Why Military Blockchain is Critical in the Age of Cyber Warfare
4 ways blockchain can secure and defend key military assets and weapons systems.
by Dr. Victoria Adams, Consensys Government Practice Lead in Washington D.C
Digital technologies have transformed warfare. Beginning with the emergence of Network Centric Operations in the 1990s, digital technologies have become the basis of U.S. weapons, tactics, and strategy. Today, warfighters use connected devices to coordinate air strikes on the battlefield, drones are controlled from thousands of miles away, commanders watch real-time video of streaming videos of the battle space, and logistics and the broader supply chain are regulated and managed by complex digitally technologies.
The next generation of emerging technologies, such as artificial intelligence, smart drones and robots, additive manufacturing will make the U.S. military even more dependent on digital technology.
In this environment, the U.S. military has become critically dependent on secure, timely, accurate data. Yet as data has grown in importance so cyber warfare has emerged to challenge the U.S. in the digital space. Today, key U.S. defense assets ranging from communication systems to supply chains can be disrupted by bad actors attempt to degrade U.S. capabilities.
For example, in 2018, the U.S. Government Accountability Office (GAO) found that during operational testing, the U.S. Department of Defense (DOD) routinely found mission-critical cyber vulnerabilities in 86 weapons systems under development.
Many of these systems were penetrated either through easy-to-crack passwords, or because they had few protections against “insiders” working on elements of the programs. For example, in one case the GAO test team was able to take control of the operators’ terminals and could see, in real time, what the operators were seeing on their screens and could manipulate the system. In other cases, the GAO test team was able to cause a pop-up message to appear on users’ terminals instructing them to insert two quarters to continue operating.
More disturbing, the Royal Institute of International Affairs (also known as “Chatham House”), a not-for-profit and non-governmental organization based in London whose mission is to analyze and promote the understanding of major international issues and current affairs, warned in a January 2018 report that U.S., British and other nuclear weapons systems are increasingly vulnerable to cyber-attacks. In their report, Chatham House warned that:
“Nuclear weapons systems were developed before the advancement of computer technology and little consideration was given to potential cyber vulnerabilities. As a result, current nuclear strategy often overlooks the widespread use of digital technology in nuclear systems…The likelihood of attempted cyber-attacks on nuclear weapons systems is relatively high and increasing from advanced persistent threats from states and non-state groups”
This is far from an abstract threat. In 2010, the U.S. Air Force (USAF) lost contact with a field of 50 Minuteman III ICBMs at FE Warren Air Force Base in Wyoming for an hour, raising the terrifying protect that an enemy actor might have taken control of the missiles and was feeding incorrect information into the nuclear command-and-control networks.
These reports were not the first to warn against the cyber threat to U.S. defense systems. For example, in 2013, the Pentagon’s Defense Science Board that conducted a major study of the resilience of U.S. defense systems to cyberattacks. The board found that the military’s systems were vulnerable, and that the government was “not prepared to defend against this threat.” The report warned that in successful cyber attack military commanders could lose “trust in the information and ability to control U.S. systems and forces.” The report emphasized that “systems and forces” include nuclear weapons and related nuclear command, control, and communications systems. Military commanders could face false warnings of attack or could lose trust in their ability to control U.S. systems and forces.
Five years later, little seems to have been done to address these risks. For example, the Nuclear Threat Initiative (NTI) (a U.S. non-profit funded by CNN founder Ted Turner) published a report on cyber risks to nuclear weapons systems and offered recommendations developed by a group of high-level former and retired government officials, military leaders, and experts in nuclear systems, nuclear policy, and cyber threats. They concluded that a successful cyber attack on nuclear weapons or related systems could have disastrous consequences and that we cannot assume that U.S. nuclear weapons systems — are not or will not be compromised.
Given these threats, we believe that an entirely new approach needs to be taken to addressing the vulnerabilities of critical U.S. defense systems. We believe that blockchain can play a key role in remedying these weaknesses. Specifically, through its able to provide secure, decentralized data environment and automated smart contracts, blockchain could provide a new paradigm for management of U.S. defense weapons systems.
