PENTAGON: Technology is a two-edged sword, and it can cut the hand that wields it in unexpected ways. For a generation, ever since the first Gulf War, the information age has been America’s big advantage, arming the US military with everything from smart bombs to remotely piloted drones to supply databases. But even low-tech Iraqi insurgents could pick up Predator video transmissions from time to time, and potential adversaries from China to Iran are far more capable in cyberspace. So as the all-consuming commitment to Afghanistan winds down, the armed services have started looking hard at the perils and potential of their dependence on computer networks — none more so than the US Navy.
The Chief of Naval Operations himself, Adm. Jonathan Greenert, has increasingly emphasized the intersection of the brave new world of cyber with the Navy’s longstanding strengths in electronic warfare, most recently in an editorial published on this website yesterday. To flesh out the CNO’s vision, I sat down with Greenert’s point man on the coming war of electrons, Rear Adm. William Leigher. A veteran cryptologist who went on to serve at Fleet Cyber Command, Leigher now bears the jaw-breaking title of “director of warfare integration for information dominance,” known in Navy shorthand as N2/N6F. It’s his job to keep up with the staggering pace at which information technology advances.
“Moore’s Law is both your friend and your enemy,” Leigher told me. “Something that was not a vulnerability three years ago may be a serious vulnerability today.”
Some of those vulnerabilities are forehead-smackingly simple, once you know where to look. “You can walk around any ship, most aircraft, and you can find either USB ports or serial ports that were put there for maintenance,” said Leigher. “They were done for good engineering reasons” — to download diagnostic data, for example — “but the engineer wasn’t thinking about computer security.” What if an enemy agent under cover as a contractor or even as a civilian on a good-will tour slipped a virus-loaded thumb drive into one of those ports? What if the bad guy simply tricked a sailor into doing it for him? That’s how someone (almost certainly the US and Israel) infiltrated the Stuxnet virus into the Iranian nuclear program, after all.
“We found early on that the ship’s crew really wasn’t attuned to that,” Leigher said. So the Navy has put in place precautions ranging from awareness training to physical locks not too different from the childproof caps that anxious parents put on their electrical outlets.
The more complicated problem, though, and the one which keeps getting bigger, is not the visible points of vulnerability but the intangible, wireless ones. Civilians and servicemembers alike increasingly take wi-fi gadgetry for granted. Leigher himself leaves the Pentagon every day with his Navy-issued Blackberry, personal iPhone, and an iPad, “each of them emitting a signal — or two if it’s got Bluetooth turned on.”
The problem is that every wireless device is basically a radio, constantly sending and receiving electromagnetic signals — and militaries around the world have been detecting, disrupting, and deceiving radio transmissions since World War II: It’s called electronic warfare. (Radar is just another form of radio).
At a minimum, every wireless device or sensor potentially reveals your presence and position every time that it transmits. The Navy spent a lot of effort during the Cold War on “emissions control,” or EMCON, to prevent the Soviets from homing in on ships’ radio and radar signals. After 1991, though, EMCON skills “atrophied,” Leigher said bluntly, even as the number of wireless signals that Navy ships emitted increased.
Today, the CNO has reemphasized what he’s called “electromagnetic hygiene.” Said Leigher, “we’ve got to think about RF [radio frequency] emissions the same way we think about missiles, gun shells, and torpedoes: It always has to be under positive control.”
“It’s not as simple as EMCON that I might have done in the mid-’80s or early 90s,” Leigher warned. To start with, there are many more signals to control, and you can’t just turn everything off: You always want your sensors ready to detect incoming missiles and your jammers ready to disable them, for example. In the future, Leigher said, rather than just shutting systems down to avoid detection, a Navy ship might deliberately change the signals it emits to make the enemy think it’s something else.
For their part, potential adversaries can do more with the signals they detect than just figure out where you are. “There are now threats that can use the emissions we have to target us,” Leigher said, “whether it’s the PRC ‘carrier killer'” — a Chinese PLA Navy ballistic missile designed to home in on ships at sea — “or other long-range missiles that are on the horizon.”
In the cyber era, moreover, electromagnetic incontinence can expose you to subtler threats than a missile homing in on your transmissions. Every “aperture” that can receive electromagnetic signals, whether it’s a sensor or a wireless network, is a potential gateway for hackers to connect to your systems. Navy “red teams” that emulate a potential adversary’s techniques regularly scan the Navy’s ships, aircraft, and bases for just such vulnerabilities. “We probe for those things and we correct them as we find them,” Leigher said, pointedly declining to give details.
If the bad guys do get into your network, though, they can follow the digital links to all sorts of unpleasant and unexpected places. Connectivity can become a security problem.
