above passage is of course a piece of fiction, and not very good fiction at that. But it doesn’t have to be. The technology to enable the scenario exists and will become more sophisticated and cheaper in the coming years. This is also far from the only way to imagine a “Drone Pearl Harbor,” as slightly different capabilities hold the potential to impact the way an attack could play out.

Decision points

In developing a concept of operations for a stealth drone attack the ability to give the execute order is a sticking point. The technologically easiest course of action would be to simultaneously make both the decisions to set up for and to execute the strike at the beginning of the decision cycle, launching the drone operation as a “fire and forget” (or rather “fire and wait patiently”) strike. Yet few policy makers will want to make an irreversible decision far in advance of the impact of the effects. The decision to attack Orangelandia may be correct in the context of the 7th of the month, but not the 21st. One needs only remember the desperate attempts to recall the nuclear-armed bombers of Dr. Strangelove to grasp the concept.

However, any attempt to move the “execute” decision point later than the “set up” order, as I did in my example, faces technical hurdles. A direct transmission signal requirement would make the drones vulnerable to detection and possible hijacking or jamming. Using broadcast signals to transmit orders and obscure their location means leaving the drones even more susceptible to hijacking and jamming as Orangelandia could constantly emit signals to that end. Similar vulnerabilities exist when the drones are given reporting requirements, so an informed balancing of the need for one- or two-way communication and concerns over the exposures those needs create is necessary.

Variations on a Theme

The above scenario was played out against a generic surface ship. Other types of naval vessels have more accessible points of entry; and the job of penetration is made easier at less-stringent damage control settings that leave hatches and air locks open. Additionally the ways, means, and follow-on considerations of a drone sneak attack are also variable, but can be roughly broken down into fouling attacks, as in the scenario above; direct attacks; and cyber-attacks.

In a fouling attack, the drone payload would be used to achieve a mission kill against a critical piece of shipboard equipment. The drone would need the ability to locate that piece of equipment through some type of sensor – visual, thermal, chemical, etc. External targets, such as a ship’s propellers, would be the easiest to target. The benefit of a fouling attack is that the payload could be a small explosive, limiting drone’s size, likelihood of detection, and propulsion requirements for a trans-oceanic voyage. It could even be the drone itself, outfitted with special equipment or configuration options to inflict the maximum damage on the piece of critical gear. As an example imagine a piece of corrosive wire wrapping itself around the same hypothetical propeller. Again, the execute order in this type of attack could be withheld until very late in the decision-making process while the glider drones do “circles of death” in their lobos.

In a direct attack the glider drone would carry a weapon payload designed to inflict maximum kinetic damage. Such an attack would require less sophisticated targeting internal to the drone and could be used to attempt to disable a large portion of the ship’s crew and/or sink the ship. As with fouling attacks, direct attacks would be easier to conduct once the glider was on station and could incur the same delayed-decision benefits, the increased explosives requirement would increase the drone’s size and detectability.

We're gonna need a bigger fly-swatter.
We’re gonna need a bigger fly-swatter.

In the last type of attack, a payload drone would find a way to penetrate the ship and access the ship’s industrial control systems (ICS), which operate things such as the ship’s main engines, to introduce a Stuxnet-like virus. Such drone would need to be small enough to fit through minuscule spaces or blend in during the process of crew traffic opening and shutting airlocks. The drone would also have to be the most advanced to successfully navigate around the ship unseen and interface with ICS through diagnostic, patching, or external monitoring ports. Such a drone could delay the policy-maker’s execute order until well after infection, potentially expanding the decision timeline until well after the drone has achieved its mission and the vessel has gotten underway. This delay would come at the cost of the very difficult task of being able to transmit the final execute order to the newly infected ICS, so the decision to infect the systems would more realistically have to be paired with the decision to execute virus’s programming. On the plus side, a cyber/drone sneak attack could potentially disguise the source of the attack, or even that an attack has occurred, unlike the other two types of attack, providing policy makers with further options than simply a kinetic attack.

