Pages

19 March 2020

4 strategies for securing the tactical edge

Brandon Shopp, Solar Winds

The military has invested significant time and money implementing edge computing on the battlefield, but at what cost?

The Army’s efforts to leverage the tactical cloud to process data on the edge will get information into soldiers’ hands more quickly, allowing them to make decisions in near-real time. This could influence the course of combat and save lives.

But these benefits come with significant challenges, particularly regarding security. The more endpoints being used to collect and send data to the edge, the larger the potential attack surface and the greater the risk a bad actor will be able to access military networks.

Given these concerns, military IT administrators must ask: Is the low-latency and real-time decision-making provided by edge computing worth the security trade-off? If the answer is “yes,” how can they balance the need to deliver data at the speed of the mission while still protecting it?


Here are some cybersecurity strategies the military can deploy to protect their networks at the tactical edge.

Segment connected devices from the main networks

A recent security vulnerability discovered in the Amazon Ring Video Doorbell showed the danger of connecting a device to a user’s main network. Hackers were able to use the doorbell to intercept a user’s Wi-Fi credentials and gain access to their home network, including the other devices using the network.

This consumer lesson shows it’s best to segment a device from the main network whenever possible. For the military, this means ensuring battlefield devices operate independently of networks used for other types of communications or databases. Cordoning these devices off from the primary networks makes it more difficult for bad actors to break through multiple endpoints. They might be able to access the information contained on the connected device, but they won’t be able to easily make a lateral move onto the military’s main networks and penetrate higher-value data sources.

Work closely with device vendors

As the Army continues to implement its internet of battlefield things (IoBT) initiative, it’s going to rely on many devices from a wide array of vendors. It’s incumbent upon those vendors to ensure their devices are secure.

Vendors must also commit to exposing data so the military can accurately and successfully monitor these devices. In this case, exposure doesn’t mean exposing information to the outside world; it means allowing IT personnel to have access to the data the device is using so they can keep tabs on it and make sure it remains secure and uncompromised. Military IT administrators should work closely with their chosen vendors to ensure those vendors understand which types of data to expose.

Agencies should also work with vendors to develop monitoring practices for connected devices. Traditional network monitoring is inadequate because IoT devices are too small for monitoring agents. Instead, these devices need to be monitored in an agentless way.

Emphasize training and staffing

The extensive use of edge computing and connected devices is going to require a fundamental shift in training for IT staff and soldiers in general. The former are already stretched thin, and the latter are not necessarily technically savvy. But everyone will have to understand the basics of how to look for vulnerabilities within the connected device ecosphere and what to do during a breach.

For soldiers, this means understanding the common issues capable of causing security incidents and how to resolve them. They will also need to be trained on who to contact if they cannot address problems themselves.

Meanwhile, the number of IT staff members will likely need to increase to address the growth in IoBT devices. Ideally, these employees will have specialized security skill sets allowing them to manage potentially thousands of devices.

Unlike the commercial sector, patches won’t necessarily be automatically applied to these devices; there are too many dependencies on military networks for this type of process. It will be up to human beings to manage the staging of security fixes to make sure nothing breaks. This will require skill and sheer numbers of people, as the workload will certainly increase.

Track changes and manage configurations

Edge computing and connected devices provide the U.S. military with a distinct advantage, but this advantage can be nullified if devices end up in the wrong hands. Therefore, IT administrators should complement the aforementioned measures with a change tracking system, such as a configuration management database (CMDB).

With a CMDB, administrators can track, identify and verify each connected component. This allows them to identify when a change has been made to a device — potentially critical information for preventing adversaries from reverse engineering a system. With a CMDB, for example, an administrator could monitor a drone that‘s been shot down to see if it’s been tampered with.

Having a CMDB in place is critical to national defense. Without it, the military risks enemies being able to leverage the same capabilities enjoyed by the United States.

There’s no question edge computing is a fit for the military, but it must be approached with eyes wide open. Defense agencies cannot assume the strategies they employ today are going to be enough; they must develop plans to monitor the voluminous endpoints the edge will bring. Those plans will need to be flexible and will need to evolve over time as the network expands and becomes increasingly disparate.

It’s not going to be easy. If done correctly, however, it can be a true game changer for our armed forces.

Brandon Shopp is vice president of products at IT management software solutions provider SolarWinds.

No comments:

Post a Comment