Whether it’s in the public or private sector, cyber threats are potentially everywhere.
Just last month, an international cyberattack crippled dozens of worldwide businesses, including the U.S.-based pharmaceutical giant Merck.
Victims across the globe were faced with demands to hand over a ransom or have their computer networks remain locked and inaccessible.
The outbreak was the latest and probably the most sophisticated in a series of global attacks, but many cybersecurity experts believe the motivation wasn’t really money.
Instead, most experts believe it was sabotage.
Even some foreign countries such as Ukraine are blaming Russian security services for the cyberattack that targeted dozens of businesses around the world. However, Moscow has reportedly denied any involvement.
But it’s not just international companies that are being targeted.
Late last year, it was reported that Russian hackers struck at the heart of the U.S. military back in 2015 at an alarming speed.
Within an hour, hackers had seized control of the unclassified e-mail system used by the Pentagon’s Joint Staff, the organization of some 3,500 military officers and civilians who work for the then-Chairman of the Joint Chiefs Martin Dempsey.
In that short amount of time, the hackers seized the computer credentials of Dempsey and hundreds of other senior officers — the passwords and electronic signatures they used to sign on to the network. The only way to stop the attack was to take the network down, CBS News reported in December 2016.
And, of course, there is an ongoing investigation by special counsel Robert Mueller into Russia’s interference into last year’s presidential election.
While cyber attacks have clearly become worldwide weapons of mass disruption, they are also being used more frequently as an attempt to harm the U.S. Armed Forces.
But the American military isn’t taking this threat lightly.
Just this past week, the U.S. Army Cyber Center of Excellence at Fort Gordon concluded a 26-day event called Cyber Quest 2017 that explored the latest cyber and electronic warfare technologies.
The goal is to improve the Army’s warfighting capabilities and seek innovative solutions to existing problems, such as the challenge of data overload that confronts battlefield commanders.
Soldiers and Army officials also reviewed other technologies, such as the near-silent tactical radios with direction-finding capabilities that have the ability to prevent enemies from detecting or disrupting friendly force communications.
“This is a space that is ever-changing,” said Maj. Gen. John B. Morrison Jr., commanding general of the U.S. Army Cyber Center of Excellence and Fort Gordon. “It never, ever stops. Cyberspace today is not going to be what cyberspace is tomorrow. So by teaming with industry and academia, one of the things that we really get is: What’s in the art of the possible?”
During this multi-week event, soldiers were able to gain “on-the-ground experience” using the latest technologies available through the 27 industry vendors that participated in Cyber Quest 2017, Morrison said.
“Sometimes we may not be able to see what is the requirement we are exactly trying to solve,” Morrison said. “Industry helps us see past that and they help us get a sense for what we can do and how we can extend that into a formation, so that, quite frankly, we are able to defeat any adversary that is out there.”
Cyber Quest is mutually beneficial to the Army and industry partners because soldiers are able to truly test the capabilities of these latest technologies.
“By having capabilities in the hands of soldiers, it’s great not only for the U.S. Army and the Joint Force, but it is also great for our industry partners because it allows them to take immediate soldier feedback and improve their capabilities,” Morrison said.
“Which is what we need and which is what industry needs because, in cyberspace, it is ever-evolving.”
A vendor might offer an excellent product, but if it isn’t practical for soldiers to use to combat a cyber threat, then it’s useless to the Army, Morrison said.
“If we design a system that cannot be operated by soldiers, then it is a wasted effort,” Morrison said.
“It has got to be something that can be employed, it’s intuitive and it’s integrated.”
It also must be a system that can be operated under intense pressure, Morrison said.
“Soldiers have got to be able to operate this kit in a contested and congested environment, under duress and extreme stress when they are dog tired,” he said. “We can’t build systems that are so complicated they can’t be operated by soldiers.”
During each day of training, there were approximately 165 soldiers, contractors and civilians involved in the daily activities, said Lt. Col. Stephen Roberts, Cyber Quest 2017 officer in charge.
