Spectrum

Offensive Cyber in Outer Space

The most cost-effective and simplistic cyber attack in outer space with the intent to bring down a targeted space asset is likely to use space junk that still has fuel and respond to communications – and use them to ram or force targeted space assets out of orbit. The benefits for the attacker – hard to attribute, low costs, and if the attacker has no use of the space terrain then benefit from anti-access/area denial through space debris created by a collision.

The life span of a satellite is between five and 30 years, and even afterward it can still be orbiting with enough propellant to move through space and with functional communications which could be reactivated. Space contains thousands of satellites, both active and inactive, launched by numerous organizations and countries, hosting 5,000+ space-borne transponders communicating with Earth. Every transmission is a potential inlet for a cyber attack. Older satellites share technological similarities, providing opportunities to cyber-exploit industrial systems for control and processing. Supervisory control and data acquisition (SCADA) systems within our municipalities, facilities, infrastructure, and factories are designed and built on older technology and hardware, sometimes designed decades ago, and the software is seldom updated. These SCADA systems are considered a strategic vulnerability and have drawn growing attention from the US cyberdefense and homeland security communities in recent years as critical infrastructure is now a top priority. The lack of up to date security features within utilities and other critical infrastructure is mirrored in outer space. Satellites may be based on hardware and technology from the 1980/1990s for one straightforward reason—they are unlikely to be upgraded after they have been launched into space.

Terrestrial cyber attacks are a single exploit on thousands, if not millions, of identical systems, and the exploit will be eliminated afterward by updates or upgrades. The difference between satellites and terrestrial cyber exploits is that a satellite is in many cases custom made or in relatively small series, whereas the computing design is proprietary. Cyber attacks in space exploit a single system, or a limited group of systems, within a larger group of satellites. These spaceborne assets have a variety of operating systems, embedded software, and designs from disparate technological legacies. As more nations engage in launching satellites with a variety of technical sophistication, the risk for hijacking and manipulation through covert activity increases. A satellite’s onboard computer (OBC) can allow reconfiguration and software updates, which increase its vulnerability to cyber attacks. A vulnerable satellite that will be orbiting for the next ten years can be preset by a cyber perpetrator for unauthorized usage when needed.

Even with the most-advanced digital forensics tools, tracing a cyber attack is complicated on terrestrial computer systems, which are physically accessible. Space-borne systems do not allow physical access, thus, lack of access to the computer system nullifies several options for forensic evidence gathering. The only trace from the perpetrator is the actual transmissions and wireless attempts to penetrate the system. If these transmissions are not captured, the trace is lost.

If the adversary is skilled, it is more likely the attribution investigation will end with a set of spoofed innocent actors whose digital identities have been exploited in the attack rather than attribution to the real perpetrator. A strong suspicion would impact interstate relations, but full attribution and traceability are needed to create a case for reprisal and retaliation. Attribution can be graduated, and the level varies as to what would be accepted as an “attributed” attack. The national leadership can accept a lower level of tangible attribution, based on earlier intelligence reports and adversarial modus operandi than the international community might demand, but it is restrained in taking action. China has had a growing interest in building cyber warfare capabilities and is one of several nations that would have a sincere interest in degrading US space assets. Currently, nation-states are restrained by the political and economic repercussions of an attributed attack, but covert cyber war targeting US space assets removes the restraint of attribution.

A cyber attack resulting in a space collision would lack attribution and thus would be attractive to our covert adversaries. A collision between a suddenly moving foreign satellite and a mission-critical US satellite is neither a coincidence nor an accident. Even if there is no collision, a satellite on a potential collision course would force the targeted satellite to move and adjust position – and could eventually run out of fuel – and during these adjustments have degraded service levels.

