Imagine a scenario where hackers take control of ground-based command and control systems and connected networks to either shut down a critical system or manipulate feeds leading to wrong decisions being taken on the battlefield. Communication systems, guidance systems, and situational awareness management systems could be targeted with intrusion or extended scans to exfiltrate data. An international geopolitical event may even be triggered by a cyber attack with many countries getting involved thanks to regional defense agreements.
Mission level cyber-threats
During peacetime, air force teams participate in multi-geography and multi-hardware training missions. Such missions often involve exercises to test response readiness, target acquisition and engagement, tactical advantage preservation, and testing of hardware and battlefield coordination. Such exercises use dedicated communication networks where sometimes new and untested systems (from a security perspective) and hardware are added. Such hardware could have a trojan code added inadvertently through stealthy supply chains.
Modification of systems during training (for compatibility with systems belonging to air force teams from other countries) could also open up new vulnerabilities. Such vulnerabilities could also open systems up for long-term scans for a potential malware insertion at a suitable time in the future. The use of old systems that may carry unpatched vulnerabilities could also contribute to an overall degradation of the overall security posture.
The type of mission and the number of nations involved can all contribute to the threats and risks that emerge. For instance, if the hardware diversity increases during a training exercise involving many countries, chances are that systems will be modified to ensure interoperability. This opens the system to cyber threats it may not be ready to deal with. This is why training exercises are keenly watched by adversarial nations as they could expose not just the strategic and tactical shortcomings, but such missions also bring together hardware and systems or varied origins and vintage.
Training missions can therefore introduce new threats and risks to systems. These threats could play out in the long or short term and reduce the ability of an air force entity to respond to or engage an adversary in the air or on the ground.
Electronic warfare in the air – Cyberwarfare in the air
Most unmanned and manned platforms have an electronic warfare suite embedded or added to them. These suites help in improving situational awareness, reducing the effectiveness of enemy radar, denying unrestricted access to the electromagnetic spectrum, misleading SAMs, electronic reconnaissance, improving stealth, or simply acquiring targets by intercepting communication. These electronic pods that house the electronic warfare suite could technically be jammed or remotely acquired by an adversarial nation’s cyberwarfare group and rendered inoperable.
Nuclear capable and non-nuclear capable ballistic missiles pose another major concern for air defense planners. The guidance systems of ballistic missiles could be targeted using a software-programmable radio frequency or modified electronic warfare signals that could jam or alter an ICBM’s flight trajectory toward a target.
Electronic warfare in space – Cyberwarefare in Space
Ground to space communications could be hacked into by APT actors who can then send a satellite off balance by manipulating its orbit control systems. The satellite could be made to lose its earth lock and turn into a threat to all space assets. Tracking such attacks will be a tough challenge especially if the satellite is lost or destroyed later. Considering the significance of space as a medium for communications through satellites any successful hacking will invariably lead to the shutdown of many systems on the ground including those related to GPS.
Complex multi-function satellites providing various services could be sitting ducks to such cyberattacks.
Are redundancy systems part of the solution or the problem?
There is a common myth about the use of redundant systems as a security layer. Nothing could be further from the truth at least in this context. Redundancy systems cannot be equated with security. In the case of a fighter jet, redundancy systems could prevent a crash in case the fly-by-wire systems are hacked into or disabled. But they do not provide any level of security to a system or render it more robust. In fact, redundancy systems could even introduce new vulnerabilities into the network as they are often picked for their ability to serve as ready backups for key systems rather than for their security robustness.
In summary, hacking of assets and networks connected with an air force could lead to:
- Loss of costly hardware on the ground
- Manipulation of the trajectory of ICBMs and ballistic missiles
- Air bases could be rendered offline in a massive DDoS attack
- Fighter jets could lose control of their electronic warfare pods
- Ground level ATCs and radar stations could be overwhelmed with false bogeys
- Broken arrow incident
- Loss of tactical advantage
- Faster asset attrition
Want to learn how to secure your air force and its entire digital footprint across connected and air-gapped networks? Talk to us now.
See our solution in action, book a demo now: Request Demo
Try our curated threat intelligence feeds for defense entities.