Ultra Intelligence & Communications

How Effectively Are We Defending Our Air Defense Systems?

November 28th, 2018 / By

In October 2018, the US General Accountability Office (GAO) released a startling report citing significant cyber vulnerabilities in US weapons systems that could allow adversaries to gain control of them in a short amount of time. While the report focused exclusively on the US, the alarms sounded ring true for other nations’ defense systems as well.

These days, computers control essentially every function in a weapons system, including the key components of air defense. The fifth-generation F-35 Joint Strike Fighter is the Pentagon’s newest warplane and controlled by modern weapons systems. These intelligent weapons systems are run by dozens of computers that control every function the pilot is responsible for, from navigation and communication to dropping bombs. Because of the extensive use of F-35s not just with US defense but with its allies as well, these new found cyber vulnerabilities represent a global problem that could have fatal consequences for literally billions of people. How can air defense be effectively protected from the enemy hackers, either rogue warriors or state-supported agents, whose sole goal is to negatively impact or even disable vital control systems?

The main vulnerability for the F-35 exists on the server side, with the Autonomic Logistics Information System, or ALIS, the F-35’s fleet management backbone supporting flight test, training and aircraft modifications. The ALIS at its core is similar to an industrial control system (ICS), just a broad network sharing information and situational awareness. The F-35 is supposed to be a “sensor hub,” gathering and transmitting information to other aircraft as well as ships, satellites and command systems on the ground. Like other weapons systems, ALIS isn’t connected to the Internet, but it is often connected to systems that are. Every radio signal it receives can carry a cyber-attack into the aircraft itself.

Some advice on strengthening cybersecurity for the ALIS is the same advice given by the Department of Homeland Security (DHS) to enterprise customers looking to safeguard ICS: install strong passwords and update regularly, install software updates regularly, etc. But the most effective way to solidly protect the ALIS critical systems is through embedded cybersecurity protection, such as Ultra Electronics, 3eTI’s CyberFence solutions that cyber-harden networked systems overlapping the IT and OT domains. CyberFence provides multiple layers of defense, including application whitelisting, network and remote access authentication, encryption, and access control. CyberFence can help narrowly define what commands can go across the wire, control who has access, and prevent any man-in-the-middle or eavesdropping attacks.

The same rules extend to the commercial aviation industry, although there are different threat vectors; airline systems also provide information – how close planes are to each other, weather conditions, GPS directions to airport. A bad actor could send malicious information to an individual airplane or an entire control system, with outcomes ranging from frustrating trip delays to fatal crashes. Ultimately, cybersecurity in commercial aviation will depend on the same protection factors relevant for air defense.

Server-side vulnerabilities cited in the global land and air defense systems are common across all industries; if left unaddressed, bad actors can wreak havoc and even unleash dangerous attacks affecting millions. The October GAO report noted that for decades, the DoD has not prioritized matters of weapons security, and while some progress has been made, there is still much work to be done to bring the systems up to full readiness. Secretary of State Mattis has set aggressive goals to strengthen US air defense cybersecurity over the next twelve months, as has many US allies. Adherence to oft-quoted common sense cyber tips combined with multi-layer protection can go a long way to meeting those goals.