However, without attribution, it does not matter that this is so obvious. Other forms of direct and indirect attack would be traceable to an attacker, which could result in military, economic, and political repercussions. In criminology, we know that the major consideration of a perpetrator for premeditated acts is the risk of getting caught. The size of any repercussions if caught is secondary. If a cyber attack can destroy or disable US satellites with no attribution or traceability, it is likely to be considered by those who are openly adversaries and certainly by those who are covert. From a cyber warfare perspective, this creates an opportunity for a third party to hack and hijack a satellite with the express purpose of colliding with a mission-critical US satellite.

The attack could be either a direct collision or an indirect attack using the debris cloud from another collision. The hijacked ramming satellite can come from any country or international organization. The easiest way to perpetuate this attack would be to hijack satellites from countries less technically advanced or from less-protected or outdated systems.

Post-mission disposal (PMD), the UN-initiated international effort to remove satellites after their productive life spans, would require satellites to be removed from space within 25 years after their mission ends. Naturally, it could happen earlier than 25 years, but it can also be a drawn-out process, as there are currently no tangible sanctions for noncompliance. If a satellite has a lifespan of 10–20 years, the additional 25-year allowance would increase the total number of years when the satellite can be remotely commanded to 35–45 years. Satellites launched in 1977, 1987, and 1997 are already technically outdated and several technology generations behind. The time between launch and end of the operation for a satellite is the foundation for its cyber vulnerability. It is a sound financial decision to use a satellite to the full extent of its lifespan. However, the question becomes Is it worth the risks? We must keep in mind technical leaps made since early space launches and what vulnerabilities could be embedded when space is populated by 25- to 45-year-old assets that can still navigate. Since technology today develops so quickly, PMD, in reality, increases the risk of cyber attack by hijacked satellites because it prolongs the time a satellite can be remotely commanded by radio signals exploiting obsolete and outdated communication equipment.

In a future near-peer conflict, one of the potential adversary’s goals is early in a conflict separate the Joint Force in spaces, time, and functions (TRADOC Pamphlet 525-3-1). Cyber attacks in outer space are no longer science fiction; it is a valid concern.

Jan Kallberg, PhD

When Everything Else Fails in an EW Saturated Environment – Old School Shortwave

( I wrote this opinion piece together with Lt. Col. Stephen Hamilton and Capt. Kyle Hager)

The U.S. Army’s ability to employ high-frequency radio systems has atrophied significantly since the Cold War as the United States transitioned to counterinsurgency operations. Alarmingly, as hostile near-peer adversaries reemerge, it is necessary to re-establish HF alternatives should very-high frequency, ultra-high frequency or SATCOM come under attack. The Army must increase training to enhance its ability to utilize HF data and voice communication.

The Department of Defense’s focus over the last several years has primarily been Russian hybrid warfare and special forces. If there is a future armed conflict with Russia, it is anticipated ground forces will encounter the Russian army’s mechanized infantry and armor.

A potential future conflict with a capable near-peer adversary, such as Russia, is notable in that they have heavily invested in electromagnetic spectrum warfare and are highly capable of employing electronic warfare throughout their force structure. Electronic warfare elements deployed within theaters of operation threaten to degrade, disrupt or deny VHF, UHF and SATCOM communication. In this scenario, HF radio is a viable backup mode of communication.

The Russian doctrine favors rapid employment of nonlethal effects, such as electronic warfare, in order to paralyze and disrupt the enemy in the early hours of conflict. The Russian army has an inherited legacy from the Soviet Union and its integrated use of electronic warfare as a component of a greater campaign plan, enabling freedom of maneuver for combat forces. The rear echelons are postured to attack either utilizing a single envelopment, attacking the defending enemy from the rear, or a double envelopment, seeking to destroy the main enemy forces by unleashing the reserves. Ideally, a Russian motorized rifle regiment’s advanced guard battalion makes contact with the enemy and quickly engage on a broader front, identifying weaknesses permitting the regiment’s rear echelons to conduct flanking operations. These maneuvers are generally followed by another motorized regiment flanking, producing a double envelopment and destroying the defending forces.

