13 November 2017

Cyber and electronic warfare an increasing global challenge

by Guy Martin

Cyber and electronic attacks are increasingly factors in warfare, such as the sabotaging of Iran’s nuclear facilities and the attack on the Ukraine’s electricity grid. This, according to defence analyst Helmoed Romer Heitman, begs the question of when is an electronic attack an act of war and how should a nation respond?

Heitman, at the Aardvark Roost Electronic Warfare South Africa 2017 International Conference and Exhibition on 7 November, looked at some of the key trends in electronic and cyber warfare. He said that electronic warfare, in all its forms, from intelligence gathering through jamming to electronic or digital attack, is increasingly a factor in war. This has long been understood in the conventional warfare environment – including communications disruption and more recently jamming of GPS signals and unmanned aerial vehicle (UAV) command lines – but today challenges are arising from irregular forces, disabling attacks on electronic systems and remote attacks on non-military systems.

Heitman said that electronic warfare is becoming very practical, for instance in the Ukraine, electronic artillery fuses are being jammed, rendering them useless. Even low-tech entities like the Lord’s Resistance Army (LRA) have used electronic warfare: they were able to detect areas of high cellphone chatter, indicating a potential operation could be getting underway.

Rebels are increasingly using cellphones, radios and satellite phones to communicate (such as rebels in the Central African Republic and Mali), but this also makes them vulnerable. Heitman pointed out that UNITA leader Jonas Savimbi was tracked through his satellite phone; Chechen General Dzhokhar Dudayev was killed by modified anti-radar bombs homing on his satellite telephone while he gave an interview; rebels in Iraq and Syria have been killed after posting geo-tagged photos to social media; and Colombian FARC rebels have been located while sending out press releases.

Heitman noted that guerrillas, terrorists, bandits and smugglers all make use of telecommunications, from mobile and satellite phones to email and social media, which makes them more effective but more vulnerable to location and tracking; intelligence collection and spoofing.

He sees communications and signals intelligence (COMINT and SIGINT) systems assuming ever-greater importance for operations against both regular and irregular forces and against criminal groups.

Technology is evolving rapidly and one area is improvised explosive devices (IEDs). Especially in the Middle East, these were typically detonated by radio/cellphone but due to IED jammers, these are now being detonated by command wires, infrared links, trip wires, pressure plates or even infrared beams that, when broken, detonate the device. IEDs can even be detonated after detecting an IED jamming signal.

IED tactics are also evolving. Vehicle-borne IEDs are used as a way to breach fortifications and as an element of surprise (this tactic has been used successfully in Somalia), while children are increasingly being used to carry IEDs (especially Boko Haram using girls in Nigeria).

Heitman said that airborne surveillance, detection and signal jamming systems are becoming increasingly valuable tools against a range of IEDs, with the best defence being stopping the IEDs being planted in the first place.

Another growing threat is the proliferation of guided weapons, with shoulder-launched surface-to-air missiles widely available to irregular forces and criminal groups. Heitman noted that anti-tank missiles are commonly used by groups in the Middle East and have been used to attack ships at sea – for instance an Egyptian patrol boat was hit by an anti-tank missile off Sinai. The INS Hanit was hit by an anti-ship missile off Lebanon, as was the former USNS Swift, now operated by the UAE, off Yemen.

Remotely operated vehicles are another technology that is gaining traction. Hamas in Gaza has a wide range of UAVs for reconnaissance purposes; Hezbollah in Lebanon uses Iranian supplied UAVs; Abu Sayef in the Philippines uses UAVs and Islamic State in Syria and Iraq use UAVs for reconnaissance, command and control, propaganda and attacks using improvised 40 mm grenades. In response, the Iraqi police modified commercial off the shelf UAVs with explosives and in turn used them to attack Islamic State targets. Meanwhile, Hamas is working on arming UAVs with rockets, with guided weapons probably not far behind.

Remotely controlled boats are being increasingly used – for instance a Saudi Navy frigate was recently struck by a remotely operated boat bomb off Yemen. The MV Limburg was attacked by a fast boat laden with explosives while passing Yemen, but it is not clear whether the boat was manned. The USS Cole attack over a decade ago in Aden was by a manned boat laden with explosives. And of course there are many unmanned ground vehicles in use.

As a result of these threats, a lot of effort is being expended on countering UAVs and similar threats. Using classic techniques such as missiles and cannons is often ineffective against small UAVs; other options are disrupting the command link, jamming the GPS signal, capturing the UAV or frying the electronics.

With regard to information operations and social media operations, Heitman noted that integrated communications and command and control systems make things easier for commanders but are vulnerable to jamming, direction-finding and eavesdropping. In addition, there is now the potential to insert false information. Through propaganda, it is possible to insert false information into the other side’s routine broadcasts and create fake content.

“And then there are the various social media which lend themselves ideally to spreading a propaganda message – as demonstrated during the Arab Spring and more recently by Russian operations during the US elections. What is interesting here is that even where a dictatorship keeps the bulk of the population under-educated and vulnerable to its propaganda, that does not mean the people are stupid – and access to social media can undo those efforts.”

Heitman emphasises that cyber operations have become a reality through cyber espionage, propaganda insertion, GPS spoofing etc. For instance Iran’s nuclear facilities were attacked through a cyber warfare campaign; denial of service attacks hit Estonia; Ukraine’s electricity grid has been attacked etc.

Finally, Heitman raises the spectre of electromagnetic pulse (EMP) weapons that could shut down a city or large parts of a country. “The EMP has arrived in the tactical domain – through aerial weapons and even handheld devices. Does this mean packing an abacus, notepaper, pencil and cleft stick for future operations?” he asked. “What about the digital ignition systems of vehicles?”

There are new questions that armed forces need to ask, such as when is a cyber attack an act of sabotage, terrorism or war and what is a justifiable and practicable response in each case? Should a missile be launched in response to an attack that does as much damage as a bombing would? And who should be responsible for cyber domain intelligence, counter-intelligence, protection, defence, counter-attack and pre-emption?

Heitman says there are presently few answers to these questions, but he is certain that cyber warfare should be a defence force function.

No comments: