The Cyber Threat in the Marine Arena

Submarines, surface vessels, UUVs and underwater communication cables are all vulnerable to cyberattacks and electronic warfare at sea. What are the potential threats and the protective solutions?

Photo: Bigstock

The marine arena is characterized by a unique cyber warfare profile. Surface vessels, underwater vessels, coastal or aerial targets, unmanned vehicle swarms and even the C3 and weaponry suit of surface vessels can all function as attackers and as defenders. This operational duality, along with the complexity involved in the employment of naval vessels and platforms under the harsh conditions presented by the marine environment, present a conceptual challenge in coping with the cyber warfare threats in the marine arena, which calls for integrative thinking.

If one were to review the latest technologies currently entering the marine arena under the heading of 'cyber' (which also includes electronic warfare), they would become aware of the large-scale moves by the superpowers, who aspire for domination in cyberspace – at sea, too. One of the primary cyber threats applies to the underwater communication cables laid around the world. This cable infrastructure enables the existence of the global Internet. As such, it is vulnerable to malfunctions, sabotage or manipulation.

Cyber & Submarines

Submarines take part in the 'cable game' as they can monitor underwater cables for such purposes as listening, denying information or manipulating it. Along with the underwater cables, the USA and China endeavor to deploy in the underwater environment sensor networks that will cover the entire globe. Officially, these sensor networks are intended for research, but it is assumed that such networks may be used for monitoring the traffic of underwater or surface vessels through the underwater medium. These sensors may also possess various cyber and/or electronic warfare capabilities, subject to the restrictions that are characteristic of the underwater medium.

The USA announced that US Navy submarines possess cyberattack capabilities when they surface or extend an antenna. As the stealth characteristic of submarines can be utilized for intelligence gathering, why not provide them with the ability to stage cyberattacks as well?

In addition to traditional submarines, the underwater medium also contains Unmanned Underwater Vehicles (UUVs). These vehicles possess stealth capabilities, they are small, agile and can operate around the clock. They do not have to snorkel (surface for air) and have no human crew with biological and psychological needs. UUVs can perform cyber warfare missions just like those assigned to manned submarines, with one distinctive advantage – they can provide a continuous cyber warfare/electronic warfare capability as long as they have energy. In the USA they are currently seeking independent energy generation solutions that would enable these vehicles to remain and operate at sea indefinitely.

Threats to Surface Vessels

As far as surface vessels are concerned, they should be provided with immunity against cyberattacks. As vessels and weapon systems grow more sophisticated and as naval warfare grows more dependent on a common communication and data network (Network Centric Warfare – NCW), so naval forces become more vulnerable to cyberattacks. In line with this concept, naval forces – including the IDF Navy – fit their vessels with satellite communication systems, a channel that could prove to be a weak link with regard to the cyber warfare aspect.

As most of the weapon systems currently in use were designed and built in the previous decades, when the relevant authorities were not yet aware of cyberattacks and while using dedicated protocols, it is almost impossible to use traditional security mechanisms (firewalls, intrusion prevention systems) in order to protect and secure these systems.

A sophisticated attacker might use cyber resources in order to plant dummy targets in naval C3 systems, disrupt or deceive detection and target acquisition systems (theoretically, dominating Radar systems and planting dummy targets/hiding real targets using cyber resources is possible). Theoretically, the control and propulsion systems of the vessel itself can be hacked and the attackers can divert it off course or stop it altogether.

Such attacks require sophistication and good knowledge of dedicated protocols, but they are not essentially different from recently observed SCADA/ICS attacks. Additionally, the navigation and control systems of the naval vessel may be hacked through its satellite communication channel as it includes outdated or nonexistent security protocols.

Cyber/electronic warfare may also be used from the sea in order to disrupt landline and wireless communication systems. In an era of communication-based global economy, such damage to the communication infrastructure of a state, inflicted by a naval vessel, can undermine the economic strength of that state. The implication is that a naval vessel possessing cyberattack capabilities will become a strategic threat if it can stage an attack against the business economy of the opponent.

For many years, Soviet spy ships had monitored military and civilian radio traffic in the State of Israel, and it may be assumed that their modern-day successors possess measures for intercepting and jamming more modern data communication traffic, including cellular communication and WiFi.

