It took the army over a year to test whether the purchased new model of ICT nodes, the most important devices in the command and communication network, meets all cybersecurity requirements.
It used to be simple in the old days – administrative functioning of any army was based on paper. Today, paper has been superseded by electronic devices. There is probably no army left in the world which does not use less or more complex ICT systems. They are the basis of logistics (in accountancy, human resources and when managing various types of warehouses) or training (simulators, training equipment, educational laboratories). Most importantly, armies all over the world use ICT systems to execute combat tasks – from navigation systems, through communications, to solutions applied in command support and battle management. As recently as 15 years ago, top secret orders and reports were still delivered from point A to point B in a briefcase and under escort; now, they are “wandering” through cyberspace via satellite, optical fiber, cable or radio routes.
Due to the omnipresent digitization, commanders have received warfare tools their predecessors could only dream about. They now have the capability to manage their subordinates in real time, while being hundreds or even thousands of kilometers away from them. However, every rose has its thorn. This ICT revolution brought with it the risk of orders and reports being intercepted by the enemy, without us even knowing about it. What is worse, our adversary might also jam (though at least we can be aware of that), or in extreme cases even paralyze our command and communication systems.
Media reports show how real the threat actually is. In 2015, Bloomberg, the world’s biggest information agency, revealed that the motherboards of servers produced by Supermicro included special chips which made it possible to steal data. A journalistic investigation revealed that outside the Pentagon such devices were delivered to, i.a., the US Navy Command, a drone command center, American armament consortia and technological giants, such as Apple and Amazon. The whole thing was revealed by Amazon. While preparing for another tender to deliver Data Clouds for American services, they performed a security audit of a company they were planning to acquire. The discovery of the microchips was reported to appropriate services which initiated an investigation. Although no one was caught red-handed, the American services managed to establish that the Chinese Intelligence was responsible for the whole situation.
Poland on the Cyber Front
Ensuring cyberspace security has become one of the priorities of the modern world. In 2014, at the NATO Wales Summit, the heads of NATO member states decided that if any of the member states becomes a victim of a cyber attack, they can ask the Allies for help, invoking Article 5 of the North Atlantic Treaty. In 2016, the Warsaw Summit took things one step further – not only was cyberspace recognized as a domain of warfare, but it was also decided that defending it must be considered as one of the main tasks of the Treaty.
Poland has been active in this area for several years. In July 2018, the National Cyber Security System Act came into force (Journal of Laws 2018, item 1560), on the strength of which a new military component was created – the Cyber Defense Forces.
The most important institution responsible for the forming and functioning of the component is the National Cyber Security Center (NCSC), while the only unit in the Polish Armed Forces that can perform the whole spectrum of activities and military operations in cyberspace is the Cyber Operations Center. As emphasized by BrigGen Karol Molenda, the Director of NCSC, one of the most important tasks awaiting the Polish Cyber Defense Forces is looking after ICT networks, which are used by the Polish army to exchange classified and non-classified information with military units, as well as various institutions and commands.
In order for the ICT data transmission networks used by the army to be safe, they must meet three basic criteria: confidentiality (only authorized personnel can have access to information), integrity (guaranteed accuracy, cohesion and completeness of information), and accessibility (ensuring access to information and related resources to authorized users in the necessary extent). They translate into specific technical requirements that have to be met by the solutions applied in the army, such as access control mechanisms, protection against installation and activation of unauthorized equipment and software, as well as mechanisms monitoring user activity and collecting security violation data.
The command and communication network used by the Polish army comprises of various types of more or less advanced ICT systems used by all service branches of the Polish Armed Forces. They can work together due to the network of Jasmine Integrated Data Transmission Nodes stretching across Poland. These devices allow for transferring information with the highest security classification, “Secret” and “NATO Secret.” They are one of the most important elements in the command and communication network of the Polish Armed Forces, and thus face the biggest risk of cyber attacks. That is why, when a contract to deliver the new version of the ICT nodes was signed with Teldat three years ago, the priority was to check their level of cybersecurity.
In order to run necessary tests, at the beginning of 2019 the Head of the MOND’s Armament Inspectorate created a special group of the representatives of the Command Support and Signals Directorate of the Inspectorate of the Branches of the Armed Forces General Command, the Armament Inspectorate, Board VI of the Military Counterintelligence Service, the National Cyber Security Center, the 7th Regional Military Representation, the Command Systems Support Center of the Armed Forces General Command, and the Communication, IT and Electronic Warfare Equipment Operation Directorate of the Armed Forces Support Inspectorate.
According to legal regulations, in order for the shelter and portable ICT nodes to be introduced into service in the Polish army, they had to undergo security tests, including vulnerability, penetration and verification tests. The first type of test consists in conducting a controlled attack on the system. Its aim is to detect vulnerabilities in software or hardware, check it for faults arising from improper configuration or weak points in adopted and implemented technical and organizational protection measures, and determine if the system is secured against threats arising from the users’ insufficient awareness. Verification tests check whether a given solution meets all technical requirements indicated by the army in tender specifications (initial tactical and technical assumptions). Since the ICT nodes, just like the Jasmine Integrated Data Transmission Nodes, are also to be used in the creation of the Polish Mission Network 2.0 (PMN 2.0), i.e. the command and communication network for foreign missions and multinational operations, they were also tested on whether they meet related NATO requirements.
In order for the devices to start work in the Polish army, they also had to receive electromagnetic protection certificates issued by military services. To this end, they underwent tests using specialist measuring stations equipped with sensitive receivers and chambers that enable detection of unwanted electromagnetic emissions.
They Are Safe!
All the tests, verifications and checks performed on the shelter and portable ICT nodes before they could be introduced into service in the Polish Armed Forces took several months and had a positive outcome.
“We are glad our ICT nodes meet all military standards and guidelines regarding cybersecurity,” emphasizes Sebastian Cichocki, President of Teldat, adding that the nodes were the first product that underwent such extensive and complex testing according to the revised law. “It required a lot of hard work both, on our part and on the part of the Polish Armed Forces. We had to prepare, among other things, new testing and verification methodology, and choose competent laboratories to perform the tests,” he explains.
The first batch of the systems ordered in 2018 (24 shelter [stationary], 15 portable and two training sets) has already been delivered to army units. According to the contract, the deliveries of the ICT nodes will be completed by the end of 2021.
autor zdjęć: Łukasz Blechman / Teldat