Pages

13 December 2021

A Networked, High-Tech Alliance Makes an Attractive Target for Cyberattacks

Eunwoo Lee

“Our military is the target of increasing hacking attempts, with heightened intensity before and during allied cooperation,” says In Jun-beom, a cybersecurity specialist at South Korea’s armed forces headquarters, Gyeryongdae.

Although the bulk of these attacks are minor misdeeds easily flagged and foiled, offensive cyber capabilities have soared in importance. A litany of cyberattacks prompted the U.S. and its allies to issue a joint statement underlining China’s reckless cyber behaviors as “a major threat to U.S. and allies’ economic and national security.” The problem of cyberattacks for the military is growing ever more acute and insidious.

An anonymous source within South Korea’s Cyber Operations Command notes the alacrity with which “the weapons and force support systems come with embedded software” that lays bare more vulnerabilities to cyber intrusion. The military’s reliance on network software makes the consequence of hacking all the more damning for the daily running of its logistics, infrastructure, and operations. Hackers can induce “structural paralysis through network severance, and disruption of computational calculations that regulate weapons systems,” the source said. Data storage and algorithms linked to munitions can simply evaporate. During a conflict, the flight paths of drones and satellites can be hijacked to crash at targeted sites, or assets could be made implode via dormant virus vectors eventually activated in times of war.

Aware of the “strategic atrophy” induced by information and cyber warfare, particularly by China and Russia, the U.S. Army proffered the concept of multi-domain operations, to include cyberspace as one of its defining arenas. It outlines measures to beef up the integration of technologies and cyber domains with its allies. The U.S. army chief of staff envisages enhanced “military-to-military exchanges,” further “intelligence sharing” and more overseas exercises, and mutual procurement of services among allies. The AUKUS deal, a defense pact to ramp up the exchange of nuclear and cyber technology between Australia, the U.K., and the U.S., and the Quad alliance intended to contain China are the most recent trendsetters.

Since the Obama administration presaged the “pivot to Asia” in foreign policy, U.S. policymakers have described their alliance with South Korea as the “linchpin” for regional security and global order. Emerging challenges from China and the geopolitical importance of the Korean Peninsula and the Indo-Pacific reinforce the alignment of interests. Recently, the House Armed Services Committee directed the Biden administration to extend membership in the Five Eyes, the most expansive and exclusive Anglophone intelligence-sharing alliance, to South Korea and “other like-minded democracies.” In December 2021, U.S. Secretary of Defense Lloyd Austin and his South Korean counterpart pledged to develop “exchanges between the respective cyber commands.”

Regardless of the necessity of presenting a unified resolve, however, more integrated alliances will multiply access points for hackers to tap into the collective pool of security in the absence of robust cybersecurity postures among all the parties involved.

In 2016, an IP address traced back to China exfiltrated military secrets circulating within the intranet established by South Korea’s Ministry of National Defense. Yet by commenting that classified military information received from allies had not been leaked “this time,” the MND implied the possibility of future cyber intrusions. Adding to the problem is the degree to which the authorities collated foreign and domestic intelligence in one basket.

In 2017, malware originating from North Korea compromised the Korean Joint Command and Control System, South Korea’s highest-grade virtual private network, with an unknown scale of information damage and leakage. Communications regarding joint forces training and allied operations take place within the network. Such systemic breaches could jeopardize elements of command and control during combined U.S. exercises and wartime collaboration in the Asia theater.

This year in June, unidentified cyber criminals snatched blueprints for fighter jets and space projectiles from Korea Aerospace Industries. Due to the involvement of Lockheed Martin, an American defense juggernaut, in the development of South Korean training aircraft, concern arose as to how much collaborative research data KAI had let slip.

Despite the frailty of cyber defenses, the United States and its key allies in East Asia have quickened the pace of transition to network-based AI and unmanned technology. As high-tech alliance coordination increases, however, a cybersecurity hole in one country can scupper the entire ship of allies. For now, the allies seem determined to up the incentives for cyber looting by massing together what resources they have. More funds and research are in the pipeline while talk of enhancing cyber defense is in its infancy.

The U.S. Army Futures Command has delineated its plan to apply “robotics and autonomous systems” to ground and aerial operations. Its proposed focus on AI and machine learning research would enable storage and analysis of “large data sets” required for augmented operational capabilities. Likewise, South Korea’s military professes to apply AI and big data technology to drones, surveillance, logistics, infrastructure, and force systems overall.