“We can’t do Cyber Quest by ourselves,” Roberts said, adding that industry experts and vendors play a crucial role in the event’s success. “There were 27 vendors this year and 10 last year (during Fort Gordon’s first Cyber Quest 2016), so we’ve grown in scale.”
Lt. Col. Gary Lyke, TCM-Electronic Warfare, explained that Cyber Quest allows for the Army to place a solider with a new system, provide them about 20 minutes of training and see how it operates.
Technology in cyberspace moves so quickly that the military must be able to constantly adapt to those changes, Morrison said.
“We all use the iPhone as an example,” Morrison said. “Ten years ago, who would have imagined the iPhone of today? Or any smartphone?”
It is crucial for the Army to be able to bring these new capabilities into the force and also adapt to the constantly changing atmosphere, Morrison said.
“And it is just as important to spin them out when they are obsolete,” Morrison said. “That is going to be absolutely critical moving forward.”
Electronic warfare — or the science of detecting, deceiving and disrupting enemy radio-frequency transmissions — is also becoming an increasingly important tool in the modern military.
“Electronic warfare is another one that we are paying very specific attention to. This was the first time that we’ve actually assessed electronic warfare capabilities here at Fort Gordon,” Morrison said. “That is absolutely critical because, I would submit to you, that the United States Army is behind many of our near-peer or even peer competitors in that particular field.”
“So having the ability to go ahead and assess that from an operational prospective and having soldiers do it and employ it, so we can rapidly learn and spin these capabilities into the force is absolutely critical.”
While some people like to joke that the military can occasionally move at a snail’s pace, the Army is quickly learning that cannot be the case when it comes to cyberspace.
“One of the things that the Army is going to have to start working our way through is that, in this world where things change so fast, the traditional acquisition model will not work for cyber. I will be that definitive,” Morrison said. “So we are working through several processes within the Army that will allow us to rapidly spin capabilities that we’ve seen that have been addressed here into the force on a much shorter timeline.”
Morrison said he hopes to have that new model approved by the end of the summer.
“That’s the journey that we are on because we know that if we develop requirements today, in seven years from now we are trying to fill the capability in a cyberspace domain, it simply will not work,” Morrison said. “We are behind before we even start.”
Also, one of the biggest challenges in cyberspace is keeping up with the amount of data analysis needed to properly protect this country, Morrison said.
Basically, analysts must monitor and understand the normal patterns of traffic and user behaviors on a given network. As a result, it becomes possible to quickly identify anomalies that could indicate an enemy cyber intruder.
However, the enormous volume of data is a challenge, Morrison said.
“I’m not going to sit here and say that it is too hard. Not at this point anyway. But, boy, it is a wicked, tough challenge,” Morrison said. “That’s the only way to describe it because, even today, the amount of data that is flowing off any network or inside the electromagnetic spectrum on any given day is a whole bunch.”
In the future, new technologies will play a vital role in the Army’s success, Morrison said.
“It is going to be a combination of automation, you know, artificial intelligence in the future, machine-to-machine learning, things along that line so that we can start calling the information down so it is something that a human can decipher,” he said. “It is going to be a combination of the two.”
“I do think that advances in artificial intelligence is going to allow us to react much, much quicker to things happening in cyberspace.”
However, it will still be up to a commander to make a decision on how to react to the information, Morrison said.
“What you are having now is the machine is telling you, ‘Hey, something different is happening on the network that doesn’t normally happen. You may want to go take a look at this,’” Morrison said. “That’s a start. But I think as artificial intelligence and machine-to-machine learning and those kinds of things mature over the course of time, you’ll see that capability only increase.”
Over the next 60 to 90 days, Morrison said Army officials will produce a final report on the insights gained from Cyber Quest 2017 that will be centered around feedback from soldiers involved in the daily activities.
“It is amazing what happens when you give our young troops a capability – how they will take it and make the absolute best use of it,” Morrison said.
Now that the Cyber Center of Excellence at Fort Gordon has completed its second Cyber Quest event, Morrison said he looks forward to what is learned in 2018.
“It’s the old crawl, walk, run analogy,” Morrison said. “Last year was really just getting the process started. I will tell you we are at a walk getting ready to start jogging, so this is a process that is maturing.”