That these courses of action are possible says nothing of whether executing any of them would be wise. The risk and potential repercussions of each course of action is as varied as the ways in which such an attack may occur. This is one reason I have attempted to draw out the effects different technologies have on moving the decision points. But possible they are, so it would be wise to both think of ways to take advantage of the options as new tools for policy makers, and think of ways to defend against them that don’t rely on weary roving deck watches. A few defensive options that come to mind include more stringent damage control settings in port, a thorough examination of the vulnerability of vessels and shipboard access points to drone penetrations, detection systems for drone penetrations, drone SIGINT detection and jamming, and possible external hardening of berths. But this is probably a good jumping off point for another post and your thoughts.

Scott Cheney-Peters is a surface warfare officer in the U.S. Navy Reserve and the former editor of Surface Warfare magazine. He is the founding director of the Center for International Maritime Security and holds a master’s degree in National Security and Strategic Studies from the U.S. Naval War College.

The opinions and views expressed in this post are his alone and are presented in his personal capacity. They do not necessarily represent the views of U.S. Department of Defense or the U.S. Navy.

*So no, Orangelandia is clearly not China, a veto-wielding member.

Tubes: A Reason for Cyber-Optimism?

Not intelligent — yet. This visual representation of the Internet by the Opte Project is important for what it doesn’t show: the physical places which enable these connections.

It’s been quite a week for cyber issues in the news. CIMSEC’s own Matt Hipple has a must-read article in this month’s Proceedings about “Cloud Combat,” the coming blur between man and machine, and the rise of autonomous weapons systems. As a child of the ’80s, his writing couldn’t help but conjure in my mind the image of Governor Schwarzenegger in all his red-eyed glory as the Terminator. After reading Matt’s article, I skipped across cyberspace to Wired’s Danger Room, where I read about GPS spoofing and drones, a topic Matt also covers in his piece. Though the Wired post says that researchers only made a drone assume a crash course, it seemed all of a sudden that making drones take lives when we don’t want them to is more than plausible with today’s technology.

Autonomous weapons systems? Machines tricked into behaving badly? This common plot seems to be everywhere in our imagination: from Prometheus and the “Alien” franchise to Call of Duty: Black Ops II. In the world of the arts, drones, cyber attacks, and the loosening of man’s control over technology have constituted common plot elements throughout my lifetime. Now, it seems like technology is actually catching up with our imagination. It’s no wonder, then, that the military has placed so much emphasis on cyber warfare – it is an opaque medium. And we fear that which we don’t understand.

Fretting over the risks of modern technology, a pit of anxiety formed in my stomach as a dim memory from 2003 surfaced. Acting on it, I re-watched the last few minutes of Terminator 3. As autonomously-launched nuclear weapons decimate the human race, the character John Connor says the following lines:

By the time SkyNet became self-aware, it had spread into millions of computer servers across the planet. Ordinary computers in office buildings, dormitories – everywhere. It was software – in cyberspace. There was no system core. And it could not be shut down.

The Cloud! Nothing seems more threatening than this ethereal place, where all of our data resides to be taken or manipulated. And still more threatening code could reside there, as in the film. Members of my generation, I think, frequently think about these issues and feel powerless because the technology is already here. Pandora’s box has already been opened, so to speak, and we don’t know the awesome and potentially destructive implications of the rise of this technology. But… even though the new frontiers of technology are indeed threatening, there are many reasons to pause before buying all the bottled water you can find and speeding off to your bunker in the country.

Those of us living on the mid-Atlantic seaboard are still recovering from the so-called “Super Derecho” that felled trees and caused blackouts that for some are only being repaired now. As the Washington Post noted earlier this week, an Amazon data center was a casualty of the storm and the popular Netflix, Instagram, and Pinterest applications were all affected. Despite the fact that the Internet’s predecessors were specifically designed to be survivable, The Cloud, data feeds for our drones, and all of the other cyber-boogeymen we love to fear reside in physical places as vulnerable to real-world events as you or I.