For example, on the notoriously troubled USS San Antonio, aka LPD-17, the first of a new class of high-tech amphibious warfare ship, one of the many problems was the initial version of the Raytheon-built Shipboard Wide-Area Network, SWAN. “We made a mistake,” Leigher said bluntly. “The shipbuilder gave us a single consolidated network: SWAN controlled our interface to the internet, it controlled shipboard engineering systems, steering systems, it connected to fire control systems [for weapons]. You really had too much leeway to move horizontally within that network, so you could jump from the internet to engineering control systems. That was not a good thing.”
At the same time, however, the Navy really wants to clean up its shipboard electronics, which have proliferated into a tangle of separate, single-purpose systems that don’t communicate well with one another. A typical warship has five different networks; an aircraft carrier has no less than 41.
The fleet’s attempt to square this circle is a multi-billion-dollar program called CANES, Consolidated Afloat Networks and Enterprise Services, designed by Northrop Grumman. The first CANES installation began in December, on the destroyer USS Milius, to be followed by the nuclear carrier USS Stennis in May; the Navy plans to put CANES on 192 ships and shore facilities overall.
CANES is a single integrated system, but it’s not a single network, it’s three: one unclassified, one secret (SIPRNet), and one top secret (JWICS). Consolidating from five or 41 networks down to three should increase efficiency, but without creating the vulnerabilities of having everything connected on a single network.
Even with CANES installed, however, classified and unclassified data streams still cross over in surprising ways. The Navy transmits information between its ships and operations centers ashore using something called ADNS, the Automated Digital Network System. Everything a ship or shore facility wants to send goes into its ADNS router, gets relayed through a satellite, and is received by another ADNS router, which splits the streams back up again. To make the best use of limited bandwidth, said Leigher, “It’s one single waveform that’s encrypted….It may be carrying sailor email, it may be carrying logistics data, it may be carrying the target for a Tomahawk [cruise missile].”
In theory, all this is secure. “We’ve had remarkably few viruses get into the shipboard environment,” Leigher said. But it’s still unnerving to realize that the ones and zeroes describing some sailor’s family photos — or his attempt to download porn — is intermingled with targeting data on, say, an incoming North Korean nuke, targeting data that will go from ADNS to CANES right into the combat systems controlling the ship’s weapons.
Conversely, some systems that really ought to connect to one another don’t. For example, the standard and targeting system for Navy ships since 1973 is something called Aegis, while the standard data exchange system for both US and NATO aircraft is Link-16. “Aegis can receive Link-16 but they can’t transmit on it,” Leigher said. “It’s the product of all of this growing up in different communities over time; I’m not sure this is how we would do it if we started today.”
So today, the Navy is developing a sometimes bewildering array of interconnecting systems to transmit targeting information: Cooperative Engagement Capability (CEC), Tactical Targeting Network Technology (TTNT), and Naval Integrated Fire Control – Counter-Air (NIFC-CA).
Originally, an Aegis ship would find enemy missiles and aircraft with its own onboard radar, then shoot them down with its own onboard weapons. Increasingly, that Aegis system can take incoming data from offboard sources — from other ships, Navy E-2D Advanced Hawkeye radar planes, Army JLENS surveillance blimps, and in the future from Navy, Marine Corps, and Air Force F-35 Joint Strike Fighters — and fire at targets the ship’s own radar can’t yet see. The Navy is currently testing what’s called “launch on remote,” where the Aegis ship uses the offboard data to launch a missile towards the target but still relies on its own radar to lock on for the final approach and kill. The next step, though, will be “engage on remote,” where the missile relies entirely on offboard data and the firing ship’s own radar never sees the target at all.
The Navy’s pursued such an interconnected targeting network for years, said Leigher, “now we have really well constructed networks, powerful data links, and waveforms to move a lot of information, this ‘cooperative engagement capability’ has become real.”
Wireless networks can do more than enable missile strikes, however: They can be weapons in their own right. Leigher, understandably, is extremely cagey about discussing how America might stage cyber attacks. What he did suggest, however, was that the Navy has the unique advantage over the other services that it can put large, well-equipped electronic warfare platforms in international waters — not just airplanes, but ships — and still “touch foreign cyberspace.” There is the potential, he went on, to hybridize traditional Navy skills in electronic warfare, signals intelligence, and emissions control with its emerging skills in cyberwar “to create new offensive capability.”
But taking full advantage of the electromagnetic spectrum for both attack and defense will require a new way of thinking, not only from the Navy but from the defense industry that serves it, Leigher said. Contractors need to offer the Navy new solutions to new problems — but also new approaches to tackle old problems in ways we couldn’t during the Cold War.
“It really comes back to this notion of spectrum control and what emission control means in the information age. My gut is it’s fundamentally different,” Leigher said. “We need a different way to approach that problem than the Cold War thinking…. The information age offers us a lot better ways to think about that.”