October 27, 2011

Keeping national military secrets safe

News Report

An interesting report appeared recently on army-technology.com, which summarizes the latest technology used by high security, defence companies and the military to safeguard against increasingly hostile cyber attacks.

Here we reproduce a few excerpts.

Defence contractors and the military are charged with keeping national military secrets safe and are expected to employ the highest levels of security on their networks and computer systems.

When these defences are breached, it implies cyber attacks by hackers or enemy states have defeated security systems which failed to stay a step ahead. This made it particularly shocking when cyber attacks against supposedly secure sites made headlines over the last few months, with three particularly notable incidents:
  • In May 2011, Lockheed Martin was subject to a significant cyber attack, widely held to have originated in China. The company said its security team had identified the threat immediately and ensured none of its systems had been compromised.
  • Japanese defence giant Mitsubishi Heavy industries did not come off so lightly when its systems were breached in August. The company denied any data was taken, but a source close to the incident told media that one of 300,000 illegal accesses to the company's server resulted in the transmission of a large volume of data, suspected to concern the Type 80 ASM-1 missile.
  • In a third incident in October, a computer virus which records every keystroke made by operators was detected in the ground control systems (GCS) used by operators to remotely control armed drones on overseas missions. The attack hit Creech Air Force Base in Nevada, from which pilots control armed Predator and Reaper drones which have been used in Afghanistan, Iraq, Pakistan and Libya.
Organisations need to be aware that not all cyber attacks originate over the internet. Some military systems, including the remote UAV ground control systems (GCS) at Creech US Air Force Base, are non-networked - a security measure known as 'air-gapping'.

It is clear that no level of cybersecurity technology solutions will be 100% effective without taking into account the human factor through screening and training. In a worst-case scenario, without taking into account the human factor, impenetrable cybersecurity technology could prompt adversaries to approach individuals in the workforce to be an insider threat.

Read the Full Story at army-technology.com

No comments:

Post a Comment