By Kris Osborn - Warrior Maven
Teams of Navy cyber warriors have joined the front lines at sea by deploying on both Carrier Strike Groups and Amphibious Ready Groups in an effort to keep pace with newly emerging enemy attacks and attempted intrusions.
As many as 17 Defense Cyber Operations teams are now deployed around the globe, Vice Adm. Michael Gilday, Commander, US Cyber Fleet Command, told Congress.
This revved up cyber warrior presence at sea indicates the widespread implicit concern that weapons and data networks across the service are becoming more vulnerable to enemy attacks. As a result, given the rapidly increasing degree to which ship based weapons, networks, fire control systems and other shipboard technologies are becoming more and more cyber reliant, the service is now making an extra high-tech push to improve offensive and defensive cyber tactics.
In particular, Gilday stressed that AI, machine learning and increased automation were indispensable to this effort.
“We need these tools to help sense what is normal and detect activity on the network that is outside that. This is so we can act quickly using advanced analytics enabled by AI and machine learning which will give us a tactical advantage in identifying malicious activity early,” Gilday told the Senate Armed Services Committee, Cybersecurity Subcommittee.
“We need to respond faster than the adversary - and envision automation as the means to outpace that threat. This includes increasing the diversity of our sensors on our networks and moving beyond strictly signature based capabilities to behavioral sensing,” Gilday told Congress in written testimony.
AI is fast becoming a widely deployed technology to leverage algorithms able to quickly process vast amounts of information while instantly drawing upon and organizing seemingly limitless amounts of historical data. This enabled cyber defenders to much more readily detect anomalies and cyber signatures likely to indicate a potential intruder.
Accessing pools of data in real time while drawing upon machine learning algorithms to identify patterns, determine context and integrate new information, cyber warrior are able to use what Gilday referred to as “big data analytics.”
"We are leveraging big data analytics, as well as machine learning to improve our ability to protect data in our networks,” he said.
With this in mind, Gilday specified the need to draw upon emerging “data science technologies” as a way to move faster and “improve an ability to proactively detect new and unknown malware.”
“Reducing the attack surface” through rapid integration of government and commercially developed patches, fixes across a network can decrease the “points of entry” for a potential attacker, Gilday said.
"The attack surface grows larger with aging operating systems when security patches to known vulnerabilities cannot be rapidly deployed across our networks, systems and applications,” he testified.
The Navy is already making strides using AI to cyber harden its growing ship-based ocean combat network, called Consolidated Afloat Networks and Enterprise Services (CANES).
CANES is being installed on carriers, amphibious assault ships, destroyers and submarines, and the service has completed at least 50 CANES systems and has more in production, Navy developers said.
Upgraded CANES, which relies upon hardened cyber and IT connectivity along with radio and other communications technologies, is being specifically configured to increase automation - and perform more and more analytical functions without needing human intervention. In fact, the Navy is already working on AI and CANES on its Littoral Combat Ship, Rear Adm. Danelle Barrett, Navy Cybersecurity Director, told Warrior in an interview last year.
This is precisely the kind of activity Gilday appears to want to emphasize with stepped up maritime cyber warriors, as ship-based networks bring their own set of unique challenges. Given the constraints of the maritime environment, most ship networking is dong using satellite internet and radio to leverage wireless technology.
Working closely with industry and academia are also widely emphasized areas of Navy focus, an initiative which includes building prototype cybersecurity techniques with industry partners such as CISCO Systems.
“We are working on a prototype for the Navy. We’ve just recently seen all the advantages with data analytics and AI. We have the ability to read and detect malware in encrypted web traffic,” Kelly Jones, Systems Engineer, Navy Modernization, CISCO, told Warrior Maven in an interview.