Category Archives: Cyber warfare

Artificial Intelligence and Cyber Defence

 

( Published IndraStra Global 23 Aug 2017)

The current year has seen unprecedented amount of hacker/ransomware attacks on government as well as private enterprises spread all across the world. Shadow Brokers came in form this year by leaking alleged NSA tools, which included a Windows exploit known as EternalBlue. In May, WannaCry ransomware crippled hundreds of thousands of computers belonging to public utilities, large corporations, and private citizens. It also affected National Health Service hospitals and facilities in the United Kingdom. It was halted in its tracks by utilising its flaws and activating a kill switch. WannaCry rode on Shadow Brokers leak of Windows OS weakness EternalBlue and the fact that the Windows MS17-010 patch had not been updated on many machines by the users.  In June, Petya (also known as NotPetya/Nyetya/Goldeneye) infected machines world-wide. It is suspected that its main target was to carry out a cyber-attack on Ukraine. It hit various utility services in Ukraine including the central bank, power companies, airports, and public transportation[1].

In 2009, Conficker[2] worm had infected civil and defence establishments of many nations, for example, the UK DOD had reported large-scale infection of its major computer systems including ships, submarines, and establishments of Royal Navy. The French Naval computer network ‘Intramar’ was infected, the network had to be quarantined, and air operations suspended. The German Army also reported infection of over a hundred of its computers. Conficker sought out flaws in Windows OS software and propagated by forming a botnet, it was very difficult to weed it out because it used a combination of many advanced malware techniques. It became the largest known computer worm infection by afflicting millions of computers in over 190 countries.

It is evident from the above incidents, which have the capability to inflict damage to both military and public institutions, that the amount of data and the speeds at which processing is required in case of cyber defence is beyond the capacity of human beings. Conventional algorithms are also unable to tackle dynamically changing data during a cyber-attack. Therefore, there is an increasing opinion that effective cyber defence can only be provided by real time flexible Artificial Intelligence (AI) systems with learning capability.

The US Defence Science Board report of 2013[3] states that “in a perfect world, DOD operational systems would be able to tell a commander when and if they were compromised, whether the system is still usable in full or degraded mode, identify alternatives to aid the commander in completing the mission, and finally provide the ability to restore the system to a known, trusted state. Today’s technology does not allow that level of fidelity and understanding of systems.” The report brings out that, systems such as automated intrusion detection, automated patch management, status data from each network, and regular network audits are currently unavailable. As far as cyber defence in military is concerned, in the US, it is the responsibility of the Cyber Command to “protect, monitor, analyze, detect, and respond to unauthorized activity within DOD information systems and computer networks”[4]. The offensive cyber operations could involve both military and intelligence agencies since both computer network exploitation and computer network attacks are involved. The commander of Cyber Command is also the Director of National Security Agency, thus enabling the Cyber Command to execute computer exploitations that may result in physical destruction of military or civilian infrastructure of the adversary.

AI utilizes a large number of concepts like, Machine Learning, Fuzzy Logic Control Systems, and Artificial Neural Networks (ANNs), etc. each of which singly or in combination are theoretically amenable for designing an efficient cyber-defence systems. The designed AI cyber defence system should proficiently monitor the network in real time and must be aware of all the activities that the network is engaged in. The system should be able to heal and protect itself. It should have self-diagnostic capabilities and sufficient inbuilt redundancies to function satisfactorily for a specified period of time.

Some advance research work in respect of active cyber defence has been demonstrated under various fields of AI, a few successfully tested examples are:

Artificial Neural Networks- In 2012, Barman, and Khataniar studied the development of intrusion detection systems, IDSs based on neural network systems. Their experiments showed that the system they proposed has intrusion detection rates similar to other available IDSs, but it was at least ~20 times faster in detection of denial of service, DoS attacks[5].

Intelligent Agent Applications-In 2013, Ionita et al. proposed a multi intelligent agent based approach for network intrusion detection using data mining[6].

Artificial Immune System (AIS) Applications- In 2014, Kumar, and Reddy developed a unique agent based intrusion detection system for wireless networks that collects information from various nodes and uses this information with evolutionary AIS to detect and prevent the intrusion via bypassing or delaying the transmission over the intrusive paths[7].

Genetic Algorithm and Fuzzy Sets Applications- In 2014, Padmadas et al. presented a layered genetic algorithm-based intrusion detection system for monitoring activities in a given environment to determine whether they are legitimate or malicious based on the available information resources, system integrity, and confidentiality[8].

Miscellaneous AI Applications- In 2014, Barani proposed genetic algorithm (GA) and artificial immune system (AIS), GAAIS – a dynamic intrusion detection method for Mobile ad hoc Networks based on genetic algorithm and AIS. GAAIS is self-adaptable to network changes[9].

In May, this year it was reported by Gizmodo[10] that over 60,000 sensitive files belonging to the US government were found on Amazon S3 with public access. Amazon S3 is a trusted cloud-based storage service where businesses of all sizes store content, documents, and other digital assets. 28 GB of this data contained unencrypted passwords owned by government contractors (for e.g. Booze Allen) with Top Secret Facility Clearance. It appears that many users had failed to apply the multiple techniques and best practices available to secure S3 Buckets and files.

This month, Amazon became the first public cloud provider to amalgamate Artificial Intelligence with cloud storage to help customers secure data[11]. The new service, Amazon Macie, depends on Machine Learning to automatically discover, classify, alert and protect sensitive data stored in Amazon Web Service, AWS.

From the above it can be seen that there is rapid progress in design and development of cyber defence systems utilizing AI that have direct military and civil applications.

 

[1] https://www.wired.com/story/2017-biggest-hacks-so-far/

[2] http://en.wikipedia.org/wiki/Conficker

[3] Office of the Under Secretary of Defence for Acquisition, Technology and Logistics, Resilient Military Systems and the Advanced Cyber Threat, United States Department of Defence, Defence Science Board, January 2013

[4] U.S. Government Accountability Office, “Defence Department Cyber Efforts,” May 2011, 2–3, http://www.gao.gov/new.items/d1175.pdf.

[5] D. K. Barman, G. Khataniar, “Design Of Intrusion Detection System Based On Artificial Neural Network And Application Of Rough Set”, International Journal of Computer Science and Communication Networks, Vol. 2, No. 4, pp. 548-552

[6] I. Ionita, L. Ionita, “An agent-based approach for building an intrusion detection system,” 12th International Conference on Networking in Education and Research (RoEduNet), pp.1-6.

[7] G.V.P. Kumar, D.K. Reddy, “An Agent Based Intrusion Detection System for Wireless Network with Artificial Immune System (AIS) and Negative Clone Selection,” International Conference on Electronic Systems, Signal Processing and Computing Technologies (ICESC), pp. 429-433.

[8] M. Padmadas, N. Krishnan, J. Kanchana, M. Karthikeyan, “Layered approach for intrusion detection systems based genetic algorithm,” IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), pp.1-4.

[9] F. Barani, “A hybrid approach for dynamic intrusion detection in ad hoc networks using genetic algorithm and artificial immune system,” Iranian Conference on Intelligent Systems (ICIS), pp.1 6.

