As the militaries of the United States and Britain purchase more and more of the same networked hardware, most notably the F-35 Joint Strike Fighter (above), the two nations are increasing collaboration in cyber warfare, according to a Pentagon official.
"Cybersecurity is a growing area of cooperation between the United States and the United Kingdom," the official told Killer Apps. "We're sharing more information and going deeper into threat analysis and response planning than we ever have before. Both nations firmly agree we need improved multilateral cyber coordination and we're working to do just that. Cyber will also be on the agenda for discussions at the upcoming NATO conference in June."
His comments come a day after British Defence (with a "c") Secretary Phil Hammond was in Washington meeting with U.S. Defense Secretary Chuck Hagel to discuss the situation in Syria, the war in Afghanistan, how to deal with Iran, and visit U.S. Cyber Command at Fort Meade, MD. (As is sadly the norm, a spokesman for the command could not talk about Hammond's visit to Fort Meade.)
While much of the discussion between the two officials centered current or potential conflict zones and major weapons buys like the F-35, Hagel announced that the two allies will increase their cooperation in the cyber world.
"The United Kingdom's continued commitment to [the F-35] program, and our growing cooperation in new priority areas like cyber, is helping ensure this alliance has the kind of [cutting-edge] capabilities needed for the future," Hagel said during a Pentagon press conference yesterday.
"The U.K. and the U.S. remain in lock step on these projects, and as we take them forward, we will ensure the continuity of those vital capabilities," added Hammond.
It makes sense for the two to discuss F-35 and cyber in the same breath. The F-35 relies on tens of thousands of lines of software code to function. It is perhaps, the most networked plane in history, using software to do everything from fire weapons to beam chunks of data to other aircraft or command centers. Last fall, Killer Apps reported that the jet's computerized maintenance system was found to be vulnerable to hacking -- meaning that, if penetrated by spies, they could see everything from how many pilots were available to fly the jets to the maintenance status of all the airplanes in a squadron.
This comes just after Bloomberg news reported that QinetiQ, a British defense firm (that used to be a Ministry of Defense research agency until it was privatized in 2001 suffered) a series of major cybersecurity breaches at the hands of Chinese government hackers. QinetiQ works on a host of advanced technologies from cyber to robotics with U.S. government agencies such as the DOD and the Department of Energy. In fact, the firm runs Britain's version of Area 51, a site known as MoD Boscombe Down and has been called the inspiration for the workplace of James Bond's gadget-maker, Q.
This week's crash of a civilian cargo jet at Bagram airfield in Afghanistan highlights the fact that the U.S. military relies on a private air force to move enormous amounts of supplies and numbers of people around the globe.
The jet that crashed at Bagram (shown above) was a Boeing 747-400 that had been converted from a passenger jet into a freighter for Florida-based National Airlines, one of the many little-known civilian carriers that keep the U.S. military and intelligence agencies supplied around the globe. The plane was said to be transporting five MRAP armored vehicles (which are incredibly heavy) from Afghanistan to Dubai -- a route the airline had been flying for about a month prior to the crash.
Here are just a few more of the many private airlines that serve the U.S. government on a regular basis:
Spend any time at BWI Airport and you'll see MD-11s sitting on the ramp, painted in the livery of World Airlines, a contractor that flies U.S. troops to Europe and the Middle East. They usually operate out of a terminal reserved for the U.S. Air Force's Air Mobility Command -- the organization that operates more than a thousand cargo and tanker aircraft such a C-5 Galaxies, C-17 Globemaster IIIs, C-130 Hercules, KC-135 Stratotankers, and KC-10 Extenders. Despite all these planes dedicated to moving troops and materiel, the service still contracts with dozens of private airlines.
Frequently sharing ramp space at BWI with World Airlines is North American Airlines, the company that provided a Boeing 767 for Barack Obama's 2008 presidential campaign. The charter-jet provider operates five 767s that are frequently used to ferry U.S. soldiers around the world.
The Washington state-based Evergreen Aviation is supposedly one of the successors to the CIA's legendary Air America -- famous for hauling everything from chickens to drugs (allegedly) throughout Southeast Asia during the Vietnam War. (In 1968, an Air America UH-1 Huey chopper actually shot down a Soviet-made An-2 Cub cargo plane flown by the North Vietnamese air force.) The company has done everything from supporting CIA missions to operating one of the largest aerial firefighting aircraft in the world: the Evergreen Supertanker, an old 747 passenger jet that was converted to carry more than 20,000 gallons of fire suppressant.
