Cyberwarfare and backbone: does UK defence make the grade?
Join Our Newsletter - Get important industry news and analysis sent to your inbox – sign up to our e-Newsletter here
X

Cyberwarfare: does UK defence make the grade?

By Norbert Neumann 09 Nov 2021 (Last Updated November 10th, 2021 15:53)

China is investing in artificial intelligence to boost its cyber capabilities and some analysts believe the US and its allies are lagging. Can the UK Ministry of Defence turn the tide? Norbert Neumann explores cyber threats and capabilities with Improbable Defence and SecAlliance.

Cyberwarfare: does UK defence make the grade?
Network connection technology. Credit: Shutterstock

Earlier this year, the UK Ministry of Defence’s (MOD) Digital Strategy for Defence paper outlined how the armed forces will access data via a secure, singular, modern digital backbone. The backbone and a strategy itself are multi-layered, but one of the main aims is to create the ability to exploit vast amounts of data in a simple way to dominate the battlespace.

Analysis of the Chinese Communist Party’s (CCP) five-year plan by cyber threat intelligence company SecAlliance reveals that China is increasingly confident and, no doubt, hostile in its cyber behaviour. This will have implications on the future cyber landscape and potentially a detrimental effect on industrialised democracies.

Creating the digital backbone as per the MOD’s ambitions would rely on storing sensitive data at a single location. But where information is kept cyber-attacks may also occur, and the MOD faces a challenge in transferring its complex IT architecture into a non-legacy based infrastructure to make it work safely.

The digital backbone

The digital backbone is a singular, future-proof secure communications architecture that connects sensors, effectors and deciders across military and business domains. It will enable multi-domain integration and the transformation of defence using artificial intelligence, machine learning and other technologies.

The MOD works with numerous suppliers and various networks that interact with each other on a complex level. UK-based digital infrastructure specialist Improbable Defence is building a digital twin that absorbs the complexity of the process and conveys a level of simplicity to the network operators which will help them function more efficiently.

The company’s chief executive officer of defence and security Joe Robinson explains: “Understanding the way those networks operate, and efficient modification and upgrading that [networks] can be a complex task. It can be quite time consuming and intensive for a lot of people to manage that kind of complexity.

“The aim is to help them enhance the resilience of the network, to speed up decision making around network operations and improvements and also drive efficiencies. The digital twin, in very specific terms, will help increase understanding of the current networks and their operations.”

The digital twin will also help the MOD predict future demands on its communication networks. Robinson says his company’s solution will enhance the management and network operations that have to take place when running a very largescale communication network infrastructure, which includes elements such as cyber resilience. The digital twin “will flush out data and provide a bit of analytical rigour to support decision making,” he says.

Cybersecurity

In the Digital Strategy, the MOD recognises that having the capability and being able to exploit data is just as much of a risk as a benefit.

“If you are aggregating all of the data into one place, which you have to do for AI and machine learning to work properly, that also lends itself as being a high-value target for malicious actors,” head of intelligence at SecAlliance Rob Dartnall explains.

When it comes to information operations and cyber operations, Russia regularly hits the headlines. But China’s cyber capability has become proficient in recent years.

Dartnallsays: “They could conduct hundreds if not thousands of operations all at the same time if they wanted to. We’ve seen from their supply chain targeting that they understand that targeting single points of failure is a much higher reward.

“What they’ll be looking at is identifying the individual service providers that everyone uses. Once they took out a single point of failure, they could impact 40 or 100 organisations rather than having to target 40 or 100 organisations.”

He believes China would identify and target supply chains that hold the most amounts of aggregated sensitive data. The CCP could potentially aim at key technologies that most, if not all defence contractors or government departments use, and compromise one piece of software instead of dozens.

While the digital twin is a powerful tool to enhance resilience and understand how to improve a system, it can have perilous consequences if falls into the hands of an adversary. Dartnallexplains that if access is gained to a digital twin, the mal-actor can understand the weak points of a particular system and identify a single point of failure within. “Once they’ve got that, they can potentially reverse engineer it and just absolutely annihilate you,” he says.

The MOD sees the solution in a secure by design method, the transformation of the digital enterprise and implementing certain measures that will deliver secure foundations to the digital backbone.

When it comes to creating or operating the digital infrastructure, the MOD has an easier task than mature financial institutions, for instance.

“They [MOD] don’t have to have a significant amount of infrastructure that is internet-facing so it should be easier to do. But what you are dealing with is legacy technology and data intelligence that needs to be standardised, aggregated and built around a zero-trust system. It’s doable, but it’s not a three to five-year plan, it’s a decade issue,” Dartnall says.

Improbable Defence, however, believes the in-depth simulations and rich synthetic environment delivered by its digital twin allows for a layering of the dependencies on the network. With the large and detailed simulation, the company can understand the mission and service level impacts of the network and model hypothetical scenarios on a mission or individual level.

“If an individual at a particular station is denied a particular computer, how does that impact their job? Because what you care about is whether you can deliver your mission, whether you can do your job at the moment based on network interference or network assets,” Robinson concludes.