[10] http://gizmodo.com/top-defence-contractor-left-sensitive-pentagon-files-on-1795669632

[11] https://www.forbes.com/sites/janakirammsv/2017/08/20/amazon-brings-artificial-intelligence-to-cloud-storage-to-protect-customer-data/#465ef0ef7432

Big Data Analytics in Indian Navy  

 

(Published IndraStra Global 16 Aug 2017)

“The single most effective thing you can do right now to improve the security of your computer is unplug it from the Internet. Pull out that Ethernet cable; throw the wireless router in the microwave. The vast, vast majority of infections that plague your machine will arrive via the Web[i].”                                                                                                                                                                                                                                      Omar El Akkad

Today standalone computers and devices can be injected by viruses using drones and aircraft to cripple a nation’s cyber capability. Air Gaps placed at critical points in cyber infrastructure does not provide protection against a cyber-attack anymore. US has been flying EC-130 H on daily missions to deny ISIS military leaders and fighters the ability to communicate and coordinate defensive actions by shutting down their cell phones, radios, IEDs and very likely their new weapon of choice, drones[ii].

Big Data management (Storage, Handling, Analysis, Transmission) is directly linked to its security. Big Data security involves, infrastructure security, data management, data privacy, and integrity & reactive security[iii]. The Government of India has appreciated the all-pervasive nature of the cyber space domain and has therefore structured a holistic approach to the issues of Cyber Security and Big Data.

Cyber Security

The Indian IT Act 2000 defines “Cyber Security” as means for protecting information, equipment, devices, computer, computer resource, communication devices and information stored therein from unauthorized access, use, disclosure, disruption, modification or destruction[iv].

The Government of India has recognised that Cyberspace is vulnerable to a wide variety of incidents, where in targets could be the infrastructure or underlying economic well-being of a nation state. A cyber related incident of national significance may take any form; an organized cyber-attack, an uncontrolled exploit such as computer virus or worms or any malicious software code, a national disaster with significant cyber consequences or other related incidents capable of causing extensive damage to the information infrastructure or key assets. Large-scale cyber incidents may overwhelm the government, public and private sector resources and services by disrupting functioning of critical information systems. Complications from disruptions of such a magnitude may threaten lives, economy and national security[v]. The Government of India released the National Cyber Security Policy 2013 with the Vision “To build a secure and resilient cyberspace for citizens, businesses and Government”. The stated Mission is “To protect information and information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threats, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology and cooperation”.

Some of the objectives of the policy are to; create a secure cyber ecosystem in the country, create an assurance framework for design of security policies, strengthen the Regulatory framework, enhance and create National and Sectoral level 24 x 7 mechanisms for obtaining strategic information regarding threats to ICT infrastructure, enhance the protection and resilience of Nation’s critical information infrastructure by operating a 24×7 National Critical Information Infrastructure Protection Centre (NCIIPC) and mandating security practices, develop suitable indigenous security technologies through frontier technology research, improve visibility of the integrity of ICT products and services, create a workforce of 500,000 professionals skilled in cyber security in the next 5 years, create a culture of cyber security and privacy, develop effective public private partnerships, enhance global cooperation by promoting shared understanding[vi].

Important agencies dealing with cyberspace include- National Information Board (NIB) which is an apex agency with representatives from relevant Departments and agencies that form part of the critical minimum information infrastructure in the country. National Cyber Response Centre – Indian Computer Emergency Response Team (CERT-In) which monitors Indian cyberspace and coordinates alerts and warning of imminent attacks and detection of malicious attacks among public and private cyber users and organizations in the country. It maintains 24×7 operations centre and has working relations/collaborations and contacts with CERTs, across the globe. National Information Infrastructure Protection Centre (NIIPC) is a designated agency to protect the critical information infrastructure in the country.

Big Data Analytics

In India, Department of Science and Technology the under Ministry of Science and Technology and Earth Sciences has been tasked to develop Big Data Analytics, BDA eco system.[vii] DST has identified important areas for development of BDA eco system in India. Creation of the HR talent pool is the first requirement. This will require creation of industry academia partnership to groom the talent pool in universities as well as development of strong internal training curriculum to advance analytical depth. The Big Data Analytics programme has five steps: –

-to promote and foster big data science, technology and applications in the country and to develop core generic technologies, tools and algorithms for wider applications in Govt.

-to understand the present status of the industry in terms of market size, different players providing services across sectors, SWOT of industry, policy framework and present skill levels available.

-to carry out market landscape survey for assessing the future opportunities and demand for skill levels in next ten years.

– to bridge the skill level and policy framework gaps.

– to evolve a strategic road map and micro level action plan clearly defining roles of various stakeholders such as government, industry, academia and others with clear timelines and outcome for the next ten years.

National Data Sharing and Accessibility Policy (NDSAP) 2012 of DST is designed to promote data sharing and enable access to government owned data.

Big Data Analytics infrastructure development in India is being steered by the C-DAC (Centre for Development of Advanced Computing), Ministry of Electronics and Information Technology. State of the art hardware system and networking environment has already been created by the C-DAC at its various facilities. C-DAC’s research focus in cloud computing includes design and development of open source cloud middleware; virtualization and management tools; and end to end security solution for the cloud. A number of applications in C-DAC are being migrated to cloud computing technology. C-DAC regularly conducts Training on “Hadoop for Big Data Analytics” and “Analytics using Apache Spark” for various agencies including Defence.

Indian Navy-Big Data Analytics

The Big Data Analytics infrastructure for the Indian Navy operates under the holistic approach of the Government of India with respect to Big Data Analytics eco system and cyber security.

Indian Navy has a robust naval network with thousands of computers connected to it. This naval network ensures information availability/ processing, communication services, service facilitation platforms, multi-computing platforms, resources/information sharing, data warehousing, and so on. However, Cyber Security and Network Integrity is crucial to protect the naval network from data theft, denial of service, malicious viruses/ trojans attacks, single point failure, data & network integrity loss, and active/ passive monitoring.

Indian Navy has Naval Unified Domain NUD or Enterprise Intranet, which is back bone of Indian Navy. All communications, internal to enterprises, are through NUD only. It offers secure, isolated, fast and reliable connectivity across navy. NUD network operates only on controlled data (no unknown data from other applications is permitted) which can be easily segregated and analysed.

Vulnerabilities arise as personnel working on NUD may need to transfer data from internet to NUD and vice-versa, which may lead to security breaches of NUD. Further, physical guarding of NUD network lines against Men-in-the-Middle Attack is a complex task since Naval units are located at different geographical locations. There is also a possibility of attacks carried out by sophisticated software and hardware technologies such as via a mirror port or via a network tap to undertake passive monitoring, active monitoring, and certificates replications and so on.

The applicability of big data analytics in context of Indian Navy is very much in line with the developed forces in the world. There exists a requirement of efficient big data analytics in the fields of intelligence, operations, logistics, mobilization, medical, human resources, cyber security and counter insurgency/ counter terrorism for the Indian Navy. There is also the associated requirement to acquire predictive capability to anticipate specific incidents and suggest measures by analysing historical events.

However, due to nascent nature of big data analytics its awareness is limited to a small number of involved agencies in the Navy. The benefits of big data in operational scenario decision making while safe guarding accuracy and reliability have not yet been internalized. Big data projects even at pilot scales may not be available currently. In the present situation, decision makers are not clear about capability of big data, costs, benefits, applicability or the perils if any of not adopting big data.