In the following section we discuss how this system might work and identify the key benefits that blockchain could provide…
Blockchain as a Cyber Defense
Blockchain is an incorruptible, decentralized, digital ledger of transactions that can be programmed to record not only exchange of information. Critically, for information to be exchange between any two nodes within in a blockchain system, all nodes (or most nodes, depending on the structure) must agree that the exchange of information is legitimate. They do this through a variety of methods; either acting as a recognized trusted party or my solving complex cryptographic problems. Once the exchange is accepted, that exchange is written into a shared copy of a digital ledger that contacts all records of transactions that is effectively unchangeable.
Thus, a clear, accountable record of all transactions is available to approved parties within the network. Any attempt to hack the ledger or send an illegitimate order would require attacking all nodes simultaneously. The computing power to achieve this level of penetration is currently beyond even state actors. Moreover, smart contracts or decision rules can be encoded into a blockchain that can automate key functions and trigger intelligent subroutines.
The benefits of blockchain as a prevention against cyber-attack are easily understood when represented as distinct use cases. Below, we discuss four major defense related use cases:
- Defending critical weapons systems
- Managing automated, swarm systems
- Validating orders and battlefield information
- Managing logistics and supply chains
Defending Critical Weapons Systems
Figure 1 shows a high-level abstract model of how command and control might function in a centralized system. As can be seen, the system receives data from a sensor that then notifies command authorities of an incoming threat who then directs the weapon system to respond to the threat. However, the centralized nature of the system means that there are single points of vulnerability that can be attacked from external bad actors. Thus, command authorities and automated or human controllers of the weapon system may be prone to receiving bad or deceptive information. This may result in either unauthorized use of the weapons system or failure to respond to a legitimate threat.
Figure 2 shows how this system might function using a blockchain. As can be seen, data transmissions are validated via a distributed system that uses a consensus system to validate that the data comes from a legitimate initiator. As responsibility for approving the transaction requires approval by all or most nodes within the system, a bad actor would have to hack all nodes simultaneously. As each node is independent and protected by extensive cryptography native to that node, the computing power required to hack the system is greatly magnified. With enough nodes, the system could become almost unhackable. The only limitations on the number of nodes would be the processing time required to validate communications compared to the decision needs of the system.
Managing Automated, Swarm Systems
Swarm robotics is an approach to the coordination of multiple robots as a system which consist of large numbers of mostly simple physical robots. A desired collective behavior emerges from the interactions between the robots and interactions of robots with the environment. This approach emerged on the field of artificial swarm intelligence, as well as the biological studies of insects, ants and other fields in nature, where swarm behavior occurs. In the case of military robots, multiple drones or robots would function in parallel to overcome an opponent’s defense and destroy the target.
The autonomy of individual members within the swarm and their dependence on communication and interaction makes them vulnerable to hacking. One of the main limits on the management of large numbers of robots is what is known as “global knowledge.” That is, the awareness of not only adjacent agents’ conditions but of the population as a whole. The need to main coordinated communication between each element in the swarm means that the swarm is open to attack from outside actors.
Blockchain offers a mechanism to be able to protect intra-swarm communication and coordination (Figure 3). In such as system, each element of the swarm would be a node within their own blockchain. The swarm would validate communications internally use a collective, decentralized decision-making approach to manage it operates and disseminate global knowledge to each party. In so doing, the swarm can share global knowledge while protecting itself from cyber-attack.
Validating Orders and Battlefield Information
Warfighters on the battlefield need to know the information they receive is valid and accurate. The centralized management of digital communications opens the warfighter to cyber-attacks that spoof orders or provide false information of the progress of the fight plan. Moreover, if some portion of the data network suffers a catastrophic failure, the integrity of the system needs to continue. This cannot be promised by centralized systems.
Blockchain prevents a solution to these challenges. By spreading data out horizontally blockchain democratizes the battle space and create secure environment in which the failure of any one node will not affect the overall viability of the network. Furthermore, by relying on a decentralized validation system with in-built, native security blockchain-based systems can ensure that all communication and data transfer is protected from bad actors. The warfighter on the battlefield can be assured that the orders he or she receives are valid, and that data transmitted from sensor or other parts of the battle space have not been tampered with. In do doing, blockchain could create a resilience, hack-resistant system that support the fluidity and coordination that digital warfare requires.
