• Home
  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Related Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact Us
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Login / Register

CSIAC

Cyber Security and Information Systems Information Analysis Center

  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Cybersecurity
  • Modeling & Simulation
  • Knowledge Management
  • Software Engineering
/ CSIAC Reports / The Internet of Things and the “Next War”

The Internet of Things and the “Next War”

Posted: 10/01/2019 | Leave a Comment

The Internet of Things

The Internet of Things (IOT) is based upon the integration of commercial TCP-IP networks with ubiquitous, embedded, Control Systems hardware attached to such things as wall plugs, speakers, lights, cameras, thermostats, and multiple other domestic appliances.  To date the implementations have been networked at the home or facility end using distributed Wi-Fi or Zigbee interfaces, hooked into standard ISP backbones. The implementation of this by industry has not been without security concerns and actual exploits, such as the 2016 IOT Botnet DDOS event[1].

However, in times of future national level conflicts, what Frank Abagnale terms “the dark side” of IOT[2], and what the Chinese military has called “Systems Warfare”, will emerge.  What was “IoT” will now become the “IoBT”, the Internet of Battlefield Things, whether designed as such or merely conscripted. DDOS style attacks are the least of our problems.  A we have seen in the Industrial Control Systems (ICS) world, physical infrastructure degradation and damage can result[3]. Within an IOBT environment, scale of attack is the first concern.  Multiple cyber threats converging in a systems warfare model must be anticipated and counteracted, and this can only be effective using highly autonomous methods. A highly dynamic battlespace with multiple interconnected components within the IoBT will require real-time cyber defense capabilities that have sufficient levels of autonomy to rapidly detect and defend against malicious enemy cyberwarfare activities.  To assure cyber resilience in future massively networked contested environments, we will need automated indications and warnings to infrastructure operators, integration of machine learning nodes to enhance predictive battlespace awareness, integration of cyber-physical cognitive models of human and AI interaction to optimize human machine teaming, and  lastly, effective modeling and simulation to operationally validate these technologies will be needed.

5G Connectivity and IOT

As implied above, current distributed command and control of IOT devices is easy to interdict by disconnecting them from a local network.  This may change in the future. Telecommunications infrastructure using 5G will become the de facto standard for global mobile communications.  The 5G system was designed to increase bandwidth, reduce latency, and provide the rapid cloud enabled data storage needed to bring about the IOT revolution. 5G will extend Orthogonal Frequency Division Multiplexing  (OFDM)  capabilities to 20 Gigabits-per-second peak data rates and 100+ Megabits-per-second average data rates, provide a 100x increase in traffic capacity and network efficiency, and use advanced Massive  Multiple Input Multiple Output (MIMO) to ensure coverage and provide accurate geolocation capabilities[4]. There are significant security caveats, however. Devices are now being manufactured with 5G modems built in. Access to the reported data and transmission method may not be transparent to the user[5]. Similar concerns for national security were recently aired at a Western allies 5G security conference in Prague on 3 May 2019[6]. European Union, NATO countries, and allies such as Japan and Australia are now creating an outline of basic 5G practices that “could form a coordinated approach to shared security and policy measures”. These security policies will be evolving while 5G is rolling out commercially, and these policies will be needed to inform Defense R&D and acquisition decisions.

References

  1. https://www.welivesecurity.com/2016/10/24/10-things-know-october-21-iot-ddos-attacks/
  2. https://www.nxtsoft.com/posts/frank-abagnale-s-cybersecurity-academy-internet-of-things-devices
  3. https://ics.sans.org/media/ICS-CPPE-case-Study-2-German-Steelworks_Facility.pdf
  4. https://www.qualcomm.com/news/onq/2016/12/20/5-wireless-inventions-are-making-5g-nr-global-5g-standard-reality
  5. https://www.theregister.co.uk/2019/09/17/hp_inc_printer_privacy_policy/
  6. https://www.reuters.com/article/us-telecoms-5g-security/western-allies-agree-5g-security-guidelines-warn-of-outside-influence-idUSKCN1S91D2

Author

Dr. Paul B. Losiewicz
Dr. Paul B. Losiewicz
Dr. Paul B. Losiewicz is Senior Scientific Advisor for the Cybersecurity and Information Systems Information Analysis Center (CSIAC), a DoD Information Analysis Center operated by Quanterion Solutions Incorporated for the Defense Technical Information Center (DTIC), Ft Belvoir, MD. He has over 30 years of DoD RDT&E experience, including R&D for Navy Special Warfare, Air Force Research Laboratory, Air Force Office of Scientific Research, and Office of Naval Research Global (ONRG).