Big data holds enormous potential in Naval Context to make the operations of Navy more efficient across the entire spectrum of its activity. The research and development necessary for the analysis of big data is not restricted to a single discipline, and requires an interdisciplinary approach. Computer scientists need to tackle issues pertaining to inferences, statisticians have to deal with algorithms, scalability and near real time decision making. Involvement of mathematicians, visualizers, social scientists, psychologists, domain experts and most important of all the final users, the Navy, is paramount for optimal utilization of big data analytics. The involvement and active participation of national agencies, private sector, public sector, and armed forces would ensure full exploitation of the potential of big data for the Indian Navy.

The need today is to start feasibility studies and research programs in select fields in order of desired priorities, followed by pilot studies and thereafter adapting COTS hardware and available big data analytic software suit

[i] Omar El Akkad. Nothing is hack-proof: The guide to safer computing. The Globe and Mail, 08 Apr, 2014. https://www.theglobeandmail.com/technology/digital-culture/nothing-in-your-digital-life-is-hack-proof-the-guide-to-safer-computing/article17858297/ (Accessed 10 Aug 2017)

[ii] Wetzel, G. The Little-Known Aircraft That Wages War On ISIS’ Communications. Jalopnik,31 Mar 2017.

http://foxtrotalpha.jalopnik.com/the-little-known-aircraft-that-wages-war-on-isis-commun-1793901527 (Accessed 12 Aug 2017)

[iii] Big Data Working Group; Cloud Security Alliance (CSA). Expanded Top Ten Big Data Security and Privacy. April 2013. https://downloads.cloudsecurityalliance.org/initiatives/bdwg/Expanded_

Top_Ten_Big_Data_Security_and_Privacy_Challenges.pdf (accessed 10 Aug 2017).

[iv] Indian IT Act 2000 as amended in 2008. http://meity.gov.in/writereaddata/files/it_amendment_act2008%20%281%29_0.pdf (Accessed 10 Aug 2017)

[v] National Cyber Security Policy -2013

http://164.100.94.102/writereaddata/files/downloads/National_cyber_security_policy-2013%281%29.pdf (Accessed 12 Aug 2017)

[vi] ibid.

[vii] Big Data Initiative.Department of Science and Technology, Ministry of Science and Technology and Earth Sciences, Government of India. http://dst.gov.in/big-data-initiative-1 (Accessed 10 Aug 2017)

 The Challenge of Military Artificial Intelligence

 (Abridged version published in SP’s Military Year Book 2017)

Intelligent machines were the focus of research work at many institutes after the WWII. In 1950, Alan Turing argued that if the machine could successfully pretend to be human to a knowledgeable observer then one certainly should consider it intelligent[i]. The credit of coining the phrase ‘Artificial Intelligence’ goes to John McCarthy in 1955. A number of scientists have defined Artificial Intelligence, (AI) in a varying manner; however, there appears to be no single definition, which has been universally accepted. All the definitions of AI are connected with human intelligence in some way, some of them are:

– “The study of mental faculties through the use of computational models”[ii].

-“The art of creating machines that perform functions requiring intelligence when performed by people”[iii].

-“A field of study that seeks to explain and emulate intelligent behavior in terms of computational processes”[iv].

– “The study of how to make computers do things at which, at the moment, people are better”[v].

– “The study of the computations that make it possible to perceive, reason, and act”[vi].

– “The branch of computer science that is concerned with the automation of intelligent behavior”[vii].

Strong AI has been defined as that moment when “humankind is in the presence of an intelligence greater than its own”[viii], and as “strong AI is reached once the computer regarded as such is conscious of its abilities”[ix].

AI imbibes knowledge from different fields like Computer Science, Mathematics, Engineering, Cognitive Science, Philosophy, and Psychology. AI embodies a wide range of intelligent search methods, techniques for obtaining clarity where uncertainties exist in data and knowledge, and various types of machine learning & representation schemes of knowledge. Its various applications include, speech recognition, natural language processing, expert systems, neural networks, intelligent robotics, gaming and 3D vision. There is a need to define machine learning and deep learning before moving on to the military applications of AI.

Machine learning. It has evolved from the study of computational learning theory, pattern recognition, and artificial intelligence. It is a subfield of computer science.[x] It has been defined in 1959 by Arthur Samuel as a “Field of study that gives computers the ability to learn without being explicitly programmed”. Machine learning relies upon utilizing algorithm constructions to perform predictive analysis on data[xi]. Machine learning tasks fall into three basic categories namely[xii]; Supervised learning is one in which the computer is presented with example inputs and their desired outputs, and the goal is to learn a general rule that maps inputs to outputs; Unsupervised learning is one where no labels are given to the learning algorithm, leaving it on its own to find structure in its input; and Reinforcement learning is one where a computer program interacts with a dynamic environment in which it must perform a certain goal.

 Deep Learning. Le Deng and Dong Yu of Microsoft have provided the following definitions for Deep Learning[xiii]:

-A class of machine learning techniques that exploit many layers of non-linear information processing for supervised or unsupervised feature extraction and transformation, and for pattern analysis and classification.

-A sub-field within machine learning that is based on algorithms for learning multiple levels of representation in order to model complex relationships among data.

-A sub-field of machine learning that is based on learning several levels of representations, corresponding to a hierarchy of features or factors or concepts, where higher-level concepts are defined from lower-level ones, and the same lower level concepts can help to define many higher-level concepts.

Some of the deep learning architectures built around neural networks are deep belief networks, deep neural networks and recurrent neural networks. The use of deep learning architectures in automatic speech recognition, bioinformatics, natural language processing, and 3D vision etc has resulted in remarkable successes.

As per Jeff Hawkins and Donna Dubinsky of Numenta, building of smart machines has involved three basic approaches. These are the Classic AI, Simple Neural Networks, and Biological Neural Networks.[xiv]

The classic AI approach involved computer programs that were based upon abilities of the human brain to solve simple problems. However, the computers required large amounts of inputs from knowledge experts to lay down the rules based upon their expertise and experience in problem solving. Thus, the classic AI systems were created specific to a problem, while they were very useful in case of problems which had been defined in detail they could not learn on their own and provide solutions to problems. They failed in comparison with general human intelligence.

When the limitations of Classic AI were encountered, scientists looked at the functioning of the human brain at the level of neurons and this resulted in Artificial Neural Networks (ANNs). The ANNs lay emphasis upon unsupervised learning from data provided to them. Thus, the Simple Neural Networks learn from data and do not require experts to lay down the rules. The Simple Neural Network is a mathematical technique that locates patterns in large, static data sets[xv]. The ANNs are a subset of machine learning techniques that processes large amount of data using statistical and mathematical techniques in addition to ANNs to provide results. ANNs have transformed into Deep Learning networks with the advent of humongous data and fast computers. Thus, Simple Neural Networks could provide solutions where Classic AI could not. However, the Simple Neural Networks too have limitations when data is dynamic or when data is limited for training.

In the Biological Neural Approach, emphasis is laid upon studying how a human brain works to cull out the properties that are required for intelligent systems. It is established that, information is represented in the brain using sparse distributed representations or SDRs. Further, it is known that memory is a sequence of patterns, behavior is essential part of learning, and that learning has to be continuous. Therefore, the building blocks of intelligent machines should be SDRs[xvi]. The biological neuron is also not as simple as conceived during the Simple Neural Network approach.

