Managing the military's 'capability vulnerability paradox'
In recent months, articles raising alarms about the U.S. military's increasing vulnerability to cyber attack have flooded my email in-box. Some of this clearly is self-interested: Those in the cyber game obviously have an interest in promoting their specialty. But most of the concern is genuine and tags a real and mounting threat.
Perhaps the earliest manifestation of the problem was the risk presented by anti-satellite and electromagnetic pulse weapons to GPS-based navigation systems. So great has this concern become that the Naval Academy last year reinstated training in celestial navigation that had been phased out only ten years earlier.
But the broader problem reflects the military's escalating reliance on electronically networked computer systems to manage battlefield functions ranging from reconnaissance, surveillance, and target acquisition to precision engagement, logistics, and command and control.
The military, of course, isn't alone in expanding its reliance on digital networking. On the contrary, in many respects it's merely trying to catch up with civilian industry, which has long since turned to networking for everything from supply chain management to inventory control.
For the military, as for industry, the advantages offered by such networked capabilities are legion, ranging from faster and more comprehensive fusion and analysis of information to more responsive and accurate targeting and enhanced force protection.
But the very networking responsible for those advantages becomes a fatal liability should the network itself be compromised, whether by jamming the electronic communications supporting it or ó more insidiously ó by penetrating its components with worms, viruses, or false information.
The result is what Jacquelyn Schneider of the Center for a New American Security calls the "capability-vulnerability paradox." As the military becomes more dependent on digital systems and the networks that connect them to enhance its battlefield lethality, it also becomes more vulnerable to physical and electronic attacks on those systems and networks.
Schneider recognizes that it isn't unusual for new capabilities to introduce new vulnerabilities. But she points out that cyber is different in the sense that the very networking that underwrites proliferating digital capabilities renders the entire command-and-control system uniquely vulnerable to catastrophic failure.
Cyber attack thus threatens disproportionate damage, especially if employed by surprise before its target can harden itself. Cyber vulnerability thus puts a premium on attacking first, radically increasing the risk of crisis escalation.
At the heart of this problem is the progression of U.S. battlefield capabilities from what Schneider calls "digital enablement" to "digital dependence."
Enablement enhances capability, but its loss or damage merely forces the enabled system to revert to a less effective mode of operation. For example, a digitally enabled air defense system might be thrown back on co-located radars in the absence of connection to networked wide-area warning and targeting. The result would be less timely and efficient target engagement, but not helplessness.
Network dependence is much more fraught. In return for its undoubted advantages, it risks the entire loss of capability should the hosting network be compromised. A network-dependent air defense system without autonomous targeting capability would simply collapse, unable to react even to local threats.
It's that progression to network dependence that has Schneider and other thoughtful observers worried, in part because, to date, no technology has yet appeared that promises reliable insulation of battlefield networks from cyber attack. In too many cases, the first warning of cyber attack will be the loss or corruption of crucial information.
There are ways to mitigate this problem, and the military like civilian industry is exploring all of them. They range from improved digital firewalls and more jam-resistant radios to better training of system operators to recognize and react to the first indication of an attempted network penetration.
Meanwhile, efforts continue to develop technological means of protecting digital networks. On Aug. 16, China launched the world's first "quantum" satellite, hosting a communication system designed to foil tampering by encoding data in quantum particles that self-destruct when intercepted.
Someday, such technologies may help protect tactical networks. But until they do, and perhaps even afterward, the surest protection against catastrophic network failure is system redundancy, even when that redundancy perforce relies on technologically crude and even antiquated means and methods.
The Navy has the right idea. Celestial navigation may be slower and more painful to learn than simply reading a GPS-driven navigation display. But it gets the job done, and all the military services would be well-advised to build an equally reliable autonomous fall-back into every networked capability.