The Navy is embarking on a year-long effort to protect hardware and software servicewide, as the Internet of Things takes hold of everything from ship speakers to missile launchers.
“Task Force Cyber Awakening” will draw from U.S. Cyber Command Commander Adm. Michael Rogers’ reaction strategy to a major Navy computer system hack last year.
The shock of the event — blamed on Iranian hackers — is part of the reason for the name “Awakening.”
One item on the docket: Ensuring new apparatus, such as the Navy’s next-generation tactical afloat network, “CANES,” can operate safely with computers still running on outdated Windows XP software. Without foresight, the linkages could create new vulnerabilities.
Some of the systems that depend on CANES, which stands for Consolidated Afloat Networks and Enterprise Services, are running XP and CANES doesn’t have the ability to support XP, Matthew Swartz, the Task Force Cyber Awakening lead, told reporters on Friday.
(Related: The Navy Wants a Tactical Cloud)
“There’s a discussion and probably a press to do XP massive upgrades now: ‘Upgrade everything. It’s the No. 1 priority,‘“he said. “But I think what some would say, is, as we’re starting to evaluate all the cyber things we need to do, across the enterprise, XP upgrades may not be the No. 1 thing.”
The problem is the ripple effect of such changes.
“For the Navy, it’s very difficult to do massive operating system upgrades — that’s bigger than just doing a software upgrade,” Swartz said. “It requires doing some infrastructure changes as well,” and alterations must wait until ships comes ashore for regular maintenance. The growing number of connections between onboard systems and land-based systems also generates concern.
“It’s not only the interconnectedness of what’s on the ship,” Swartz said. “We’re starting to also evaluate the interconnectedness of our float platforms to the shore to make sure that we have the right connections in place and that we’re providing the right security.”
The task force will employ procedures Rogers devised for “Operation Rolling Tide,” the response to the cyber strike against the Navy Marine Corps Intranet. The Wall Street Journal first reported the incident in September 2013.
“Are Adm. Rogers’ fingerprints all over this? Without a doubt, and he probably doesn’t even know it.” Swartz said. “If you look at what we did for Operation Rolling Tide — Adm. Rogers was the hero of that. He was the one that realized that we need the ability to fight the network, we need the ability to maneuver the network [if] we are going to fight through a cyber incident.”
That approach will cover not only business computers but all networked capabilities, including combat and control systems. “We’re taking what he did when he was at 10th Fleet, and we’re actually taking that and broadening it to other parts of our enterprise,” Swartz said.
And none too soon. Military officials and researchers expect threats one day will be able to jump the “air gap” between a ship’s networked speaker system and, for example, malicious sound waves to derail a boat’s control systems.
“This is where you talk about fleets coming to a stop. Our ships are floating SCADA systems,” retired Capt. Mark Hagerott, deputy director of cybersecurity for the U.S. Naval Academy, said at a conference last year. SCADA refers to supervisory control and data acquisition systems that run industrial operations. “That would disrupt the world balance of power if you could begin to jump the air gap,” he said.