Military applications of AI can be found in almost all aspects of military from decision-making, equipment operations, sensors, weapons systems to unmanned vehicles. The military is adopting AI mainly because it results in much fewer casualties, higher efficiency, and lower costs. Intelligent robotics and unmanned vehicles for army, navy, and air force are bringing in a new revolution in standoff warfare. The war against terrorism is practically being fought with unmanned weaponized aerial vehicles in Afghanistan, Syria and Iraq. Be it air traffic control in a combat zone, which would allow manned and unmanned aircraft, weapons etc. to operate without conflict by automated routing and planning; or military decision making in fog of war; or a radar’s target identification algorithms which look at the shape of possible targets and their Doppler signatures; AI is integral to all these systems. In this article two major categories of military applications are discussed which pertain to cyber defence and military logistics.

Applications of AI in Cyber Defence

In 2009, Conficker[xvii] worm infected civil and defence establishments of many nations, for example, the UK DOD reported large-scale infection of its major computer systems including ships, submarines, and establishments of Royal Navy. The French Naval computer network ‘Intramar’ was infected, the network had to be quarantined, and air operations suspended. The German Army also reported infection of over a hundred of its computers. Conficker sought out flaws in Windows OS software and propagated by forming a botnet, it was very difficult to weed it out because it used a combination of many advanced malware techniques. It became the largest known computer worm infection by afflicting millions of computers in over 190 countries.

It s evident that the amount of data and the speeds at which processing is required in case of cyber defence is not feasible for human beings to carry it out. Conventional algorithms also cannot tackle dynamically changing data during a cyber attack. It appears that cyber defence can only be provided by real time flexible AI systems with learning capability.

The US Defence Science Board report of 2013[xviii] states that “in a perfect world, DOD operational systems would be able to tell a commander when and if they were compromised, whether the system is still usable in full or degraded mode, identify alternatives to aid the commander in completing the mission, and finally provide the ability to restore the system to a known, trusted state. Today’s technology does not allow that level of fidelity and understanding of systems.” The report brings out that, systems such as automated intrusion detection, automated patch management, status data from each network, and regular network audits are currently unavailable. As far as cyber defence is concerned in the US, it is the responsibility of the Cyber Command to “protect, monitor, analyze, detect, and respond to unauthorized activity within DOD information systems and computer networks”[xix]. The offensive cyber operations could involve both military and intelligence agencies since both computer network exploitation and computer network attacks are involved. The commander of Cyber Command is also the Director of National Security Agency, thus enabling the Cyber Command to execute computer exploitations that may result in physical destruction of military or civilian infrastructure of the adversary. Some advance research work in respect of active cyber defence has been demonstrated under various fields of AI, some successfully tested examples are:

Artificial Neural Networks- In 2012, Barman, and Khataniar studied the development of intrusion detection systems, IDSs based on neural network systems. Their experiments showed that the system they proposed has intrusion detection rates similar to other available IDSs, but it was at least ~20 times faster in detection of denial of service, DoS attacks[xx].

Intelligent Agent Applications-In 2013, Ionita et al. proposed a multi intelligent agent based approach for network intrusion detection using data mining[xxi].

Artificial Immune System (AIS) Applications- In 2014, Kumar, and Reddy developed a unique agent based intrusion detection system for wireless networks that collects information from various nodes and uses this information with evolutionary AIS to detect and prevent the intrusion via bypassing or delaying the transmission over the intrusive paths[xxii].

Genetic Algorithm and Fuzzy Sets Applications- In 2014, Padmadas et al. presented a layered genetic algorithm-based intrusion detection system for monitoring activities in a given environment to determine whether they are legitimate or malicious based on the available information resources, system integrity, and confidentiality[xxiii].

Miscellaneous AI Applications- In 2014, Barani proposed genetic algorithm (GA) and artificial immune system (AIS), GAAIS – a dynamic intrusion detection method for Mobile ad hoc Networks based on genetic algorithm and AIS. GAAIS is self-adaptable to network changes[xxiv].

From the above it can be seen that there is rapid progress in design and development of cyber defence systems utilizing AI that have direct military applications.

Applications of AI in Military Logistics

Some of the challenges being faced by militaries in both peace and war include ensuring the adequacy of maintenance and repair of sophisticated  equipment, weapons, armament and ammunition; ensuring the supportability of missions with due planning; and guaranteeing  the availability of qualified personnel to carry out the assigned tasks. AI and associated technologies have made impressive inroads in civil and military logistics to ease the cumbersome operations and procedures involved. It has now been established that AI has significantly improved the systems and processes in the logistic chain and has led to considerable savings for the military establishments. AI encompasses many innovative technologies that are being used in military; some of these are discussed in succeeding paragraphs.

-Expert systems are software programs that usually serve as intelligent advisors in specific areas of expertise. Expert system technology has percolated to all functional areas of production and logistics of the military. Logistics expert systems in areas of inventory management, transportation, warehousing, acquisition, maintenance, and production are common. Examples include, the Inventory Manager’s Assistant of US Air Force, Dues Management Advisor (DMA) of the US Navy and Logistics Planning and Requirements Simplification (LOGPARS) system of the US Army.

-Natural language systems convert languages into computer language, thus making it feasible to communicate with computers in language of choice obviating the need to master computer languages. Natural language applications are being used to provide user-friendly query capability for large databases pertaining to logistics.

-Speech recognition systems allow user to interact directly with computers thus eliminating the use of keyboards. The voice signal is digitized and compared with stored voice patterns and grammatical rules for computer to understand the voice message. For example, US Air Force Logistics Command (AFLC) is using a speech recognition system in its depot warehouses to interface with the warehouse’s automated storage module (ASM); the US Army is using speech recognition system in association with a diagnostic system for carrying out maintenance of its motor vehicles as well as in its transportation planning[xxv].

-3D vision technology allows a computer to “sense” its environment and classify the various objects in its vicinity. The US Navy is using this in its Rapid Acquisition of Manufactured Parts (RAMP) program and the US Air Force for reverse engineering parts in its maintenance facilities. 3D vision applications are of significant importance in using robotics for logistics.

-Intelligent robots incorporate a host of AI technologies to mimic specific work undertaken by human beings. Mobile robots are being increasingly utilized in activities from patrolling to investigating and neutralizing explosives[xxvi]. Mobile robotic systems are used for carrying out routine inspections of nuclear missiles. They have eliminated the need of human element from going into containment systems. The robot is remotely operated from outside the containment zone. As far as arming of robots (Lethal Autonomous Weapons) is concerned, thousands of scientists and technologists, including, Elon Musk, Stephen Hawking, and Steve Wozniak signed an open letter in 2015 asking for a ban on lethal weapons controlled by artificially intelligent machines[xxvii]. The letter states “Artificial Intelligence (AI) technology has reached a point where the deployment of such systems is—practically if not legally—feasible within years not decades, and the stakes are high: autonomous weapons have been described as the third revolution in warfare, after gunpowder and nuclear arms.”

-Neural networks are designed based upon models of the way a human brain functions. They are capable of associative recall and adaptive learning. Because of the massive processing power associated with such networks, they are being increasingly utilized in logistic applications. Eyeriss is a new microchip fabricated at MIT and funded by DARPA that has the potential to bring deep learning to a smart phone that can be carried by a soldier[xxviii].