Currently, the competency with HF radio systems within the U.S. Army is limited; however, there is a strong case to train and ensure readiness for the utilization of HF communication. Even in EMS-denied environments, HF radios can provide stable, beyond-line-of-sight communication permitting the ability to initiate a prompt global strike. While HF radio equipment is also vulnerable to electronic attack, it can be difficult to target due to near vertical incident skywave signal propagation. This propagation method provides the ability to reflect signals off the ionosphere in an EMS-contested environment, establishing communications beyond the line of sight. Due to the signal path, the ability to target an HF transmitter is much more difficult than transmissions from VHF and UHF radios that transmit line of sight ground waves.

The expense to attain an improved HF-readiness level is low in comparison to other Army needs, yet with a high return on investment. The equipment has already been fielded to maneuver units; the next step is Army leadership prioritizing soldier training and employment of the equipment in tactical environments. This will posture the U.S. Army in a state of higher readiness for future conflicts.

Dr. Jan Kallberg, Lt. Col. Stephen Hamilton and Capt. Kyle Hager are research scientists at the Army Cyber Institute at West Point and assistant professors at the United States Military Academy.

Utilizing Cyber in Arctic Warfare

The change from a focus on counter-insurgency to near-peer and peer-conflicts has also introduced the likelihood, if there is a conflict, for a fight in colder and frigid conditions. The weather conditions in Korea and Eastern Europe are harsh during winter time, with increasing challenges the farther north the engagement is taking place. In traditional war theaters, the threats to your existence line up as follows: enemy, logistics, and climate. In a polar climate, it is reversed: climate, logistics, and the enemy.

An enemy will engage you and seek to take you on different occasions, but the climate will be ever-present. The battle for your own physical survival in staying warm, eating and seeking rest can create unit fatigue and lower the ability to fight within days, even for trained and able troops. The easiest way to envision how three feet of snow affects you is to think about your mobility walking in water up to your hip, so to compensate either you ski or use low ground pressure and wide-tracked vehicles, such as specialized small unit support vehicles.

The climate and the snow depth also affect equipment. Lethality in your regular weapons is lowered. Gunfire accuracy goes down as charges burn slower in an arctic subzero-degree environment. Mortar rounds are less effective than under normal conditions when the snow captures shrapnel. Any heat, either from weapons, vehicles or your body, will make the snow melt and then freeze to ice. If not cleaned, weapons will jam. In a near-peer or peer conflict, the time units are engaged is longer and the exposure to the climate can last months.

I say all this to set the stage. Arctic warfare takes place in an environment that often lacks roads, infrastructure, minimal logistics, and with snow and ice blocking mobility. The climate affects both you and the enemy; once you are comfortable in this environment, you can work on the enemy’s discomfort.

The unique opportunity for cyberattacks in an Arctic conflict is, in my opinion, the ability to destroy a small piece of a machine or waste electric energy.

First, the ability to replace and repair equipment is limited in an arctic environment — the logistic chain is weak and unreliable and there are no facilities that effectively can support needed repairs, so the whole machine is a loss. If a cyberattack destroys a fuel pump in a vehicle, the targeted vehicle could be out of service for a week or more before repaired. The vehicle might have to be abandoned as units continue to move over the landscape. Units that operate in the Arctic have a limited logistic trail and ability to carry spare parts and reserve equipment. A systematic attack on a set of equipment can paralyze the enemy.

Second, electric energy waste is extremely stressful for any unit targeted. The Arctic has no urban infrastructure and often no existing power line that can provide electric power to charge batteries and upkeep electronic equipment. If there are power lines, they are few and likely already targeted by long-range enemy patrols.

