Hardening military IoT applications, and DoD networks in general, is important work – and it’s not new. It’s especially vital today, as conventional rivals and even non-state or non-traditional adversaries are developing increasingly better low-cost cyberwarfare solutions.
In many cases, adversaries who understand they don’t stand a chance against the U.S. and NATO allies in conventional conflicts are investing heavily in intelligence and cyberwarfare capabilities to penetrate not only domestic companies and government entities but also frontline vehicles and networks.
IoMT is becoming increasingly important when it comes to quickly sharing intelligence and information among frontline forces, monitoring large areas and spotting threats in advance. As the capabilities of these networks and our military’s reliance on them grows, their value as a target for adversaries increases.
Impeccable cybersecurity in these frontline IoMT applications and networks is hugely important for the safety of personnel and success in theater.
How Vulnerable Are IoT?
There have been several news-making IoT attacks in recent years. A 2016 DDoS attack, which temporarily crippled large swaths of the internet in the U.S. and Europe, was perpetrated using a botnet composed primarily of IoT devices.
1 In 2019, a group of hackers managed to compromise Ring security cameras to spy on families and even terrorize children.
2
There are many things private individuals can do to secure their smart home devices, from better managing their passwords and keeping firmware up to date to using two-factor authentication or setting up an entirely separate network dedicated to IoT devices.
While the cybersecurity threats faced by private individuals are serious, they generally pale in comparison to the cyberattacks aimed at government and defense infrastructure. According to some estimates, the Department of Defense intercepts approximately 36 million emails daily that are attempting to gain access to various DoD systems using viruses, malware or phishing.
3
U.S. defense infrastructure, both at home and abroad, make attractive targets for everyone from state actors and independent hackers to terrorist networks and foreign intelligence agencies. The federal government invests heavily in cybersecurity, but large-scale breaches like the 2020 data breach of the federal government – which impacted an estimated 200 organizations globally – still happen. Most concerning to many cybersecurity experts was the months-long delay in discovering the breach.
4
A cybersecurity failure like that in a frontline scenario where the lives of servicemembers or the success of missions is on the line could be catastrophic.
Cybersecurity Is More Important Than Just IoT
Many experts both within the government and outside of it in think tanks and policy institutes have serious concerns about the vulnerabilities of modern weapons systems to cyber-attacks. A 2018 Cybersecurity Report from the Government Accountability Office included concerning results from a Weapon Systems Cybersecurity Assessment performed by DoD. The bulk of software-dependent major acquisitions tested between 2012 and 2017 had the potential to be compromised through mission-critical cyber vulnerabilities.
5
The report also posits that the vulnerabilities discovered through testing were likely the tip of the iceberg, as testing didn’t encompass the full range of potential threats these systems could face in the field or the future.
The Defense Department also has justifiable concerns about the classified data stored on the systems of various suppliers and contractors. The Cybersecurity Maturity Model Certification (CMMC) framework was rolled out in 2020 to hopefully shore up weaknesses in supplier-side cybersecurity.
6
Developing Technologies With an Emphasis on Cyber Security
High-performance defense technologies developed by Penguin Edge, such as the
Ruggedized Dual Haswell Server Blades, ATCA platforms and VMEbus products, are designed with security in mind.
You can learn more about our many defense technologies by
contacting our team of embedded computing and ruggedized edge computing experts.
1https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
2https://www.vice.com/en/article/3a88k5/how-hackers-are-breaking-into-ring-cameras
3https://www.nextgov.com/cybersecurity/2018/01/pentagon-thwarts-36-million-email-breach-attempts-daily/145149/
4https://www.forbes.com/sites/jemimamcevoy/2020/12/17/federal-government-private-sector-at-grave-risk-from-hack-warns-us-cyber-security-agency/?sh=74a1a0627bc0
5https://www.documentcloud.org/documents/5000528-GAO-Cybersecurity-Report-2018.html
6https://www.acq.osd.mil/cmmc/