DRDO and AI

Centre for Artificial Intelligence and Robotics (CAIR), Bengaluru and Research and Development Establishment (Engineers) R&DE(E), Pune are the main laboratories of Defence Research and Development Organisation (DRDO) in India working in the area of artificial intelligence and robotics. A family of robots that have been developed for various surveillance / reconnaissance applications include[xxix]; RoboSen mobile robot system for patrolling, reconnaissance, and surveillance. It is capable of autonomous navigation with obstacle avoidance capability and continuous video feedback; Miniature Unmanned Ground Vehicle (UGV) is a ruggedized man-portable robotic system for low-intensity conflicts; Walking robots with six and four legs for logistics support; and Wall climbing & flapping wing robots for potential usage in Low Intensity Combat (LIC) operations.

Some projects under development include[xxx]:

-AI Techniques for Net Centric Operations (AINCO) – A suite of technologies for creation of knowledge base, semantic information reception and handling, inference reasoning, and event correlation.

-Knowledge Resources And Intelligent Decision Analysis (KRIDA) – A system that aims to achieve the management of large-scale military moves using extensive knowledge base and data handling.

-INDIGIS 2D/3D – An indigenous Geographic Information System (GIS) kernel that provides platform for development of display, analysis, and decision support involving spatio-temporal data.

-S57 Viewer – for viewing more than one lakh tracks.

-IVP_NCO and IP Lib – A comprehensive suite of image and video processing applications to provide a unified solution to image and video processing in the net-centric operations.

-Indigenous Network Management System (INMS) – An indigenous NMS with resource planning, network planning, and network monitoring tools for IP network management.

Future of Military Artificial Intelligence

The global defence sector has seen unprecedented adoption of unmanned systems and robotics. This has been mainly due to various factors like; reduction in own casualties and feasibility of riskier missions using robots; high precision, minimal collateral damage, longer endurance and range; quicker reaction times with greater flexibility; and finally cost benefits accruing due to reduction in cost of technology with increased percolation. Unmanned aerial systems comprise as much as over 80% of all military robots, in past six years US spending on military UAVs has increased by ten times[xxxi]. Today over 90 countries are operating drones with over 30 armed drone programs. Many programs including, Drone mother ships in air and water; swarm warfare on land, sea and air; high definition real time ISR; wearable electronic packages for soldiers with exoskeletons; and exotic weapon systems are likely to be inducted within the coming decade. The threat of cyber attacks on the AI systems is very real. AI Machines are connected to the human controllers for taking and executing critical commands, the linkages can be hacked both through electronic warfare as well as cyber attacks. Since AI runs entirely on software, there is a finite probability of it being manipulated and used against the owner. DARPA had run a three year ‘Cyber Grand Challenge’[xxxii] to accelerate the development of advanced, autonomous systems that can detect, evaluate, and patch software vulnerabilities before adversaries have a chance to exploit them. The competition which ended on 4th of Aug 2016, achieved its aim to prove the principle that machine-speed, scalable cyber defense is possible. This would mark the beginning of a new era in much needed cyber defence of AI systems.

 As far as AI is concerned it suffices to quote US deputy secretary of defense, Robert Work  “…the 2017 fiscal budget request will likely ask for $12-$15bn for war gaming, experimentation and demonstrations to test out the military’s theories on AI and robotics ‘in human-machine collaboration combat teaming’…”[xxxiii]

[i] http://www-formal.stanford.edu/jmc/whatisai/node1.html

[ii] Charniak, E., & McDermott, D. Introduction to artificial intelligence. Addison-Wesley Longman Publishing Co., Inc. Boston, MA, USA ©1985,ISBN:0-201-11945-5

[iii] Kurzweil, R. (The Age of Intelligent Machines. MIT Press, Cambridge, Massachusetts

[iv] Schalkoff, R. I. Artificial Intelligence: An Engineering Approach .McGraw-Hill, New York.

[v] Rich, E., and Knight, K. Artificial Intelligence. McGraw-Hill, New York, second edition.

[vi] Winston, P.H. Artificial Intelligence. Addison-Wesley, Reading, Massachusetts, third edition.

[vii] Luger, G.F. and Stubblefield, W.A. Artificial Intelligence: Structures and Strategies for Complex

Problem Solving. Benjamin/Cummings. Redwood City, California, second edition.

[viii] Barrat, James. Our Final Invention: Artificial Intelligence and the End of the Human Era. New York, NY: St. Martin’s Press.

[ix] Russell, Stuart, and Peter Norvig. Artificial Intelligence: A Modern Approach. Montreal, QC: Prentice Hall.

[x] http://www.britannica.com/EBchecked/topic/1116194/machine-learning

[xi] Ron Kohavi; Foster Provost (1998). “Glossary of terms”Machine Learning30: 271–274.

[xii] Russell, StuartNorvig, Peter  . Artificial Intelligence: A Modern Approach (2nd ed.). Prentice Hall. ISBN 978-0137903955.

[xiii] Li Deng and Dong Yu, Deep Learning: Methods and Applications. https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/DeepLearning-NowPublishing-Vol7-SIG-039.pdf

[xiv]Jeff Hawkins & Donna Dubinsky, What Is Machine Intelligence Vs. Machine Learning Vs. Deep Learning Vs. Artificial Intelligence (AI)? http://numenta.com/blog/machine-intelligence-machine-learning-deep-learning-artificial-intelligence.html

[xv] Ibid.

[xvi] Ibid.

[xvii] http://en.wikipedia.org/wiki/Conficker

[xviii] Office of the Under Secretary of Defense for Acquisition, Technology and Logistics, Resilient Military Systems and the Advanced Cyber Threat, United States Department of Defense, Defense Science Board, January 2013

[xix] U.S. Government Accountability Office, “Defense Department Cyber Efforts,” May 2011, 2–3, http://www.gao.gov/new.items/d1175.pdf.

[xx] D. K. Barman, G. Khataniar, “Design Of Intrusion Detection System Based On Artificial Neural Network And Application Of Rough Set”, International Journal of Computer Science and Communication Networks, Vol. 2, No. 4, pp. 548-552

[xxi] I. Ionita, L. Ionita, “An agent-based approach for building an intrusion detection system,” 12th International Conference on Networking in Education and Research (RoEduNet), pp.1-6.

[xxii] G.V.P. Kumar, D.K. Reddy, “An Agent Based Intrusion Detection System for Wireless Network with Artificial Immune System (AIS) and Negative Clone Selection,” International Conference on Electronic Systems, Signal Processing and Computing Technologies (ICESC), pp. 429-433.

[xxiii] M. Padmadas, N. Krishnan, J. Kanchana, M. Karthikeyan, “Layered approach for intrusion detection systems based genetic algorithm,” IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), pp.1-4.

[xxiv] F. Barani, “A hybrid approach for dynamic intrusion detection in ad hoc networks using genetic algorithm and artificial immune system,” Iranian Conference on Intelligent Systems (ICIS), pp.1 6.

