By Jacob Hess, CAO & Co-Founder, NGT Academy
While digital transformation and adoption of technology are critical to maintaining a battlefield advantage for the U.S. military, it also makes them more vulnerable to cyberattacks. The combination of autonomous vehicles in military logistical support systems and drones in air strikes are just some avenues that an enemy regime can infiltrate to deploy hackers and remotely sabotage U.S. military equipment at home and abroad.
Other threats include:
- State actors deploying reconnaissance campaigns against assets,
- A computer found to be lacking proper patch management or weak configurations being isolated for exploitation,
- Hackers sniffing packets to gain information, and/or
- Hackers deploying distributed denial-of-service (DDoS) attacks to compromise critical communications channels.
Any of these threats would be detrimental to the safety of U.S. military men and women. Fortunately, troops are equipped with some of the best skills training available to combat these attacks.
Equipment Vulnerable During a Cyberattack
Anything connected to the public internet is vulnerable to worldwide attack. Host machines and servers that are running well-known operating systems such as Windows, Linux, Mac OSX or mobile operating systems such as Android and iOS are the most vulnerable systems targeted for exploitation.
Other devices that control network traffic flows such as firewalls, routers and switches can also be targeted. Clearly, the cost of such attacks to our military is far greater than the cost of similar attacks to companies or individuals, so protecting these systems is vital.
Hacking Experience
Very little detail has been made public regarding the complexity of the operating environment of military-grade vehicles. The Stryker-Dragoon and the Stryker CROWS-J–– remote-controlled weapons-firing platforms which have been deployed in Europe––are known to have exploitable vulnerabilities. Details are lacking in terms of these vulnerabilities but any exploit on such a critical asset could be harmful during combat. With the right intel, a hacker with experience creating exploits in a variety of languages is capable of producing such an exploit. Given that these actors are state-sponsored and have unlimited resources puts military vehicles at risk.
How the U.S. Military is Countering Cyber Attacks
The military deploys similar measures of network defense to those used by civilian enterprise organizations, such as threat detection. The military also has highly protected, top-secret networks that run independently of unclassified networks. This helps to keep more sensitive information secure and separate from unclassified traffic, reducing the possibility of a data leak or system hack. In addition to having robust information security technology and cybersecurity systems, one of the most important aspects of security still comes down to the human factor, social engineering and cybersecurity awareness of the employees and people on the front lines.
Today the military can detect and remedy intrusions within hours, if not minutes. From September 2014 to June 2015 alone, it repelled more than 30 million known malicious attacks at the boundaries of its networks. Of the small number that did get through, fewer than 0.1% compromised systems in any way.
Educating New Recruits with Skills-Based Training
Combating the threats hackers pose to the military requires knowledge and skills that are best learned through hands-on training. A college education tends to be primarily information- and knowledge-based, rather than vocational. American colleges and universities require students to take courses that are unrelated to their major, which is a very slow and obsolete method of training aspiring information technology and cybersecurity professionals.
By contrast, the military recognizes the value of immersive, hands-on learning. Rather than sending new recruits to four-year colleges to prepare them for the field, the military trains them in a matter of months with real-world, experiential and skills-based learning as its focus. The hands-on training military recruits receive specifically prepares them for their jobs as military network engineers and cyber security professionals, laying the foundation for a stronger defense against cyber-attacks.
About the Author
Jacob Hess is the CAO and Co-Founder of NGT Academy, an affordable, immersive and military-style cybersecurity and network engineering professional training platform. In the Air Force, Hess trained thousands of engineers for the military with top security clearances. At NGT Academy, he has combined the military training philosophy of job readiness with decades of network engineering experience into a comprehensive program to get people into cyber security or networking careers faster and more effectively. As CAO at NexGenT and NGT Academy, Hess oversees the Academic Group, training program development, student success and the instructor team. An instructor himself, Hess develops course content and program curriculum for NGT Academy. A believer in humanity, Hess is passionate about education, service to others and high-performance teams. Jacob can be reached online at https://www.linkedin.com/in/jacobchess and at our company website https://ngt.academy/
Source: www.cyberdefensemagazine.com