How safe are our networks?

• slim10

  15 Nov 08, 13:37

  The basis of SAF 3G is now networking capability. From BMS to handheld PDAs/ACMS to DSC/Storm, all integrated into 1 network that will provide unparalleled situation awareness to the forces. Yet does it come with risks? WW2 demonstrates how LOCs can be easily intercepted (eg Ultra). Interceptions provide useful data to opposing forces in identifying movements, locations, orbats etc. Today, access to a single network with unparalled info can mean putting that same info into the hands of the potential aggressor. So how are these risks managed? One way without going into detail is the integration of similar network management strategies like existing signals networks, if not already done so. However, should Murphy's law be assumed and that any information can fall into the other party's hands?
• skythewood

  15 Nov 08, 13:46

  intranet?

• sgstars

  15 Nov 08, 15:32

  i think the networks are individual cells that can operate independently ?

  i dont quite get your question. you mean as in, the network as in a commander-level access security issue ? GOD-mode kind of view ?

  or is it about network segmentation into different layers ?

• Xcert

  15 Nov 08, 15:51

  Originally posted by sgstars:

  i think the networks are individual cells that can operate independently ?

  i dont quite get your question. you mean as in, the network as in a commander-level access security issue ? GOD-mode kind of view ?

  or is it about network segmentation into different layers ?

  I think what TS is asking is how secure is our communications systems...against hacking and that whatever we are transmitting are not incercepted by others.

   

  I dunno how to answer the question but I think its a valid concern...all those fancy systems will be useless if they can be intercepted by the enemy...encryption is of course one way...but as the saying goes...whatever can be encrypted...can be decrypted....the enigma would be a good example.

• sgstars

  15 Nov 08, 17:05

  hmm ?

  yea, which is why i mentioned, they operate in individual cells. its not something uniquely military anyway. certain corporations like banks or those with sensitive data, usually isolate and create self-contained networks (intranet). In this sense, we probably have several intranets with several key nodes that allow uplink and viewing the "bigger" picture with other intranets. Master/slave hierarchy amongst the nodes.

  individual cell = isolated ? = no hacking ? only certain terminals get high priority/access to certain other cells (i.e commander level assets)

  just extrapolating from my knowledge of networking. not too sure but its likely its something like that.

  dont think the whole system is networked to that large extent. a network engineer must always factor in redundancy and how to cope / adapt if one segment collapses.

   i dont think hacking/illegal entry is that such a big deal because of 3 reasons

  1) closed loop/isolated systems. 

  2) propertairy standards : the 90cent newspaper has carried several article of DSTA adapting and reprogramming some of our ik2c network components. Remember the C&C truck system ? that article mentioned a indigeneously developed software standard.

  3) comms : usually important / critical military comms / data stream dosent go via commercial bandwith passages and its encrypted (i.e commercially owned fibre optic land lines/telecomms satellite)  point being made here is, hackers cant reach military links, as they are non-commercial traffic. even if the do reach, its probably less essential/critical links that are riding on commercial traffic. but there's probably encryption on for data traveling on commercial traffic bandwith and military bandwith.

   

• Shotgun

  15 Nov 08, 17:30

  There's really no point to asking this, since no one can give you an answer to this. 

  Every network, commercial or military has risks and vulnerabilities.  Efforts are constantly made to discover them and fix them by vendors and suppliers.  Thats why equipments like these are always made to through testing. 

  There is really no answer.

• tankee1981

  16 Nov 08, 00:24

  Given our defence research establishment's emphasis on electronic warfare for the past decades(since their inception in fact)...i reckon our communications network should be well taken care of from such electronic attacks.

• sgstars

  16 Nov 08, 00:28

  but what i have heard la (this kinda stuff is sensitive)

  some of the smaller scale networks use COTS (commercial off the shelf) technology to achieve that kind of connectivity. might be risky in that sense.

  but i aint too sure about how and what is it secured.

• LazerLordz

  16 Nov 08, 03:20

  Such stuff, if you don't have the need to know, you don't need to know.

  It's somewhat sensitive.