[xxv] Bates, Madeleine; Ellard, Dan; Peterson, Pat; Shaked, Varda. http://www.aclweb.org/anthology/H91-1040

[xxvi] http://www.robotics.org/content-detail.cfm/Industrial-Robotics-Industry-Insights/Robotics-in-Security-and-Military-Applications/content_id/3112

[xxvii] https://www.technologyreview.com/s/539876/military-robots-armed-but-how-dangerous

[xxviii] http://www.defenseone.com/technology/2016/02/new-microchip-could-increase-military-intelligence-powers-exponentially/125715/

[xxix] http://pib.nic.in/newsite/PrintRelease.aspx?relid=124000

[xxx] http://www.drdo.gov.in/drdo/labs/CAIR/English/index.jsp?pg=Products.jsp

[xxxi] http://about.bankofamerica.com/assets/davos-2016/PDFs/robotic-revolution.pdf

[xxxii] http://www.darpa.mil/news-events/2016-08-04

[xxxiii] http://ftalphaville.ft.com/2015/12/15/2147846/the-future-military-artificial-intelligence-complex/

Hybrid warfare-The Naval Dimension

(Published IndraStra Global 01 Jan 2017, http://www.indrastra.com/2017/01/FEATURED-Hybrid-Warfare-Naval-Dimension-003-01-2017-0002.html)

 It is so damn complex. If you ever think you have the solution to this, you’re wrong, and you’re dangerous. You have to keep listening and thinking and being critical and self-critical.

Colonel H.R. McMaster, 2006

In his monograph, Strategic Implications of Hybrid War: A Theory of Victory[1],Lieutenant Colonel Daniel Lasica posits that hybrid force actors attempt to combine internal tactical success and information effects regarding enemy mistakes through the deliberate exploitation of the cognitive and moral domains. In this manner, he describes hybrid warfare simultaneously as a strategy and a tactic because of the blending of conventional, unconventional, criminal, cyber and terrorist means & methods. A hybrid force is thus able to compress the levels of war and thereby accelerate tempo at both the strategic and tactical levels in a method faster than a more conventional actor is able to do. In this theoretical model, the hybrid actor will always gain a perceived strategic advantage over the conventional actor regardless of tactical results. David Sadowski and Jeff Becker, in their article “Beyond the “Hybrid Threat: Asserting the Essential Unity of Warfare,[2]” assert, that the idea of simply seeing hybrid warfare as a combination of threat categories or capabilities fails to appreciate the complexity of the hybrid approach to warfare. Rather, they argue that the essential aspect of hybrid warfare is the underlying unity of cognitive and material approaches in generating effects. Such a unity of cognitive and material domains allows for flexibility in a strategic context in which social “rules” can be redefined in an iterative process to the hybrid’s advantage in terms of legality and military norms.

Majors Mculloh and  Johnson in their monograph ‘Hybrid warfare’[3] have said that hybrid war may be best summarized as a form of warfare in which one of the combatants bases its optimized force structure on the combination of all available resources—both conventional and unconventional—in a unique cultural context to produce specific, synergistic effects against a conventionally-based opponent.

 Don’t ever forget what you’re built to do. We are built to solve military problems with violence.

– A Former Brigade Commander in Op Iraqi Freedom

Therefore, it will not be wrong to say that Hybrid warfare in naval context is a violent conflict utilizing a complex and adaptive organization of regular and irregular forces, means, and behavior across a predominantly maritime domain among others to achieve a synergistic effect, which seeks to exhaust a superior military force.

Alternatively, put simply, it is naval irregular warfare plus cyber war and any other component that emerges in future. CIA has succinctly brought out the contrasting dimensions of Modern versus Irregular warfare in the following table:

Contrasting Dimensions of War[4]
Modern Irregular
Organized Informal
Advanced technology At-hand technology
Logistics-dependent Logistics-independent
National direction Local direction
Coherent doctrine Ad hoc doctrine
Decisive battle Raids and skirmishes
Soldier Warrior
Allies Accomplices
Segregation Integration

Littoral areas and cities in vicinity of the coast could be important sites of future conflict, and both have characteristics that make them more complex than the high seas, and hinterland. Adversaries will increasingly exploit these complex environments to degrade technological advantages of regular forces. Given the close proximity of many cities to the coast as well as abundance of unmanned coastal areas, maritime hybrid is a distinct possibility requiring active involvement of the Navy and the Coast guard. In case of a maritime hybrid war the normal components of the Navy would continue to play an important part in the littorals and in open seas for interdiction of adversary’s irregular assets like floating armories and mercenary flotillas.

Maritime forces are often utilized primarily in support of ground operations, but it is seen that; in environments with a maritime component; maritime operations tend to have a noticeable comparative advantage over land-based operations in terms of mobility, freedom of maneuver, and the ability to impose a smaller or less visible footprint on land. The maritime forces could easily choke supplies through the sea route to reach adversary, protect own maritime trade and fishing in the area, provide logistic and fire support to forces on land from the sea, close escape routes and so on. One important point is that vital external maritime support can be conveniently obtained from friendly nations at sea for ISR, communications and fighting cyber war. The supporting ships could be operating as close as just 12 miles off the coast or hundreds of mile in open seas without violating any regulations.

Now it would be appropriate to look at a few of the salient features of 26 Nov 2008 Mumbai attack as relevant to subject at hand. The Mumbai attack has been analyzed in great depth by various agencies (for e.g. Rand’s ‘Characterizing and Exploring the Implications of Maritime Irregular Warfare’[5] and ‘The Lessons of Mumbai[6]’) and individuals, therefore an attempt is being made here to highlight the main findings of some of these studies. In addition to the meticulous planning, reconnaissance, likely pre-positioning of weapons & ammunition, the major innovation on the part of the terrorists was the real-time exploitation of the international media. Each of the terrorists carried a BlackBerry smart phone to monitor CNN and BBC Internet coverage of the attack in real time. They then immediately adjusted their tactics to increase the amount of media coverage that the attacks would receive. It is believed that the major efforts made by the terrorists to kill U.S. and British civilians were part of the plan to garner more international press coverage.

The case of the LeT attacks in Mumbai illustrates the advantages that could accrue to an adversary from a maritime approach to a target. A maritime approach allows operatives to avoid border crossings and airport security, it offers opportunities to hijack a local vessel so that attackers can blend in with the normal local coastal traffic, and offers terrorist teams extra time for pre-attack planning as well as extra time for rest just before the attack commences. Finally, a maritime insertion allows terrorists to select very precise landing sites and infiltration routes.

The case of the LeT attacks in Mumbai also illustrates the disadvantages that can accrue to a terrorist enemy from a maritime approach to a target. First, once a full blown, large-scale assault has started, it can be very difficult to extricate the operatives. Second, the transport of large explosives aboard fishing vessels and trawlers is risky; thus, maritime terrorist strikes might be limited to relying on small arms to do their damage. Third, some kind of reconnaissance cell would have to be sent to the target city well in advance of the attack, providing an opportunity for a skilled intelligence agency to mount surveillance on the reconnaissance cell and break up the plot before the assault team could embark. Moreover, a maritime approach does not allow the terrorist team to disperse until it lands ashore. Even if the operatives approach in two or three different small boats, the interception of just one of the boats could drastically reduce the team’s numbers and effectiveness.

The fact remains that despite low technological instrumentation, a non state/state sponsored actor coming from open sea, could carry out effective surveillance & reconnaissance regarding the characteristics of targets at land/sea that could be attacked in future. Maritime Hybrid War may graduate to pose bigger economic threat than a military one. Furthermore, these economic costs could be imposed with relatively minor investments from the adversary.

What is worrisome is that now the Hybrid threat can emerge from anywhere in the vast oceans; be it floating armories, mercenary flotillas, or innocuous vessels carrying legitimate cargo with an embedded cyber war-waging cell. The maritime hybrid threat has to be interdicted using Naval and marine assets preferably before it reaches the shores and synergizes with other elements into a full-scale hybrid war. Even though the Indian Government has strived to put in place a very robust MDA there are intelligence gaps, which remain among the various agencies involved which could lead to slipping in of threatening elements physically or otherwise.

