recommended reading

Navy Takes on Internet of Things with New Task Force

The amphibious assault ship USS Makin Island, background, pulls alongside the aircraft carrier USS George H.W. Bush in the Persian Gulf.

The amphibious assault ship USS Makin Island, background, pulls alongside the aircraft carrier USS George H.W. Bush in the Persian Gulf. // Juan Guerra, U.S. Navy/AP

The Navy is embarking on a year-long effort to protect hardware and software servicewide, as the Internet of Things takes hold of everything from ship speakers to missile launchers.  

"Task Force Cyber Awakening" will draw from U.S. Cyber Command Commander Adm. Michael Rogers’ reaction strategy to a major Navy computer system hack last year.

The shock of the event -- blamed on Iranian hackers -- is part of the reason for the name "Awakening."

One item on the docket: Ensuring new apparatus, such as the Navy's next-generation tactical afloat network, "CANES," can operate safely with computers still running on outdated Windows XP software. Without foresight, the linkages could create new vulnerabilities.

Some of the systems that depend on CANES, which stands for Consolidated Afloat Networks and Enterprise Services, are running XP and CANES doesn't have the ability to support XP, Matthew Swartz, the Task Force Cyber Awakening lead, told reporters Friday. 

"There’s a discussion and probably a press to do XP massive upgrades now: 'Upgrade everything. It’s the No. 1 priority,'"he said. "But I think what some would say is, as we're starting to evaluate all the cyber things we need to do, across the enterprise, XP upgrades may not be the No. 1 thing." 

The problem is the ripple effect of such changes.

"For the Navy, it’s very difficult to do massive operating system upgrades -- that’s bigger than just doing a software upgrade," Swartz said. "It requires doing some infrastructure changes as well," and alterations must wait until ships comes ashore for regular maintenance. The growing number of connections between onboard systems and land-based systems also generates concern.

"It’s not only the interconnectedness of what’s on the ship,” Swartz said. "We’re starting to also evaluate the interconnectedness of our float platforms to the shore to make sure that we have the right connections in place and that we’re providing the right security."

The task force will employ procedures Rogers devised for Operation Rolling Tide, the response to the cyber strike against the Navy Marine Corps Intranet. The Wall Street Journal first reported the incident in September 2013. 

"Are Adm. Rogers’ fingerprints all over this? Without a doubt, and he probably doesn’t even know it." Swartz said. "If you look at what we did for Operation Rolling Tide -- Adm. Rogers was the hero of that. He was the one that realized that we need the ability to fight the network, we need the ability to maneuver the network [if] we are going to fight through a cyber incident." 

That approach will cover not only business computers but all networked capabilities, including combat and control systems.

"We’re taking what he did when he was at 10th Fleet, and we’re actually taking that and broadening it to other parts of our enterprise," Swartz said.

And none too soon. Military officials and researchers expect threats one day will be able to jump the "air gap" between a ship's networked speaker system and, for example, malicious sound waves to derail a boat's control systems.

"This is where you talk about fleets coming to a stop. Our ships are floating SCADA systems," retired Capt. Mark Hagerott, deputy director of cybersecurity for the U.S. Naval Academy, said at a conference last year. SCADA refers to supervisory control and data acquisition systems that run industrial operations. "That would disrupt the world balance of power if you could begin to jump the air gap," he said.

This post has been updated. 

Threatwatch Alert

Cyber espionage / Spear-phishing

Russia-Linked Hacker Unit Targets French Presidential Election

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.