Managing Logistics and Supply Chains
The modern military logistics and supply chain brings together hundreds of different military and private sector components. With so many participants, there are numerous points of friction that introduce numerous failure points, unnecessary costs, and result in inaccuracies and misrepresentation. By providing a single source of truth and supporting intelligent automation, blockchain can address these challenges. The benefits of blockchain in military logistics can range from increased delivery speed, traceability, safety, and reduced costs. As a result, the warfighter on the battlefield can be assured that when supplies reach them, they are meet their requirements and have not been tampered with.
Moreover, the benefits of blockchain can extend into the manufacture of weapons systems and other military equipment. Blockchain can ensure that all components and subsystems are authentic and meet requirements and that the supply chain has not been tampered with. Further, by closely tracking the origin of individual components, blockchain (combined with the Internet of Things (IoT)) can ensure that the defense manufacturing supply chain has not been tampered with or that bad actors and proscribed suppliers have not in some way entered the chain.
Foreign Competition and the Need for A Concerted US Response
Based on this discussion, it should be clear that blockchain could play a major role in military operations and the defense industry. While the Pentagon has begun to think about such operations, there has not been a comprehensive attempt to fully explore the potential benefits of blockchain. This is disturbing as our adversaries are spending considerable resources on exploring the military potential of blockchain.
For example, an article in the People’s Liberation Army (PLA) journal the China Military Network Defense Department Network on February 2, 2018 argued that China’s defense and security agencies should leverage blockchain to manage the distribution of funds for intelligence operations, protect personnel and weapons life-cycle data from cyber-attacks, and make logistics operations safer.
Furthermore, the article stressed that blockchain would alleviate three major dilemmas faced by Chinese government existing paper and electronic records in China: (1) centrally located files that usually lack back-up mechanisms; (2) safe and easy transfer of archival files; and (3) the lack of archival supervision. Finally, as military logistics becomes more smart blockchain can improve the entire logistics enterprise by making it more robust, dynamic, and resilient by creating small, interconnected networks like a small IoT.
As a result, this new enterprise is less risky and more survivable since it avoids a “centralized management strategy” that is over-reliant on a few critical information centers or other key geographical sites without giving up government.
This theme was taken up in multiple media outlets across China, such as Xinhua and other PLA-friendly sites. Further, this past February, one Chinese website opined that blockchain could even be used in media operations to control both content and contributors in shaping public opinion. In this way, blockchain would be used to secure sources of public opinion, ostensibly to the detriment of any adversarial counter-information operations. More broadly speaking, public opinion warfare is one of three pillars key of China’s Three Warfare strategy (the other two being legal warfare and psychological warfare).
Similarly, the in 2018 the Russian Ministry of Defense announced it was launching a research lab to analyze how blockchain technology can be used to mitigate cybersecurity attacks and support military operations. According to Izvestia, one of the priorities of the lab is the development of an intelligent system to detect and prevent cyber-attacks on important databases and weapons systems. Using these systems, the Russian Ministry of Defense stated it hopes to build secure blockchain-based platforms can make it more difficult to hide traces of cyber attacks and track online intruders into their systems.
Based on these indicators it is clear that other countries militaries are taking blockchain seriously. The U.S. and other Western militaries need to start seriously exploring blockchain; especially in its capacity as a cyber-defense tool. If the U.S. fails to act key elements of our national security may be critically impaired. It is critical for the future integrity of our key weapons systems and national security assets that we act now rather than waiting for a crisis to alert us to the dangers of cyber-attack on non-blockchain defended systems.
Read ‘Is the U.S. Losing the Race for Web 3.0?’ by Dr. Victoria Adams.
Disclaimer: The views expressed by the author above do not necessarily represent the views of Consensys AG. ConsenSys is a decentralized community with ConsenSys Media being a platform for members to freely express their diverse ideas and perspectives. To learn more about ConsenSys and Ethereum, please visit our website.