Kinetic weapons (missiles, artillery shells and bombs) may also be employed in order to damage physical infrastructures used for Internet communication, thereby damaging the Internet traffic of the state. In a different scenario, a coordinated cyberattack against the seaports of a state can disrupt the ability to import and export goods into and out of that country, as today, most sea ports rely heavily on extensive computer systems in their operations.

The Aerial Arena & the Swarm Concept

Naval vessels at sea are required to engage in cybernetic duels with aircraft, too. Dedicated mission aircraft and transport aircraft may be fitted with cyber or electronic warfare gear capable of threatening naval vessels. Past reports indicated that C-130 transport aircraft of the US military took part in cyberattacks against land-based WiFi networks. Such aircraft may be provided with similar capabilities aimed at cellular or satellite communication networks. Capabilities of this type also leak to the UAV category.

As far as the offensive aspect is concerned, naval vessels possessing cyber capabilities can threaten aircraft within a given area cell, whether they use electronic warfare or cyber measures. Moreover, naval vessels also employ various airborne platforms – from aircraft through helicopters to UAVs. US forces have recently conducted an experiment with a UUV capable of surfacing, launching a UAV and commanding it.

The experiment, designated Unmanned Warrior 2016, examined the feasibility of employing a swarm of unmanned vehicles in the context of a multiple-theater scenario. Such swarms may be employed in the future for EW/cyber missions using suitable payloads.

In view of the importance of cyberspace to the marine arena in the context of future confrontations, the US Army established the Cyber Command in 2009. A year later, the US Navy 'resurrected' the Tenth Fleet (which, during World War II, defended the shipping routes in the Atlantic against German U-boats) as the US Fleet Cyber Command, subordinated to the Cyber Command and US Navy HQ.

The mission of the US Fleet Cyber Command is to secure communication networks and forces at sea and on land as well as to stage offensive operations in cyberspace in order to enable freedom of operation to the combat elements and deter potential attackers.

The decision to provide the Navy with cyber capabilities was no coincidence. It was the outcome of a strategic line of thinking by the US military, in favor of a demonstration of the strength of the USA, for the purpose of deterring attackers and promptly deciding the outcome of any military confrontation by using the superior military strength that provides the USA with total superiority in the air and at sea.

Until recently, such superiority would have been accomplished relatively simply – by geographically deploying a task force built around an aircraft carrier near the shores of the enemy country. Such a task force possesses the ability to cope with most of the world's navies and to inflict substantial damage on the target country using fighter aircraft, cruise missiles, sea-to-shore naval artillery and amphibious forces landed on the shore of the enemy country.

The Americans used this strategy in Kosovo, during the First Gulf War and in the context of the support they provided to the fighting in Libya, as well as on a more modest scale in the surgical combat operations staged against al-Qaeda in the Middle East, al-Shabaab in Somalia and ISIS in Iraq and Syria.

However, the progress made in the field of cyber capabilities over the last decade led to a situation where the presence and operations of physical forces without proper cybersecurity makes these forces vulnerable to threats that might seriously disrupt their activities. On the other hand, many of the required objectives may be accomplished without employing any physical forces, but by using cyber resources instead.

Some of the resources currently regarded as cyber tools are the direct descendants of such traditional EW/ECM tools as GPS jammers. The main difference is in the ability to affect, using cyber measures, non-military infrastructures and major segments of the population.

As far as naval forces are concerned, cyber is just another weapon in the over-all arsenal, one that is very similar to the EW tools that have been in use over the last 60 years. Like electronic warfare, this tool possesses both defensive and offensive capabilities, is used to deceive and deter the enemy and constitutes a complementary dimension to the use of physical weapons.

Cyberspace has undoubtedly evolved into an important factor in the marine arena, on the offensive as well as on the defensive. These new capabilities are expected to influence military strategic thinking as well as the role played by the naval element in combined arms operations in the context of the use of force. The ability to affect enemy C3 centers, civilian infrastructures and the business economy from the sea, using non-kinetic measures, positions cyber as a force multiplier of the naval arm, further validating this service branch as a strategic arm. 


You might be interested also