“The categories of warfare are blurring and do not fit into neat, tidy boxes. We can expect to see more tools and tactics of destruction — from the sophisticated to the simple — being employed simultaneously in hybrid and more complex forms of warfare.”

Professor Colin Gray

Cyber War

A word about the maritime dimension of cyber war would be proper at this stage. In recent years, there has been considerable discussion of the phenomenon of cyber warfare, its methods, and its ramifications. In essence there are three objectives that can be achieved by cyber-offensive activities: espionage (infiltrating the target’s information storage systems and stealing information), denial of service attacks (preventing Internet usage), and sabotage (infiltrating systems reliant on Internet connections and causing functional damage via malevolent programs). The media largely focuses on the use of computer programs as weapons in the cyber domain, but an attack on Internet infrastructure especially the submarine optical fiber cables is no less an option for terrorists, and often more devastating and effective. In fact, thousands of miles of more than 200 international submarine cable systems carry an estimated 99% of all the world’s trans-oceanic internet and data traffic. Widespread disruption to undersea communications networks could sabotage in excess of $10 trillion in daily international financial transactions, as stated by Michael Sechrist in a 2012 paper ‘New Threats, Old Technology Vulnerabilities in Undersea Communications Cable Network Management Systems[7]’ published by the Harvard Kennedy School. It is pertinent to note that satellites carry just about 5% of global communication traffic.

Even partial damage has extensive consequences because of the resultant jamming of traffic on the limited remaining connection. It is true that the diplomatic and military effects of having Internet communication with world at-large cut off would not be significant, but the direct and indirect economic consequences could be extremely expensive to our economy, especially with the transfer of much data to online cloud services that are actually placed abroad.

What bigger Hybrid threat can be posed at sea than the cutting off the subsea internet cables at time, place, and depths of one’s choosing or cutting off undersea facilities like VLF communication nodes and hydrophones? Would it not be an example of extreme denial of service weapon? Incidentally, such capabilities do exist with some nations today.

Two other aspects of hybrid war, which merit immediate attention of the maritime forces, are onslaught of sensors and swarm warfare.

Sensors

One very important aspect of the Hybrid warfare is transparency in every field because f utilization of various types of sensors. This ubiquitous sensing revolution promises enhanced awareness of physical, social, and cyber environments by combining three technological trends: the proliferation of ever cheaper and more capable sensors into virtually every device and context; large data aggregation and ready access to it using vast cloud-based archives; and cross-spectral data fusion & sense-making algorithms running on increasingly powerful processors. All of these trends are accelerating, at exponential rates. For instance, as brought by Capt John Litherland, USN (ret), in his paper ‘Fighting in the Open: The Impact of Ubiquitous Sensors on the Future Maritime Battle space’[8]:

-The worldwide total number of sensors has increased tremendously and will pass the one trillion mark, or more than 100 sensors for every person on earth.

– Mass production of electronics has led to significant enhancements in Sensing capabilities. Every smart phone today has a complete inertial, electronic and satellite navigation system comprising just a minor component of its price. Incidentally, a smart phone today hosts of many  of the sensors such as, accelerometer, temperature, gravity, gyroscope, light, linear acceleration, magnetic field, orientation, pressure, proximity, relative humidity, rotation vector and temperature[9].

-The worldwide digital data generation rate now exceeds one ZB (1021 bytes) per year and global storage exceeds 10 ZB.

-The ability to fuse and make sense of unstructured data from disparate sensors and incommensurable formats is being addressed by use of advances in processing capability and data handling algorithms.

-The advent of sensors has however, made the battle space transparent. Today, the warfare has to adapt to this transparency and let go traditional concepts of concealment and camouflage. Stealth technologies are unable to cope up with concealing signatures of the multitude of sensors being used across various domains, be it in the air, on the surface or under water. Navies today can no longer spring a surprise on the adversary because it is not feasible to operate blind in a battlefield littered with multi-spectral sensors, dispersed spatially, and operating in broadband.

The Indian Navy (IN) has to prepare for this aspect of hybrid warfare. The Indian Navy could utilize some of the concepts out lined by Litherland in his paper quoted above[10] :

– Dispersal – IN forces must disperse over as much of the maritime battle space as possible.

– Deception – IN must strategize on targeting the adversary’s sensor complex across multiple spectra with noise, false targets, and cyber attacks.

– Range – IN must gainfully implement Net Work Centric warfare to bestow ‘crippling effects’ at large distances when dispersed.

– Speed – together with range, the speed at which kinetic and non-kinetic effects can be imposed on the adversary will also be a critical factor in Naval war.

Unless the Indian Navy starts preparing now to fight in the Age of Sensors, it risks becoming vulnerable in the event of a hybrid war.

Swarms

Seminal work has been done on Swarm warfare by Prof. John Arquilla  and David Ronfeldt in their various writings (Swarming and Future of Conflict[11], Countering and exploiting Swarms[12], etc.) the present section derives from their thought processes. Swarm warfare has become the dominant doctrinal concept of certain navies like the Iranian Revolutionary Guard Corps Navy, which has about fifty missile and torpedo boats, along with other light coastal craft, all of which train to employ ‘ESBA’ i.e. like a swarm of bees tactics. The IRGC Navy also has several bases on small islands in the Persian Gulf, from which they can “swarm by fire” with the Chinese missiles in their inventory. China’s PLA Navy regularly practices swarm tactics with its missile, torpedo, and gunboats.

For the Indian Navy, comprised as it is of a number of high-value vessels, swarms pose a considerable and rising threat. Swarm attacks are likely not only from small boats, but also from aircraft, submarines, and drones. At present, the author is unaware of any fitting response by the Indian Navy focused on the use of counter-swarms of drones, and robots. The Indian Navy should also consider responses; as suggested by Prof  Prof. John Arquilla[13];  by designing swarms of much smaller craft like large numbers of jet-ski-sized drones or autonomous weapons whose goal would be to seek out and destroy incoming swarms with rockets, or by ramming and self-detonating. Small and swift Weapons could pose a far superior swarming threat to hybrid adversaries. IN could also think of small undersea swarming systems which are already on the design board to meet demands of clearing minefields, engaging enemy submarines, and carrying out ISR missions. Similarly, small aerial swarm weapon systems could prove exceptionally useful in dealing with air defense of carrier strike groups.

Conclusion

So ‘ere’s to you fuzzy-wuzzy, at your ‘ome in the Soudan; You’re a pore benighted ‘eathen, but a first class fightin’ man. 

Rudyard Kipling

Starting with the fundamental definition of Hybrid war in maritime context as “Naval irregular warfare plus cyber war and any other component that emerges in future”, the implications of cyber, sensors, and swarm warfare have been discussed in this article. However, new types of hybrid threats would keep surfacing and the IN has to be ready for them when called upon to counter them.

Hybrid war, being inherently nebulous and dynamic in nature, calls for constantly adapting naval doctrines and technologies to meet the emerging maritime hybrid threats.