This truth brings me to the title of the post: for those of you wishing to dispel some of your fears of our cyber-frontiers, the book Tubes: A Journey to the Center of the Internet is a great place to begin. The title is a riff on Sen. Ted Steven’s famous declaration that “the Internet is a series of tubes,” which rose to become a prominent internet meme. The author, Andrew Blum, essentially confirms Sen. Steven’s much-lampooned statement. Even in our wireless age, there is still a huge physical infrastructure supporting the internet – much of it tubes: fiber optics, transoceanic cables, and the like. This physical infrastructure needs power and cooling and is as vulnerable to fires, power outages and – most importantly – the destructive agency of man.

For a military reader, Tubes illustrates a useful lesson: as much as we talk about cyber warfare and the ability of malicious computer programs like the StuxNet virus to affect the physical world, the physical world’s affect on the cyber realm is equally as important. In fact, the structure of the Internet may be particularly vulnerable, according to scholars. A paper published by Doctors Cohen, Erez, ben-Avraham, and Havlin from 2000 says that the removal of a few key sites from some networks could bring them down entirely.

So, for the time-being, it makes sense to pierce the veil covering the Internet, machines, and what we’re doing with them and stop our hand-wringing over Judgement Day. Andrew Blum’s engaging writing and deft manner of illustrating complex issues simply are perfect for the layman who doesn’t know a TCP/IP protocol from a toaster. When it seems we’re a keystroke away from a technological armageddon, Tubes rises above the cacophony of fear-mongering and suspicion and reminds us that our technological creations are as vulnerable as we are — for now.

LT Kurt Albaugh, USN is President of the Center for International Maritime Security, a Surface Warfare Officer and Instructor in the U.S. Naval Academy’s English Department. The opinions and views expressed in this post are his alone and are presented in his personal capacity. They do not necessarily represent the views of U.S. Department of Defense or the U.S. Navy.

A Proposed Framework for Analysis of Chinese Naval Modernization

 

Fantasy or foresight?

There are two extremes in public discourse over China and the ambitious naval modernization campaign that the People’s Liberation Army-Navy (PLAN) has undertaken over the last two decades. On one hand, China is often presented as an existential threat whose massive naval build-up in both weapon quantity and quality, coupled with a newly aggressive foreign policy, makes it poised to directly challenge U.S. dominance of the high seas and hegemony in the Western Pacific. Meanwhile, at the other end of the spectrum, China is portrayed as a rational major player within an interlinked global economic system, for which conflict with the U.S. or other regional powers such as Japan, South Korea, and even Taiwan, would be unthinkable and ruinous. Regardless of which depiction is more representative of reality, in an era of impending defense cutbacks, budget battles of the near future will repeatedly reference Chinese naval modernization as the driving justification to buy, develop, or retain all sorts of weapons and capabilities.

What has really been missing from much of the public debate over the Chinese navy is a holistic analytic framework to aid understanding of the potential impact of China’s burgeoning capabilities in a Sino-American conflict. This would be done through a better understanding of Chinese intentions in terms of its doctrine and both foreign and domestic policies. Those policies are not necessarily aligned. Toshi Yoshihara and James Holmes’ Red Star over the Pacific discusses these issues, but their careful review of the evolution of Chinese naval strategy is not mirrored in discussions of China’s in the blogosphere. A focus on Chinese naval weapons system developments (the latest unveiling of a new Chinese ship, plane, missile, etc) can lead to both hysteria and conflicting calls for action. For instance, while the DF-21 Anti-Ship Ballistic Missile could potentially be a game-changing weapon impacting how war at sea will be fought in the future, it has yet to be fielded. However, some critics have already used its development to argue for the elimination of carriers and large surface combatants (because they are now potentially vulnerable), while others see its development as evidence of malign Chinese intent that justifies an American naval revitalization – presumably achieved by building many more large surface combatants.