• slim10

  17 Nov 08, 15:20

  Well, logically, the DSC or division strike centre will have a divisional situation awareness picture. That's already quite a massive picture to provide if access to the computer network is compromised. As game theory dictates, the more valuable the prize, the greater the focus by potential aggressors.... The Germans tot Enigma encryption was unbreakable but history showed otherwise. I see a potentially large market for computer network defense softwares....
• caleb_chiang

  17 Nov 08, 15:28

  why worry, they are only for show. If war, sure lose.

• ^Delta^

  17 Nov 08, 17:27

  Originally posted by caleb_chiang:

  why worry, they are only for show. If war, sure lose.

  
  Your reasons if any?

  If not your post represents an accurate depiction of your level of intelligence.

• edwin3060

  17 Nov 08, 17:53

  All codes can be broken, all intelligence can be compromised, given enough effort. The issue at hand is how you can make use of the information transmitted on the network before it becomes compromised.

• sgstars

  17 Nov 08, 18:06

  Originally posted by edwin3060:

  All codes can be broken, all intelligence can be compromised, given enough effort. The issue at hand is how you can make use of the information transmitted on the network before it becomes compromised.

   the issue here is access.

  how are you going to tap into something that a unknown protocol for local area network (cell network) and satellite links (presumably) for higher level command ?

  no access = no cracking of encryption = no compromised data.

  and presumably if we are taking about battlefield level access, that could be much harder.

  what is the enemy going to do ? hide somewhere with a laptop, wait for some BMS/ Tactical network equipped vehicle to passby, log in and leech free wifi ? and wham bam, find out all positions of our side's armoured vehicles ?

  alot of layers of authentication and trouble before that happens.any competent network engineer would know that. Intruders would have problems even identifying and locating networks.

  not so simple as find plug and play. propertairy data systems wont make this easy. assuming they can even identify the propertairy data network. simple things like packet flow control.a line or two of code embedded into each header of a packet of data can make things really complicated.

  although i dont think there's a current system of jamming for electronic communications data-links but i m not sure about this. does anyone know ?

  whats the sigint capability of our "competitors" does anyone know ?

  this is shaping to be a really interesting thread

   

• slim10

  17 Nov 08, 18:44

  There is some R&D into directed energy (DE) weapons to disrupt sensors. The MY govt has a tiny bit of expenditure on a US DE technical manual via FMS which can suggest they are looking at this. But it could also be just something about lasers...

  There is also issues of DE EM pulse weapons but my focus is not so much on denial of use but more on breach of security.

  Any info sent via the airwaves can be intercepted. Whether that can be decrypted is an issue. How much of that can be decrypted is another issue. Whilst military codes are a bit more difficult to crack than commercial satellite codes, I'd assume that they can eventually do so.

  Things like the below should be a regular feature.

  http://www.lm-isgs.co.uk/company/interaction/autumn_2006.pdf

  I also had the impression that one of the RMAF C-130s was ELINT capable. We can at least assume that there will be listening posts at places like in TUDM facilities in Bukit Lunchu, JB. That may explain why DSC went all the way to South Africa to test water....

• Arapahoe

  20 Nov 08, 02:58

  I am sure SG is being tested and challenged already.  

  Half way in the mids of US election the FBI show up at both Obama and McCain campaign office to let them know that their Server has been hacked and all their paper policy has been download by foreign entity.  

  And this is like the most bu lao stuff to look at. FBI was able to pin point to the specify country.

   

   

• fishbuff1

  20 Nov 08, 11:14

  DSTA doesnt even want to consider information security solutions for their backend sensitive data. let alone securing the entire network.

• Shotgun

  20 Nov 08, 17:59

  I think thats enough talk about security policies... =D

• Miracles&Prophecies

  21 Nov 08, 20:23

  Originally posted by slim10:

  However, should Murphy’s law be assumed and that any information can fall into the other party’s hands?

  Yes absolutely, even the ones stored in the heads of selective people. No secrets.

   

• DownAndOut

  21 Nov 08, 22:34

  anything thats connected to the internet is vulnerable.. 

• tankfanatic

  22 Nov 08, 02:16

  why are we talking about this stuff anyway? remember in the internet..what has been seen cannot be unseen....

• slim10

  23 Nov 08, 11:05

  Can't be like Ostrich. Just because head in the sand doesn't mean others aren't thinking about it. Such threads are meant to trigger focus.

  Same thing with chinese cyber attacks. Don't think they will just go for US only. They may think they can get useful info from US allies on US equipment/deployment and other useful info as well.