The newest combat domain is cyberspace, and Australia needs to do more to protect its digital borders and assets from threats.
As an arena of war, cyberspace is new, but the way war is executed in that arena is as old as war itself. There is attack, defence, deterrence and influence. The basics simply don’t change.
“These activities have been around since biblical times,” said Major General Marcus Thompson, an electrical engineer who now heads up Information Warfare Division in the Australian Defence Force (ADF) .
“What’s new, of course, is the conduct of these activities in cyberspace, in this relatively new operating domain. So a lot of what we do is adapting existing military tactics, techniques and procedures to this new war-fighting domain, and to the new technology that we have available to us.”
He might be an engineer, but Thompson sees his role as one of translation and interpretation. As a professional military officer who has deployed on many overseas operations and who commanded at every level from Troop to Brigade, Thompson said he now has the responsibility of ensuring everybody in his team understands each other’s needs.
“My role is two-way, helping engineers understand the requirements of the combat force and helping the combat force understand the capabilities that engineers bring,” he said.
“The other part is frameworks and systems. This is a key part of an engineer’s skillset, bringing some order to what can otherwise be a very complex space. I’m forever encouraging the technical staff to make the complex simple. We need to express complex terms, complex techniques and complex technology in ways that the audience understands. That’s especially important in Canberra.”
Speaking of understanding, what exactly is ‘information warfare’? It is the integration of technical and non-technical capabilities in the information environment, Thompson says. Technical capabilities include cybersecurity and electronic warfare. The non-technical side includes such areas as intelligence and information operations.
“When I talk about integrating those capabilities, it’s the synchronisation, the integration and the co-ordination of technical and non-technical information capabilities, but also the integration of those capabilities with other kinetic and non-kinetic effects to achieve a specific outcome,” he said.
“That outcome could be strategic, it could be operational, or it could be tactical. That outcome might end up being the delivery of a weapon system or, in my language, a ‘loud, orange effect’. It might also be to achieve some influence, without the requirement to deliver a weapon.”
The recognition of cyber as a war-fighting domain doesn’t mean it is a domain unto itself, completely separate from the land, air, sea and space domains. In fact, Thompson said most fighting goes on at the intersection of those domains.
“As an Army officer, I’ll often take the mickey out of my Air Force and Navy friends by saying, ‘I’m really glad you’re here, as it would be a long swim without you.’ But it really is a team effort. Everything from bombs delivered by fast jets to naval gunfire support to intelligence that might come from a submarine or an aircraft, all of that comes together to create success.”
Defending our networks
While cyber as an avenue for attack is undeniably interesting, the defence of our systems is far more important, Thompson says. It’s a far greater challenge, so deserves greater time and effort. The act of resisting attack can be broken up into three main areas. The first is protecting yourself and fellow personnel.
“Self-defence is everyone’s responsibility. It is cultural, it is about awareness. It’s that, ‘Don’t be the person to click on the link in the phishing email’ piece, from a cyberspace operations perspective,” he said.
“What are you posting online? How do you keep yourself, your mates and your family safe in cyberspace?”
A non-military example is the recent news about the dangers of fitness apps such as Strava. It’s great that you do regular exercise, but do you really need to show the world exactly where you run and when you run?
The next area of defence is passive defence, the domain of network operators and communicators. This is the piece where he says you make sure you have adopted all of the best practice recommendations for your system.
“With these measures you might stop 95 per cent of attacks,” he said.
“Are your patches up to date? How many people have administrator rights? Are you monitoring your network or your mission system sufficiently closely that you notice anything unusual? As an electrical engineer, it’s what I would refer to as ‘basic network hygiene’.
“For us, it’s not just about computer networks. With modern weapon systems, even some of the scopes on sniper rifles have IP addresses! So we can talk about a ship or a plane or, goodness me, a rifle, all being part of the military internet of things. That’s why I talk about both network and ‘mission systems’.”
Number three is active defence. This is about being active within networks in such a way that you quickly identify and respond to things that shouldn’t be there.
Major General Marcus Thompson, who heads up the Australian Defence Force’s Information Warfare Division.
Trends in cyber warfare
Major trends in the cyber world right now are around the understanding of the arena, as opposed to the technology in the arena itself.
“What I am seeing and sensing in terms of trend is a greater acceptance of the risk of attacks in the information domain. It’s now accepted, and that’s not just a military view,” Thompson said.
“We’re also seeing throughout Australian society, and certainly into the commercial domain, a greater understanding of the information environment and especially cyberspace. The third observation I’d make in terms of something you might list as a trend is some confusion and conflation of our terminology and our collective approaches, particularly to cyber defence and cybersecurity.”
That is partly why Thompson talks about cyber defence in the three areas of ‘self-defence’, ‘passive defence’ and ‘active defence’, he explained. It’s simply to bring some structure to the conversation.
“There are some folk who might have a virus checker on their personal computer, and some folk who want to go straight to more advanced techniques that are probably the exclusive domain of government,” Thompson said.
Change is guaranteed
Thompson is looking forward to the Australian Engineering Conference (AEC) to be held in Sydney in September, where he will be a keynote speaker on cyber and space security. In such a fast-moving industry, he said a new development the day before his speech could change it completely.
“At the AEC 2018 I’ll certainly speak as an engineer about the role of engineers in this space,” he said.
“But also, and perhaps more importantly given my role, I’m keen to let people know what the Australian Defence Force is doing in terms of the development of our information warfare capabilities. Then I’ll be discussing the opportunities that might exist for industry and academia to partner and work with us.”
Those capabilities are being developed to engineer an advantage. If young Australians are being put in harm’s way, Thompson said, the ADF wants to give them the very best tools to survive and succeed.
“Part of that is understanding what the future operating environment might be,” he said.
“Part of it is understanding and analysing potential threats and designing capabilities to generate a relative advantage.”