A holistic analytic framework would assess 1) The elements of Chinese efforts comprising what is now commonly referred to as “Anti-Access/Area Denial (A2/AD) capabilities, 2) the “quantity and readiness” of Chinese maritime power, and 3) Chinese strategy and policy. These factors form a three-legged stool of sorts, all of which must be in place for the argument to rest that China has the ability and intent to do harm to U.S. forces at sea, and therefore a U.S. naval expansion designed to counter China is merited (rather than one to ensure the U.S. Navy has the combat capability to meet US foreign policy objectives around the world).

A2AD:

• Chinese developments in the cyber domain are often cited as significant threats to U.S. naval operations. These threats range from jamming U.S. satellite and wireless communications networks, disrupting communications and preventing the means for effective Command and Control (C2), to cyber attacks on U.S. information technology, crippling dependent American C2 systems. Is China capable of executing cyber attacks that can cripple U.S. combat operations afloat?
• China has made a significant effort to build and buy a variety of the most modern and capable naval and air platforms currently available. These include new submarines, ships, and airplanes. Are these qualitatively superior to their American counterparts?
• China is also acquiring a variety of cutting edge high-end anti-ship cruise missiles and the already noted DF-21. Will these make it impossible for an afloat task force in its current incarnation to operate at sea in the Western Pacific as the U.S. Navy has grown accustomed to? Will these prove too much for the current generation of American countermeasures?

 

How much does this matter?

Quantity:

• While all the new weapons mentioned above present an abstract threat to U.S. naval forces in the sense that they seem extremely capable and represent the cutting edge of technology, are they now or will they ever exist in large enough numbers to present an actual threat to U.S. Navy operations?
• In the event of a Chinese invasion of Taiwan, the Chinese wouldn’t necessarily need numerical superiority over the U.S. force assembled in response, but how much capability would they need to bring to the fight in order to accomplish the mission? Regardless of how much “quality” navy they bring, how much “quantity” does China need before the balance tips in their favor?
• While all this new technology might be highly capable, Can Chinese forces effectively use it to maximum effect? Can they maintain this equipment? Do they have the logistics and infrastructure to support fielding it in combat?
• Are Chinese efforts towards cyber dominance integrated with their improvements in more conventional naval weapons and capabilities?

Strategy and Policy:

• Why are the Chinese pursuing a naval build-up? Is it driven by a bureaucratic impulse of the PLAN, a nationalist desire to be the regional hegemon, or the result of what China perceives as external security threats by the U.S. or other regional powers?
• What would drive China towards attempting a military takeover of Taiwan? Have they figured out how they would actually fight with the navy they have built?
• Does Chinese maritime strategy reflect the same principles as those of the U.S. Navy’s, in which maritime forces are important because they are the critical enablers for power projection across the globe, or do they simply represent an expansion of land power?

There are many conflicting answers to these questions, pointing towards many different potential conclusions. There is no simple answer as to whether Chinese naval modernization represents a grave threat to U.S. interests or what that means to the U.S. Navy’s acquisition efforts. Regardless, the need for deep and sustained analysis of China is merited and should be a high priority. In the mean time, one should be wary of simplistic analysis using the latest splashy announcement of a new Chinese ship/plane/missile to justify a particular course of action, particularly when linked to future defense acquisition strategies (Build more ships! Build less ships! Shift focus to/from carriers/amphibs/fighter jets/subs/SOF/unmanned systems/cyber!) Chinese capabilities and intentions need to be understood in their totality before driving shifts in U.S. defense policy.

Lieutenant Commander Mark Munson is a Naval Intelligence Officer and currently serves on the OPNAVstaff. He has previously served as at Naval Special Warfare Group FOUR, the Office of Naval Intelligence and onboard USS ESSEX (LHD 2). The views expressed are solely those of the author and do not reflect the official viewpoints or policies of the Department of Defense or the U.S. Government.