Technology Areas: Cybersecurity, Software Intensive Systems Engineering Tags: 5G, Internet of Things (IoT)

Previous CSIAC Report:
« Security-Conscious Password Behavior from the End-User’s Perspective
Next CSIAC Report:
Cybersecurity Issues for Security Managers: 2019 »

Reader Interactions

Leave a Comment Cancel

You must be logged in to post a comment.

sidebar

Blog Sidebar

Featured Content

Data Privacy Day - Jan 28

Data Privacy Day is January 28th

You can help create a global community that respects privacy, safeguards data, and enables trust. You can help teach others about privacy at home, at work, and in your community.

Learn How

Featured Subject Matter Expert (SME): Daksha Bhasker

A dynamic CSIAC SME, Senior Principal Cybersecurity Architect, Daksha Bhasker has 20 years of experience in the telecommunications services provider industry. She has worked in systems security design and architecture in production environments of carriers, often leading multidisciplinary teams for cybersecurity integration, from conception to delivery of complex technical solutions. As a CSIAC SME, Daksha's contributions include several published CSIAC Journal articles and a webinar presentation on the sophiscated architectures that phone carriers use to stop robocalls.

View SME's Contributed Content

The DoD Cybersecurity Policy Chart

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

CSIAC Report - Smart Cities, Smart Bases and Secure Cloud Architecture for Resiliency by Design

Integration of Smart City Technologies to create Smart Bases for DoD will require due diligence with respect to the security of the data produced by Internet of Things (IOT) and Industrial Internet of Things (IIOT). This will increase more so with the rollout of 5G and increased automation "at the edge". Commercially, data will be moving to the cloud first, and then stored for process improvement analysis by end-users. As such, implementation of Secure Cloud Architectures is a must. This report provides some use cases and a description of a risk based approach to cloud data security. Clear understanding, adaptation, and implementation of a secure cloud framework will provide the military the means to make progress in becoming a smart military.

Read the Report

CSIAC Journal - Data-Centric Environment: Rise of Internet-Based Modern Warfare “iWar”

CSIAC Journal Cover Volume 7 Number 4

This journal addresses a collection of modern security concerns that range from social media attacks and internet-connected devices to a hypothetical defense strategy for private sector entities.

Read the Journal

CSIAC Journal M&S Special Edition - M&S Applied Across Broad Spectrum Defense and Federal Endeavors

CSIAC Journal Cover Volume 7 Number 3

This Special Edition of the CSIAC Journal highlights a broad array of modeling and simulation contributions – whether in training, testing, experimentation, research, engineering, or other endeavors.

Read the Journal

CSIAC Journal - Resilient Industrial Control Systems (ICS) & Cyber Physical Systems (CPS)

CSIAC Journal Cover Volume 7 Number 2

This edition of the CSIAC Journal focuses on the topic of cybersecurity of Cyber-Physical Systems (CPS), particularly those that make up Critical Infrastructure (CI).

Read the Journal

Recent Video Podcasts

  • Privacy Impact Assessment: The Foundation for Managing Privacy Risk Series: The CSIAC Podcast
  • Agile Condor: Supercomputing at the Edge for Intelligent Analytics Series: CSIAC Webinars
  • Securing the Supply Chain: A Hybrid Approach to Effective SCRM Policies and Procedures Series: The CSIAC Podcast
  • DoD Vulnerability Disclosure Program (VDP) Series: CSIAC Webinars
  • 5 Best Practices for a Secure Infrastructure Series: The CSIAC Podcast
View all Podcasts

Upcoming Events

Sat 23

SANS Cyber Security Central: Jan 2021

January 18 - January 23
Organizer: SANS Institute
Wed 27

Enterprise Data Governance Online 2021

January 27 @ 08:00 - 13:30 EST
Organizer: DATAVERSITY
Thu 28

Data Privacy Day

January 28
Jan 28

Data Privacy Day

January 28, 2022
View all Events

Footer

CSIAC Products & Services

  • Free Technical Inquiry
  • Core Analysis Tasks (CATs)
  • Resources
  • Events Calendar
  • Frequently Asked Questions
  • Product Feedback Form

About CSIAC

The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More

Contact Us

Phone:800-214-7921
Email:info@csiac.org
Address:   266 Genesee St.
Utica, NY 13502
Send us a Message
US Department of Defense Logo USD(R&E) Logo DTIC Logo DoD IACs Logo

Copyright 2012-2021, Quanterion Solutions Incorporated

Sitemap | Privacy Policy | Terms of Use | Accessibility Information
Accessibility / Section 508 | FOIA | Link Disclaimer | No Fear Act | Policy Memoranda | Privacy, Security & Copyright | Recovery Act | USA.Gov

This website uses cookies to provide our services and to improve your experience. By using this site, you consent to the use of our cookies. To read more about the use of our site, please click "Read More". Otherwise, click "Dismiss" to hide this notice. Dismiss Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.