The destructive power of modern cyber-weapons are evolving at a blistering pace thanks to the increasing automation of cyber-attack tools and hacking software, lone cyber-criminals, mercenary hacker groups and state-sponsored espionage cells.
These have the power to inflict unprecedented damage on a country’s economic vitality, critical infrastructure and as we’ve recently seen in the UK, the government itself. With state militaries realizing that warfare in the 21st century is now conducted as much in the digital realm as it is in the physical, military leaders are turning to new and ‘intelligent’ defense systems to fortify their assets in cyberspace.
Earlier this year, Navy Adm. Michael S. Rogers, commander of US Cyber Command admitted to a house panel in Washington that hardly a day had gone by during his tenure at Cyber Command that he had “not seen at least one significant cybersecurity event occurring somewhere in the world”.
The exponential rise in major cyber-attacks is no accident; hackers now have access to an arsenal of highly powerful and readily available, automated attack tools. These range from automated distributed denial of service (DDoS) tools, to dictionary attack tools that automatically pump out endless password combinations into login entries, to social engineering toolkits that simulate multiple credential harvesting and phishing attacks at the same time as automatically disguising emails and malicious webpages. The devastation these tools can inflict became abundantly clear earlier this year when a global ransomware attack struck multiple organizations including the NHS, Spain’s Telefónica, FedEx, and Deutsche Bahn.
Using an automated delivery tool known as ‘eternal blue’, the WannaCry ransomware packages were delivered on a mass scale, infecting 300,000 computers in over 150 countries. The tool allowed the malware to spread through file-sharing protocols set up across the internal networks of various NHS Trusts, causing widespread disruption and delays, including the cancellation of critical operations.
To defend against such attacks, militaries around the world have realized that this is more than just a technological arms race, but a question of resources and manpower. To assess the critical systems within a force’s operational assets – whether this is a single employee’s laptop or an entire base’s network – requires time-consuming line-by-line review of the coding and configuration analysis.
At the moment, the manpower simply does not exist to carry out such detailed and stringent security auditing demanded of national militaries. (ISC)2's 2017 Global Information Security Workforce Study found that the IT security profession was expected to suffer a shortfall of 1.8 million cybersecurity workers by 2022. With such a deficit of cyber-defenders, manual penetration testing of IT systems to examine configured protocols and find security weaknesses can take anywhere between one to four days for a team to complete. When major cyber events are happening almost daily, this is time the military cannot afford.
Fighting fire with fire, leading defense agencies and military forces such as the US Department of Defense and NATO are deploying automated cyber-defense systems which can analyse vast and complex stretches of cyber-infrastructure for the type of hard-to-find vulnerabilities often exploited by the tools hackers use.
Cutting-edge ‘intelligent’ software can autonomously scour the blueprint of a network, inside everything from a Navy frigate to the communications equipment used in Afghanistan, identifying structural vulnerabilities in firewalls, protocol weaknesses and produce detailed reports on how to secure the systems.
Traditional vulnerability scanning tools simply mimic an attack by indiscriminately bombarding a device or network from the outside in the hope of finding a breach. It is the equivalent of shelling a warship to find if there are any chinks in its hull. Instead, new automated technology can now analyzes the very coding within a system’s defenses to find security vulnerabilities. The technology is comparable to an engineer conducting a detailed analysis of an entire tank’s blueprint to identify hidden design flaws in its armor.
With the ability to go into fine-grain analysis to find structural vulnerabilities, the technology enables defense agencies and military forces to conduct rapid, detailed and accurate security audits faster and more accurately than humanly possible. This dramatically reduces demand on the workforce and, with cyber skills in such short supply, allows organizations to focus human resources on high-level strategic work, including cyber-offensive programs, while using automation for baseline security.
The situation in cyber-space cannot be ignored; automated hacking tools are flooding the internet, enabling the replication of skilled cyber-criminals by machines. To contend with the rapid onslaught of attacks, leading global military and defense forces are using the same smart technology to reinforce the work of their security experts and strengthen their defenses.
If organizations around the world are to become truly capable of fending off increasingly automated attackers, then they must follow suit and deploy the next generation of automated defensive technologies.