CSIAC

Cyber Security and Information Systems Information Analysis Center

/ CSIAC Reports / The Internet of Things and the “Next War”

The Internet of Things and the “Next War”

| Leave a Comment

The Internet of Things

The Internet of Things (IOT) is based upon the integration of commercial TCP-IP networks with ubiquitous, embedded, Control Systems hardware attached to such things as wall plugs, speakers, lights, cameras, thermostats, and multiple other domestic appliances.  To date the implementations have been networked at the home or facility end using distributed Wi-Fi or Zigbee interfaces, hooked into standard ISP backbones. The implementation of this by industry has not been without security concerns and actual exploits, such as the 2016 IOT Botnet DDOS event[1].

However, in times of future national level conflicts, what Frank Abagnale terms “the dark side” of IOT[2], and what the Chinese military has called “Systems Warfare”, will emerge.  What was “IoT” will now become the “IoBT”, the Internet of Battlefield Things, whether designed as such or merely conscripted. DDOS style attacks are the least of our problems.  A we have seen in the Industrial Control Systems (ICS) world, physical infrastructure degradation and damage can result[3]. Within an IOBT environment, scale of attack is the first concern.  Multiple cyber threats converging in a systems warfare model must be anticipated and counteracted, and this can only be effective using highly autonomous methods. A highly dynamic battlespace with multiple interconnected components within the IoBT will require real-time cyber defense capabilities that have sufficient levels of autonomy to rapidly detect and defend against malicious enemy cyberwarfare activities.  To assure cyber resilience in future massively networked contested environments, we will need automated indications and warnings to infrastructure operators, integration of machine learning nodes to enhance predictive battlespace awareness, integration of cyber-physical cognitive models of human and AI interaction to optimize human machine teaming, and  lastly, effective modeling and simulation to operationally validate these technologies will be needed.

5G Connectivity and IOT

As implied above, current distributed command and control of IOT devices is easy to interdict by disconnecting them from a local network.  This may change in the future. Telecommunications infrastructure using 5G will become the de facto standard for global mobile communications.  The 5G system was designed to increase bandwidth, reduce latency, and provide the rapid cloud enabled data storage needed to bring about the IOT revolution. 5G will extend Orthogonal Frequency Division Multiplexing  (OFDM)  capabilities to 20 Gigabits-per-second peak data rates and 100+ Megabits-per-second average data rates, provide a 100x increase in traffic capacity and network efficiency, and use advanced Massive  Multiple Input Multiple Output (MIMO) to ensure coverage and provide accurate geolocation capabilities[4]. There are significant security caveats, however. Devices are now being manufactured with 5G modems built in. Access to the reported data and transmission method may not be transparent to the user[5]. Similar concerns for national security were recently aired at a Western allies 5G security conference in Prague on 3 May 2019[6]. European Union, NATO countries, and allies such as Japan and Australia are now creating an outline of basic 5G practices that “could form a coordinated approach to shared security and policy measures”. These security policies will be evolving while 5G is rolling out commercially, and these policies will be needed to inform Defense R&D and acquisition decisions.

References

  1. https://www.welivesecurity.com/2016/10/24/10-things-know-october-21-iot-ddos-attacks/
  2. https://www.nxtsoft.com/posts/frank-abagnale-s-cybersecurity-academy-internet-of-things-devices
  3. https://ics.sans.org/media/ICS-CPPE-case-Study-2-German-Steelworks_Facility.pdf
  4. https://www.qualcomm.com/news/onq/2016/12/20/5-wireless-inventions-are-making-5g-nr-global-5g-standard-reality
  5. https://www.theregister.co.uk/2019/09/17/hp_inc_printer_privacy_policy/
  6. https://www.reuters.com/article/us-telecoms-5g-security/western-allies-agree-5g-security-guidelines-warn-of-outside-influence-idUSKCN1S91D2

Author

Dr. Paul B. Losiewicz
Dr. Paul B. Losiewicz
Dr. Paul B. Losiewicz is Senior Scientific Advisor for the Cybersecurity and Information Systems Information Analysis Center (CSIAC), a DoD information analysis center operated by Quanterion Solutions Incorporated for the Defense Technical Information Center (DTIC), Ft Belvoir, MD. He has over 30 years of DoD RDT&E experience, including R&D for Navy Special Warfare, Air Force Research Laboratory, Air Force Office of Scientific Research, and Office of Naval Research Global (ONRG). Dr. Losiewicz has two patents. Recent accomplishments include:
  • Presented “Data Sets for Autonomous Intelligent Cyber-defense Agent Research” at the 1st NATO-Industry workshop on Autonomous Cyber Defence, Cranfield University, UK in March 2019
  • Co-authorship of two papers on DoD Facilities Related Control Systems Cyber Security with Mr. Daryl Haegley, SECDEF Principle Cybersecurity Advisor, and one paper with Benoit LeBlanc and Sylvain Hourlier of L'Ecole Nationale Supérieure de Cognitique entitled “A Program for Effective and Secure Operations by Autonomous Agents and Human Operators in Communications-Constrained Tactical Environments”; ARL-SR-0395
  • Served on the NATO Research Task Group (RTG) IST-152 “Intelligent Autonomous Agents for Cyber Defense and Resilience”, chaired by Dr. Alexander Kott, Army Research Laboratory Chief Scientist
  • Organized a DoD briefing Session on Industrial Control Systems Cybersecurity for Department of Homeland Security at the Industrial Control Systems Joint Working Group (ICSJWG) with representatives of OASD (E,I&E), INDO-PACOM and Sandia National Labs

Reader Interactions

Leave a Comment