The winter does not have enough sun to provide enough energy for solar panels if the sun even gets above the horizon (if you get far enough north, the sun is for several months a theoretical concept). The batteries do not hold a charge when it gets colder (a battery that holds a 100-percent charge at 80 degrees Fahrenheit has its capacity halved to 50-percent at 0 degrees Fahrenheit). Generators demand fuel from a limited supply chain and not only generate a heat signature, but also noise. The Arctic night is clear, with no noise pollution, so a working generator can be pick up by a long-range skiing patrol from 500 yards, risking an ambush. The loss or intermittent ability to use electronics and signal equipment due to power issues reduces and degrades situation awareness, command and control, the ability to call for strikes, and blinds the targeted unit.

Arctic warfare is a fight with low margins for errors, where climate guarantees that small failures can turn nasty, and even limited success with arctic cyber operations can tip the scales in your favor.

Jan Kallberg, PhD

Jan Kallberg is a research fellow/research scientist at the Army Cyber Institute at West Point. As a former Swedish reserve officer and light infantry company commander, Kallberg has personal experience facing Arctic conditions. The views expressed herein are those of the author and do not reflect the official policy or position of the Army Cyber Institute at West Point, the United States Military Academy, or the Department of Defense.

Spectrum Warfare

Spectrum sounds to many ears like old fashioned, Cold War jamming, crude brute electromagnetic overkill. In reality though, the military needs access to spectrum, and more of it.

Smart defense systems need to communicate, navigate, identify, and target. It does not matter how cyber secure our platforms are if we are denied access to electromagnetic spectrum. Every modern high tech weapon system is a dud without access to spectrum. The loss of spectrum will evaporate the American military might.

Today, though, other voices are becoming stronger, desiring to commercialize military spectrum. Why does the military need an abundance of spectrum, these voices ask. It could be commercialized and create so much joy with annoying social media and stuff that does not matter beyond one of your life-time minutes.

It is a relevant question. We as an entrepreneurial and “take action” society see the opportunity to utilize parts of the military spectrum to launch wireless services and free up spectrum space for all these apps and the Internet of Things that is just around the corner of the digital development of our society and civilization. In the eyes of the entrepreneurs and their backers, the military sits on unutilized spectrum that could put be good use – and there could be a financial harvest of the military electromagnetic wasteland.

The military needs spectrum in the same way the football player needs green grass to plan and execute his run. If we limit the military access to necessary spectrum it will, to extend the football metaphor, be just a stack of players not moving or be able to win. Our military will not be able to operate effectively.

We invite people to talk about others to talk about justice, democracy, and freedom, to improve the world, but I think it is time for us to talk to our fellow man about electromagnetic spectrum because the bulwark against oppression and totalitarian regimes depends on access.

Jan Kallberg, PhD

The Fight for Spectrum

An EC-130H Compass Call aircraft is parked at Bagram Airfield, Afghanistan Sept. 12, 2014. The aircraft is configured to execute worldwide information warfare tactics. (U.S. Air Force photo by Staff Sgt. Evelyn Chavez/Released)

Spectrum sounds to many ears like old-fashioned, Cold War jamming, crude brute electromagnetic overkill. In reality though, the military needs access to spectrum and more of it.

It is a relevant question. We as an entrepreneurial and “take action” society see the opportunity to utilize parts of the military spectrum to launch wireless services and free up spectrum space for all these apps and the Internet of Things that is just around the corner of the digital development of our society and civilization. In the eyes of the entrepreneurs and their backers, the military sits on the unutilized spectrum that could put be good use – and there could be a financial harvest of the military electromagnetic wasteland.

The electromagnetic space is no wasteland, it is a space ready to be utilized, at computational speed, and it serves as a deterrent in the same way as the ICBM in the silo. It exists, it can be utilized, and our adversaries understand. The military needs its electromagnetic space to ensure that they can operate in a degraded environment when our adversaries seek to limit the American might through electronic warfare, we should be able to fully operate and execute our operations to the extent of our abilities.

Jan Kallberg, PhD

/I originally wrote this as an opinion text for c4isrnet.com in 2015. Its relevance has increased with the shifted focus on peer and near-peer adversaries.