Three areas of focus for the U.S. Navy in cybersecurity

This fairly comprehensive and candid article on the U.S. Navy’s cybersecurity priorities deserved a brief analysis.

The U.S. Navy acknowledges—although this was already known—that it has been the target of cyberattacks on several occasions, with varying degrees of severity and impact. On January 7, 2019, the Naval Air Systems Command announced new research efforts across no fewer than 36 domains, ranging from artificial intelligence to resilience, as well as endpoint and server security.

“It’s not necessarily advanced research, but rather a first step in establishing cybersecurity quality control that should already have been implemented for mission systems,” explained Bryson Bort, founder of Scythe.

This announcement comes after a public inspector general report highlighted the Pentagon’s shortcomings in addressing cybersecurity for the protection of ballistic missile systems. Another report issued in October 2018 by the Government Accountability Office also emphasized the extensive work still required and the widespread vulnerability of many U.S. military capabilities.

Among the 36 research domains mentioned, the article focuses on three main pillars. These are fairly common concepts and not necessarily specific to maritime information systems, although their implementation in maritime environments is likely to be more complex.

Dynamic reconfiguration

According to the NIST definition, the objective is to make the attacker’s actions and understanding more difficult by regularly—sometimes continuously—changing system configurations. This can include modifications to router settings, access control rules, intrusion detection and prevention parameters, or firewall filtering policies.

While such reconfigurations are commonly implemented in response to cyberattacks, their preventive use is still relatively uncommon.

Deception tactics

Cybersecurity specialists have long borrowed concepts from traditional kinetic warfare, including denial and deception strategies. Regarding deception, this tactic was already explored in a MITRE study published in 2015.

However, these techniques—particularly deception—remain relatively immature, both in their practical deployment and in the ability to measure their real effectiveness against attackers.

Artificial intelligence

Beyond the buzzword, artificial intelligence (and hopefully the associated technologies) continues to rank high among cybersecurity research priorities. The same is true for the U.S. Navy, which has been working on the subject since 2015. In fact, more than half of the research opportunities published in 2018 involved artificial intelligence, machine learning, or big data.

Research into AI applications is expanding as the volume of available data increases, since human analysts and traditional algorithms sometimes reach their limits. This view is also shared by the U.S. Navy in this interview. The growing development of autonomous systems also explains much of the renewed interest in this field.

The full article, in English, is available here.