Tepper Aviation is a company that operates a fleet of ghost-white Lockheed L-100s (the civilian version of the C-130 Hercules), allegedly conducting missions for the CIA all over the globe, possibly including prisoner transport. As would be expected, Tepper has no website. However, if you search Google Maps for the small airport in Crestview, Fla., where Tepper is reportedly based, you'll find a large facility on the southeast corner of the runway with a U.S. Air Force C-130 parked nearby and a hangar with the logo of defense giant L-3 Communications painted on the roof. (Click here to see apparent pics of the flight deck of one of tepper's planes while it was stopped in Japan with some "diplomatic" cargo aboard.)
And who can forget Presidential Airways. This former Blackwater subsidiary is famous for a 2004 incident in which a CASA 212 ferrying U.S. troops from Bagram to Farah, Afghanistan crashed into a canyon wall after the pilot became disoriented, killing three soldiers and three civilian crew. This incident brought attention to the fact that small carriers were hauling U.S. troops around battlefields even though the U.S. Air Force, Army, and Marines have thousands of planes and helicopters designated for such tasks. Despite increases in the number of military tactical airlifter missions in the Middle East since then, the U.S. military still relies on contractors to support the massive task of keeping its troops supplied via air in Afghanistan.
View U.S. military presence in Africa in a larger map
The United States may
be deploying 10 have a handfull of troops helping the French in Mali, but that's just a drop in the bucket of the U.S.
military's presence in Africa, which has been quietly building for the last
decade. You've probably heard about the 2,000-troop hub at Camp Lemmonier,
Djibouti, and the 100 special operators hunting Joseph Kony. But less is known
about the handful of U.S. drone bases scattered across the continent and the
dozens of exercises involving hundreds, if not thousands, of American troops (Click the placemarks on the map above for a quick description of what U.S. troops are doing in each country.)
A quick look at exercises and other activities conducted by U.S. Africa Command this spring alone reveals a U.S. military presence in more than a dozen countries -- from Cape Verde in the West to the Seychelles in the East and Morocco in the North. These exercises have shared medical techniques with the Nigerian military, provided intelligence training in Congo, trained special operators in Cameroon, and even included an East African Special Operations Conference in Zanzibar.
Just look at the U.S. Army's page on Africa to find even more examples of soldiers deploying to Africa.
In 2012, Africa Command planned 14 major exercises with African militaries, according to the command's website. Meanwhile, the Foreign Military Financing program gave African militaries $45 million to buy American-made weapons in 2011. Tunisia received the most cash ($17 million), followed by Morocco ($9 million) and Liberia ($7 million).
Let's take a close-up look at the eight reported U.S. drone bases scattered across equatorial Africa that are depicted on this map.
1) First up is Camp Lemmonier, which houses thousands of U.S. personnel and has -- according to satellite imagery -- also hosted everything from F-15E Strike Eagle bombers and C-130 cargo planes, to PC-12 special ops planes and MQ-1 Predator or MQ-9 Reaper UAVS.
2) Next is the U.S. Indian Ocean drone base in the Seychelles that's used to hunt Somali pirates and other seaborne ne'er do wells. You can clearly see a tan-colored "clamshell" tent on the northwest end of the runway -- a common indicator of a U.S. military presence at an airstrip.
3) Speaking of clamshell tents, this Bing map shows several at what appears to be a fairly large and newly constructed facility near the old terminal at Entebbe Airport on the shores of Lake Victoria in Uganda. The old terminal at Entebbe is famous as the site of the Israeli commando raid that freed hundreds of passengers from a hijacked Air France flight in 1976.
We've been hearing for years now that the U.S. military's crop of slow-moving spy planes fielded for the wars in Iraq and Afghanistan -- ranging from MQ-9 Reaper drones to manned MC-12 Liberties -- will be totally useless in a fight against an adversary armed with sophisticated radars and anti-aircraft missiles (often labeled anti-access/area denial (A2/AD) weapons).
This, of course, is how the U.S. Air Force and Navy are justifying the development of a host of stealthy strike and spy jets (manned and unmanned), missiles and electronic warfare weapons designed to fight countries equipped with sophisticated weapons designed to keep U.S. forces far from their borders.