(Based upon a talk ‘Maritime and Air Dimensions of Hybrid War’ delivered by the author during ‘National Seminar: Hybrid Warfare’ on 02 Nov 2016 under aegis of Centre for Land Warfare Studies, New Delhi)

[1] https://www.scribd.com/document/40211290/Strategic-Implications-of-Hybrid-War-a-Theory-of-Victory

[2] smallwarsjournal.com/blog/journal/docs-temp/344-sadowski-etal.pdf

[3] http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA591803

[4]https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/96unclass/iregular.htm

[5] http://www.rand.org/pubs/monographs/MG1127.html

[6] https://www.rand.org/pubs/occasional_papers/2009/RAND_OP249.pdf

[7] http://ecir.mit.edu/images/stories/sechrist-dp-2012-03-march-5-2012-final.pdf

[8] http://www.secnav.navy.mil/innovation/HTML_Pages/2015/07/FightingInTheOpen.htm

[9] https://www.quora.com/how-many-different-sensors-are-available-inside-a-smartphone

[10]http://www.secnav.navy.mil/innovation/HTML_Pages/2015/07/FightingInTheOpen.htm

[11] http://www.rand.org/pubs/documented_briefings/DB311.html

[12]http://www.secnav.navy.mil/innovation/HTML_Pages/2015/04/CounteringAndExploitingSwarms.htm

[13] ibid

Cyber Warfare – a Perspective

(Published  15 Oct 2016, CLAWS)

The US Defense Science Board report of 2013 states that “in a perfect world, DOD operational systems would be able to tell a commander when and if they were compromised, whether the system is still usable in full or degraded mode, identify alternatives to aid the commander in completing the mission, and finally provide the ability to restore the system to a known, trusted state. Today’s technology does not allow that level of fidelity and understanding of systems.” The report brings out that, systems such as automated intrusion detection, automated patch management, status data from each network, and regular network audits are currently unavailable. A cyber attack against national critical infrastructure could therefore have a cascading effect upon economy, society, and government in ways difficult to understand, model or predict.

In cyber warfare, it has been claimed that opponents can distract, disrupt, and demoralize a nation by skilful use of cyber tools, timing, surprise, and an adversary’s specific vulnerabilities. These vulnerabilities are not restricted to military targets; the ability to attack civilian targets such, as public utilities or financial sector can be far more dangerous and subsequently more effective, at discouraging and deterring potential adversaries because of its immediate social and political effects. Theoretically, at least adversary may not need kinetic weapons to render a nation incapable of defending itself. On the other hand, it has not been feasible to assess the real cyber warfare capabilities of the nations because these have never been used in large scale war-fighting resulting in serious damage or led to a full scale war between nations.

It is reasonable to presume that current tools of war would continue to be utilized for achieving military objectives simply because cyber attack in current form exists as a onetime gambit, since cyber weapons are transient and last only until the breaches are plugged. There is no doubt that delay and denial can be achieved to a large extent but whether that would lead to a victory on ground is a fact yet to be seen.

It has been brought out as per a Mandiant Consulting report that the mean time an intruder remained in the victim’s system undetected was 205 days in 2014 and 146 days in 2015. This highlights the use of cyber warfare to remain undetected in a system to prepare for a strike by infiltration, location of weak spots and leave cyber weapons for a preemptive strike to destroy networks and information systems.

Pure military planning and countermeasures would not be able to play a critical role in cyber security because of the civilian nature of cyberspace and the predominantly non-military nature of the nebulous attacker. Much of the cyber expertise and resources required to defend information infrastructure are located outside of the military establishments. Creating a credible cyber capability is less about technology than finding the right people and skill sets, which can be difficult for militaries.

Realm of Cyber Attacks. Some examples that highlight the distinct types of cyber attacks as relevant to national security are in order now. These are cited to highlight the extent of cyber reach from the dedicated attacks on strategic assets to tactical military operations to criminal activities like ransom.

One is the well-known Stuxnet strike, which required tremendous amount of resources, brainpower, and planning time. It falls under the one time gambit with major nations already on guard against similar strikes on their critical strategic facilities.

In 2009, Conficker worm infected civil and defense establishments of many nations, for example, the UK DOD reported large-scale infection of its major computer systems including ships, submarines, and establishments of Royal Navy. The French Naval computer network ‘Intramar’ was infected, the network had to be quarantined, and air operations suspended. The German Army also reported infection of over a hundred of its computers. Conficker sought out flaws in Windows OS software and propagated by forming a botnet, it was very difficult to weed it out because it used a combination of many advanced malware techniques. It became the largest known computer worm infection by afflicting millions of computers in over 190 countries.

There was a cyber attack in Dec 2015 against energy distribution companies in Ukraine, which led to massive power outages and affected a huge civilian population. This achieved high visibility while using an old Trojan BlackEnergy and other malware to shut down critical systems and wiping out data.

In February 2016, the Hollywood Presbyterian Medical Center in Los Angeles, California was the victim of a cyber attack that encrypted its electronic data rendering its systems unusable for over a week. The hospital was forced to operate with no access to its computer systems and even had to move some patients to other hospitals. Staff relied on fax machines and telephones to keep hospital operations moving. The hospital regained access to its data only after paying a fee of 40 bitcoin (approximately USD 17,000) to the attackers. In March 2016, Methodist Hospital in Henderson, Kentucky, experienced a similar attack and declared a “state of emergency” being unable to access patient files. Methodist Hospital was able to restore their system from data backups and did not pay the attackers. Since 2014, the CryptoLocker ransom ware alone has allowed cyber criminals to collect over $100 million.

While illustrating the wide ambit under which the cyber attacks take place and the enormous cyber space that requires protection the above examples also highlight the inevitable ease of threat to civilian space. The cyber war if unleashed in entirety could encompass strategic, tactical, financial, social, and psychological space among others. It would thus be waged beyond a traditional military war on the borders.

Autonomous systems. An area of immediate concern for the military is Autonomous systems, for a system to be autonomous, it must have the capability to independently compose and select among different courses of action to accomplish goals based on its knowledge and understanding of the environment.

Autonomous decision-making resides in software replete with branching logic and tables of variables and parameters, which together, model the mission to be accomplished, the environment in which it must be executed, and the conditions that are relevant. The more complex the mission and the more diverse the environment, the more extensive and complex is the software. The autonomous systems also have organic sensors, a considerable amount of stored information, and optional communication for some supervisory functions, along with a capability to receive and implement over-the-air updates. These systems present an ideal target for the adversary. Thus more the capabilities, more the software and hence greater the vulnerability. To weed out the intruder in complex software and eradicate vulnerabilities which may or may not have been introduced by the attacker would require validation and verification, which may not be humanly possible in the time available.

It is evident that the amount of data and the speeds at which processing is required in case of cyber defense is not feasible for human beings to carry it out. Conventional algorithms also cannot tackle dynamically changing data during a cyber attack. As it appears today, effective cyber defense would only be provided by real time flexible Artificial Intelligence systems with learning capability. This in simple terms requires using Artificial Intelligence systems at practically every stage of military operations.

Conclusion. As of penning this article, a code of Mirai malware was released by a hacker, which has resulted in the largest ever DDos attack across countries. Mirai malware is used to create botnets that infect Internet of Things devices connected to the internet. It is said that about 1.0 to 1.5 million devices have been infected so far with numbers rising every second.

Nations have to think differently if cyber attacks are to be defended effectively. During an international conference on Electronic Warfare in Kuala Lumpur recently, the delegates were surprised to note that Indian Government had been following a policy of segregating internet-connected computers from those that carried important information. Much of the software being developed for cyber defense is being sent over the web from India albeit under IPR of different nations. Time is ripe for India to harness and synergies both cyber attack and cyber   defense capabilities.