Despite the tech pomp, Kim Won-jong, an AI researcher at the Korea Army Research Center for Future and Innovation, observes that “their timeline for AI application outpaces adequate cyber defense.” In addition, the allies’ haphazard distribution of intelligence and technology, along with inept cyber defenses, augur ill. The consequences can be dire. “Once the adversaries successfully hack our AI systems,” Kim continues, “they control our modus operandi however they want by injecting their own commands into our machinery.” Under those circumstances, system failure is the best-case scenario, while a “reversal between control and subjection” means bedlam.

Yet cooperation to secure cutting-edge technologies has lagged behind the development of these systems. Even with the increasing level of research and intelligence exchange between South Korea and the United States, the first-ever Cyber Cooperation Working group will convene as of 2022.

For its part, China has cultivated a favorable medium for the AI industry with robust legal frameworks, lucrative government contracts, and abundance of resources. Both state-owned and private enterprises fall in line with the strategic orientations of the central government, with state interests as their priority. The result is the incubation of an AI superpower in the near future.

Although state direction and the sheer volume of research outputs do not necessarily guarantee quality and creativity, developments in military cyberspace paint a picture of China as a real cyber threat. Enshrined as one of China’s main strategic priorities, technology espionage through hacking offers “a cheaper and easier path to threatening America’s sources of military power.” China employs machine learning and AI algorithms to replicate a defense model of the target, quarrying the ideal attack sequence and rehearsing optimized forms of hacking. Then, it parlays the information gained through the cyberattack into military capabilities.

Conversely, “there has not yet been a uniform effort to integrate AI assurance across the entire U.S. national security enterprise,” according to a report by the National Security Commission on Artificial Intelligence. In October 2021, Nicolas Chaillan resigned from his post as chief software officer for the U.S. Department of Defense, citing the “technology stale” approach that plagues the United States’ cyber defense. “Outdated” bureaucratic principles deprive the workforce of its capacity to leverage “diversity of options.” His desire to upend a work environment where DOD employees are “unempowered to fix basic IT issues” jives with the call from In Jun-beom for cybersecurity forces to be allowed to think outside the box and make breakthroughs in their country’s defense paradigm.

Considering the bullish Chinese assertion of its cyber capability and the incompetence of technology “laggards” on the U.S. part, Chaillan remarks that the U.S. and its allies “will have no chance competing” against China unless it adopts a culture of “agility, rapid prototyping and innovation.” As NSCAI puts it in its sobering assessment, “the U.S. government is not prepared to defend the United States in the coming artificial intelligence (AI) era.”

The difficulty of safeguarding virtual and real assets arises in part from structural inertia and rigidity besetting the military. “The military is tense,” In says. In spite of the expensive machinery shipped from the U.S. and Germany through foreign procurement procedures, the military “doesn’t allow us to develop new methods, innovations, and concepts” to tackle the changing nature of cyberattacks, In adds.

The source from COC describes the protean nature of cyberattacks, which renders “hacking analysis more difficult.” The variability of attacks detours sophisticated detection systems. “No sooner has an issue been addressed than a mutation emerges,” defying prediction and standardization of the hacking formats. Hence, the source suggests flexible approaches to cyber defense as the key to plugging the influx of cyber breaches – precisely what In wants, but was denied.

Another endemic issue burdens the cyber defense of the allies. Debate Security, a cybersecurity forum, interviewed more than a hundred information security officers from both private and government sectors. Its subsequent report reveals an information asymmetry wherein the discrepancy in knowledge of software between the purveyor and purchaser incentivizes the former to peddle “sub-optimal” services. The ensuing “efficacy problem with cybersecurity technology” engenders “the continued success of attackers.”

As technology director at EMS Inc., a South Korean defense contractor, Lee Chang-ha has extensively worked with foreign governments. The primary impetus behind successful contracts is the military’s “ignorance of what we are talking about,” he says. It is not uncommon that “the authorities rubber-stamp the estimated charges for software services.” The issue isn’t money per se; it’s the careless attitude.

Due to its versatility of application, digital connectivity has seeped into every fiber of the military fabric. The omnipresence of cyber activities and the Internet of Things “make the state of war and peace barely distinguishable,” Kim says. Cyber battles are raging at this very moment. The pace of redressing cyber defense should match or even surpass that of generating and integrating allies’ technology.

No comments:

Post a Comment