However, the Air Force's spy arm -- officially called the Air Force Intelligence Surveillance and Reconnaissance (ISR) Agency -- is experimenting with flying low and slow prop-driven spy planes in skies where advanced air defenses are present. In late February, the agency sent several squadrons of Air Force intelligence assets to play in the service's legendary air combat exercise known as Red Flag over the Nevada desert.
"One of the things that we need to figure out is how much risk would we have to take to fly airborne ISR assets ... in a non-permissive environment," said Col. Mary O'Brien, commander of the Air Force's 70th ISR Wing during a speech late last week. "Initially, we had said, ‘well you could never fly them because there would be risk.' But one of the things that you can practice at Red Flag is you can build a package that includes defenses and then see."
The agency managed to successful fly a propeller-driven MC-12 Liberty -- based on Beechcraft's civilian King Air -- to collect intelligence in the face of a simulated advanced air defense network that featured Soviet-designed SA-6 surface-to-air missiles.
"It was not shot down but that's a case of one," said O'Brien. "It made us say, ‘this should be perhaps an exercise objective in a future Red Flag."
(While the MC-12 is a slow, twin turboprop of the type you'd see at your average small town airport, it might help that the SA-6 is a 1970s-vintage system used by dozens of countries that the United States has had decades to figure out how to defeat.)
She went on to say that while advanced enemy air defenses would pose a big threat to planes like the MC-12, U.S. forces may be able to provide such planes with protection for just long enough to collect some pieces of vital intelligence.
"How long do we need to operate in that environment?" asked O'Brien. "Maybe you don't need air supremacy and maybe you only need air superiority for this amount of time depending on what you want to do."
The whole point of sending prop-driven ISR planes into the fight is getting people to think about the notion that "hey, we don't need to sit everything on the ramp that we used in Iraq and Afghanistan.... Let's start thinking about" how these aircraft might play a role in a future fight.
She wouldn't say what type of protection the Liberty had as it flew its mission, it could have been anything from fighter escorts who were hunting down the enemy radar and missile sites to advanced electronic warfare gear that jammed enemy sensors or some combination of both.
U.S. Air Force
We've been inundated with information about the threat that foreign cyber attacks pose to U.S. power systems, banks, and transportation infrastructure for years now. Now, the Air Force's research arm is turning its attention toward protecting space systems from cyberwar.
The military relies on its massive fleet of spacecraft -- from satellites to secret space planes like the X-37B shown above -- to do everything from providing precision navigation and targeting to passing secure communications from stealth bombers to their bases as they fly over hostile territory. It's such a critical asset that Air Force officials, worried about enemies like China or Russia taking out U.S. satellites with anti-satellite missiles, that the service occasionally practices operating for "a day without space," in order to get used to the notion that it may not be able to rely on its orbital infrastructure.
Anyone who has been paying attention to cyberwarfare knows that it would be far cheaper to disrupt or take down U.S. space assets via cyber attack than it would be to develop and launch a missile.
Just imagine if an enemy were able to scramble secure satellite communications or manipulate GPS coordinates, thus sending U.S. troops to the wrong locations.
The Air Force Research Laboratory (AFRL) has kicked off a new program looking at technology that would protect spacecraft from these kinds of cyber attacks.
(The Ohio-based lab is the Air Force's far-out research lab, responsible for developing insect-sized UAVs, stealthy, special ops transport jets, and air-breathing engines capable of propelling aircraft at speeds up to Mach 6.)
"AFRL seeks to gain understanding of the state of industry research pertaining to protecting both ground- and space-based assets that provide space services, ranging from the space parts supply chain to the conduct of integrated space operations," reads this RFI that was updated last week.
In English, that means that the Air Force wants to protect from cyber attacks the networks of every firm that has a hand in building spacecraft or space control systems, and of course the actual spacecraft once they are aloft.
Here are some highlights of the specific cyber-defense technology the lab is interested in:
So, if you want to drop that iPhone app you've been working on and get in on this project, you have until May 6 to pitch the service on your "interests and capability," according to the RFI.
U.S. Air Force
Remember those pesky anti-ship ballistic missiles, like China's DF-21D "carrier killer," that everyone worries will be able to keep American ships at bay -- a threat so serious that some say it renders the aircraft carrier obsolete? Well, the U.S. Navy isn't as worried as it used to be thanks to some help from the 17-member Intelligence Community (IC).
"In 2008, [then-Chief of Naval Operations Admiral Gary Roughead] sent a message to the director of national intelligence saying, these anti-ship ballistic missiles are becoming [a problem]. The proliferation and the technology is pushing these things' [range] out farther and farther and really impacting our ability to get in close" to an enemy's shores, said Vice Admiral Kendall Card, director of naval intelligence, during a conference in Arlington, Va., today.
