Special Forces in cyberspace

This international conference was a brain child of brigadier general Wojciech Marchwica – Chief of DKWS (Special Operations Component Command). Conference’s main purpose was to create a venue for dialogue between military experts in cyber-security and their civilian counterparts, representing foreign and domestic research centers.

NATO forces must currently face various new challenges, such as conflict between Russia and Ukraine or combating terrorist organizations. A new doctrine, one that allows for efficient defense against hybrid strikes is needed – said DKWS Chief in the conference`s opening statements. All those threats project a reflection on cyberspace, so creating potential to fend those off in necessary.

Internet of Things is the newest trend in the global network – stated Dominika Dziwisz, representing the Jagiellonian Univeristy. This theory assumes, that majority of electronic devices will be connected to the global network. Another current tendency is creation of augmented reality, which projects additional information onto the actual reality. Most of military systems are not connected to public networks, however can contain mentioned elements. Computerized head-up-displays or miniaturized fire control systems are great examples of such, as these can convey and project target images for benefit of the HQ.

Natural continuation of the Internet of Things idea is further development of autonomic, unmanned vehicles. These, after connecting to command networks, will soon be able to attack designated targets unassisted. Biggest risk of network-centric systems is a potential hacking attacks. Most simple GPS signal disruption will result in operation failure or interception/destruction of unmanned vehicle.

Military networks are usually protected from external influence, but the Stuxnet case (recognized as the first combat use of computer virus), shows that it`s is possible to penetrate into supposedly sterile nuclear plant computers. Cracow-based researcher emphasized that it`s impossible to slow down cyber technologies development, especially those on critical infrastructure level. To prevent the worst case scenario it is utterly important do define probabilities and potential vectors of such an attack and have tried and tested procedures for minimizing effects of this kind of strike.

Limiting possible damage of hacking attack starts right at the infrastructure building stage. Lieutenant Colonel Bartlomiej Biernacik from Akademia Sztuki Wojennej stated, that correctly designed network is able to function even when some of the terminals are down due to possible infection. Distributed Network seems to be the most resilient against typical cyber-attacks, providing that the assailants can`t locate and strike key nodes responsible for routing the data traffic.

Another way to improve infrastructure network security is redundancy of network elements. This allows for communication channel duplication and maintains basic communication capabilities even if some elements are not functional. Unfortunately, quite often this approach can`t be justified economically. Another key issue is correct servicing of the equipment, often by external civilian contractors. These service teams has to be properly verified and trusted to maintain network functionality.

Information monitoring (especially social media dynamics) is also an important issue of cyberspace operations. Maciej Milczanowski, Rzeszow University lecturer, stresses out that Internet is a very efficient platform for false leaders, who create an image of competency that can`t be verified effectively. This, together with post-truth approach is often utilized by crime and terrorists organization for recruiting new members. This is one of the possible explanations for young, moderate Europeans getting radicalized and involved in criminal activities. Discussion and conflicts (as a way to express certain beliefs) are normal in democratic society. Lucky, there are tools that can monitor and moderate these activities on the Internet.

In this context, the biggest threat can be associated with closed, leader-controlled communities. There is no way to measure such group`s potential and aspirations in the real world. This groups use a simple Karpman Drama Triangle of Persecutor-Victim-Rescuer to radicalize inter-human relations. This leads directly to Lucifer`s effect – a process which rapidly brutalizes social interactions. There are 3 main factors that contribute to this: lack of authorities, deterioration of living conditions (leading to stress and panic) and strong outside pressure on the helpless victim.

Combating cyber threats is one of the main directions in security domain nowadays. Global network is not only a place where terrorist can meet, but also a backdoor into national-level critical infrastructure. Lauri Lindström (NATO CCD COE), specializing in cybersecurity, emphasized how crucial it is develop correct structures and procedures at the national level.

So far only 77 countries developed their own cyber-strategies, 20 has dedicated structures and only 17 is capable of conducting their own cyber-attacks. The biggest such operations to date are Israel versus Syrian air defense, Georgia-Russia and Ukraine-Russia conflicts or America`s counteroffensive against ISIS from last year.

It is extremely difficult to define a finished directory of cyber operations. These activities go beyond the frame of typical intelligence operations or hacking attacks. When a whole Nation or large organization is under cyber-attack a term of cyber-weapon proliferation can be used.

Christopher Paul of RAND Corporation concluded the conference by showing examples of real structures and solutions used by USA Armed Forces. Operational-level threat neutralization, comparison of Cyber Commands operations to classic operations were the main subject of His presentation. There are similarities between these two – both require small teams of superbly trained and equipped specialists focused on a single task.

Another important issue is organization of such new structures. Currently USA Armed Forces has separate cyber-commands for each Force. However there is an ongoing discussion about creating a new type of Forces of specialized agency dealing with cyber-security. Creating a dedicated doctrine for operational purpose is also a key issue.

Should a specialized technician be attached to a combat unit (just as JTAC-s are presently integrated) or should soldiers be able to get a specialization in Field-IT? If so, would it be the same type of specialization as medics, EOD or engineers? How such new recruits can be acquired? Currently they arrive mostly from civilian life so there might be need to start a dedicated training school training soldiers to deal with military-related cybersecurity.