As a result of this message, "there was a concerted effort across the IC -- I probably can't tell you which organizations did what to make that happen -- but I can tell you that we in fact have some pretty terrific answers [for how to defeat the threat posed by anti-ship missiles] from all that effort, and we're making gains every day from CIA, NGA, NSA -- all the people putting all the pieces together to, in fact, make that happen and develop solutions" for a host of anti-ship missiles, ranging from the DF-21D to the YJ-12 cruise missile, he said.
As would be expected, the Navy's top spy didn't reveal anything about these "solutions." They could range from identifying the missiles' launch sites, allowing them to be picked off, to figuring out the best ways to spoof their guidance systems or shoot them down using ballistic missile defense ships. Who knows.
Long-range anti-ship ballistic missiles like the DF-21D are part of the reason that the Navy teamed up with the Air Force to devise the so-called Air-Sea Battle concept, which is aimed at figuring out how the two services can defeat an adversary armed with weapons meant to keep U.S. forces far from its borders.
Here's what Air Force Secretary Michael Donley told yours truly about Air-Sea Battle last September:
It's an organizing concept, if you will, for how to marry air and maritime power in a way that helps us address contested environments where threat capabilities have grown in a fashion that can endanger or threaten global commons. I think it just brings into sharper focus, at the operational level, those [areas] in which the Navy and the Air Force have common issues -- airspace management, for example, missile defense kind of issues, ISR issues, common weapons that the Air Force and the Navy have developed for many years, electronic warfare -- all these areas that are pertinent to how one operates in a contested environment are very pertinent to Air Force-Navy cooperation to our joint development of not only technologies but operational concepts which develop synergies between the air and maritime domains.
[Air Sea battle is] all about sort of identifying opportunities for collaboration in that world and to get the best thinking on both sides of this equation.
Expect to see Congress produce a cybersecurity bill focused on information sharing make its way to the president in 2013, said senior House and Senate staffers involved in drafting the legislation today.
"I'm pretty confident that if we got to conference we could work a bill out," said Andrew Grotto, lead staffer on the Senate Intelligence Committee today during a conference in Arlington, VA sponsored by C4ISR Journal (yes, that exists, and it's a publication about spy tech). "There's very broad agreement on what the parameters of information sharing should look like. We all agree that there needs to be private-to-private sharing, that the sharing has to have reasonable privacy protections built in, and that really what we're talking about is cybersecurity and not policing IP piracy."
Still, he warned that the Senate's Cyber Security Act of 2012, aimed at establishing minimal cybersecurity standards for critical infrastructure providers while making it easier for companies to share cyber threat information, suffered death by filibuster twice last year, despite having majority support in the Senate. This means that the Senate may decide to simply go after less ambitious legislation on information sharing, rather than attempting to push again for minimal cybersecurity standards.
The big question for the Senate is, "do we go comprehensive or not? Do we try to develop a bill that covers critical infrastructure again? I don't know the answer to that," said Grotto. "There's on one hand desire to take what the president did with the [White House's cybersecurity executive order] and put it in statute. On the other hand, there's a pragmatic streak in a lot of us that says, ‘maybe that's a bridge too far and we're better off focusing on issues of information sharing where there's a pretty strong consensus on the need to act legislatively.'"
Grotto's statement seems to back up what Senate Intelligence Committee chair Dianne Feinstein told Killer Apps last week: "we are currently drafting a bipartisan information sharing bill and will proceed as soon as we come to an agreement."
Meanwhile, when asked if we will see cybersecurity legislation presented to the White House this year, Tom Corcoran, senior policy advisor to the House Intelligence Committee, replied with a simple, "yes."
The House Intelligence Committee produced the Cyber Intelligence Sharing and Protection Act, CISPA, that passed the House floor last week. That bill allows private businesses to quickly share information on cyber threats with each other and the government.
However, the White House has threatened to veto CISPA as it currently stands, saying that it wants information shared with the government to have to go through a civilian agency such as the Department of Homeland Security before going to other government organizations, instead of being passed directly to the military. The White House also wants to narrow the scope of immunities from lawsuits for violating antitrust or privacy laws or that would be granted to companies sharing information with each other or the government.
John Reed reports on the frontiers of cyber war and the latest in military technology for Killer Apps.