THE IMPLICATIONS OF CYBER ACTIONS ON MARITIME SECURITY -Author Cam. (ret.) Dr. BOCAI Corneliu
There is hardly any area of social life that is not affected in one way or another by cyber actions. Therefore, maritime security is no exception. The forms of cyber actions in the maritime domain are diverse and sometimes have the most serious consequences. Unfortunately, there are few methods and procedures to combat or counteract them. The issue of maritime security is highly complex, and existing solutions, as well as those likely to emerge in the future, are and must be available to analysts, decision-makers, politicians and the military, who have the tools to enforce the law in this area, which is vital for the whole world.
1. THE CONCEPT OF MARITIME SECURITY
The problem facing the world, two decades into this century, is that of creating a global security system (with all its components) through cooperation and awareness among an increasing number of countries of its necessity and importance. In this regard, the rapid and massive expansion of the North Atlantic Alliance (NATO) – which began in the 1990s – in Europe and the European Union (EU), as well as the enlargement of areas of economic cooperation, are no coincidence.
Today, as in the future, increasingly significant and often well-concealed interests are clashing and will continue to clash at sea. The wealth and resources offered by the world’s seas and oceans, from temperate to frozen zones, attract some and concern others, who are determined to defend them using all means at their disposal.
In these circumstances, many of the threats come from the sea, often extending to land, where those responsible for this area cannot manage them alone. It is characteristic that these threats no longer take the classic form and no longer follow any ‘rules’ or ‘norms’ in the usual sense, but cover a wide range of areas of social life.
In view of these considerations, it can be said that the dimension of MARITIME SECURITY (as a component of the concept of NATIONAL SECURITY) has taken on a new connotation. I say this in a context where safety and security at sea are increasingly confronted with aggression, ranging from classic forms, such as attacks on communication routes (navigation routes, port infrastructure, hijacking of ships, crews, etc.) to CYBER attacks targeting information and its circulation, command and control systems, command centres, communications, communications technology, through terrorist attacks or hackers, through information, media or psychological warfare.
The concept of MARITIME SECURITY can have different meanings and interpretations for individuals, organisations or institutions, depending on their goals and interests. In the US maritime strategy, maritime security is presented as “creating and maintaining security at sea to limit asymmetric threats such as terrorism, arms proliferation, drug trafficking and other illicit activities. Combating these actions enhances global stability and ensures the safety of navigation for the benefit of all states.‘
According to the DOCTRINE OF THE ROMANIAN NAVAL FORCES – MARITIME SECURITY, it is ’ international and inter-agency, civil and military activity aimed at minimising risks and countering threats posed by illegal or dangerous activities in the maritime domain, enforcing the law, protecting citizens and defending national and international interests.” A similar definition was also developed within the European Union strategy. Therefore, cyber attacks, classified as either asymmetric actions or cyber warfare, have been, at least in recent years, one of the key elements in disrupting activities at sea.
2. THE CONCEPT OF CYBERSPACE
Cyberspace, or ‘cyber’ space, is a universe created by various media, such as the Internet, through the global and local interconnection of:
– physical resources (computer networks, communication systems, interconnected or isolated);
– information resources (all databases, websites, online activities, electronic correspondence);
– information entities (NGOs, lobby groups, opinion makers, research and survey institutes, public opinion);
accessible thanks to information technology, in which different people interact via connected computers.
It can thus be said that cyberspace has led to the emergence of ‘cyber weapons’, paving the way for new types of operations, different from the classic ones in terms of their mode and manner of manifestation, but generally having the same objectives, namely to eliminate the adversary or stop their actions in the cyber environment.
In fact, cyberspace, where actions of the same name take place, refers to the interconnection of information in the technological infrastructure of computers, telecommunications networks, the Internet, including information transmitted and processed within these systems. Therefore, cyber warfare uses electronic networks and information as weapons, acting in all areas, including the maritime domain. The cyber theatre of military operations refers to the process of integrating the automated command and control system with weapon systems, along with the emergence and use of robots, remote-controlled vehicles, smart munitions and drones. The latter will be used in particular for intelligence gathering, surveillance and reconnaissance missions and will be increasingly difficult to combat as they will fly at hypersonic speeds and at high altitudes. In the field of maritime surveillance, the US Military Research Agency has developed an underwater system called Hydra, which includes a fleet of mini-submarines combined with a mother ship. These will be launched from the mother ship in shallow waters near coasts and ports for surveillance and reconnaissance or even combat missions. This underwater system will also include airborne drones with encapsulated UAVs (unmanned aerial vehicles) capable of launching from the Hydra mother ship and flying over the water’s surface on reconnaissance or combat missions. The Hydra mother ship will serve as a submarine, transport aircraft and communications centre, all in one device. There are also autonomous sensor systems placed on the seabed (especially in areas with heavy shipping traffic) at great depths, where they remain undetected for years, gathering information. These can be activated remotely when needed and brought back to the surface at predetermined intervals.
3. CYBER ACTIONS IN THE MARITIME SPACE
Successful cyber actions in the maritime domain and beyond depend, in most cases, on two things: means and vulnerabilities. The means are the people (including hackers), the tools (the actual means) and the cyber weapons at the attacker’s disposal. Vulnerability is the extent to which the adversary’s organisations (including the military) use the internet and networks in general.
Paradoxically, the countries (or more precisely their institutions) that use the internet the most are the most vulnerable to cyber warfare. A digital attack can range from deleting hard drives to disrupting or destroying physical objects or implanting a virus to take control of the system. Such situations can occur not only in the military sphere but also in the civilian sphere, such as the diversion of a train or commercial ships from their predetermined routes, the collapse of a dam, or attacks on electricity grids, banks, etc.
Another form of cyber warfare involves the use of communications satellites or specialised aircraft to penetrate the communications networks of command centres with operational forces (located at sea and on oceans) and insert false messages into their systems about non-existent air/naval attacks or messages diverting their navigation routes under the pretext of imminent danger. The problem of using signals from satellites or aircraft to interfere with military command systems sometimes leads to interference with civilian communications systems (on commercial vessels, passenger ships, pleasure boats and others) , resulting in the accidental striking or damage of civilian targets instead of military targets at sea or on the coast. Furthermore, the movement (navigation routes) of commercial, passenger and military vessels can be impeded or diverted by hacking into the computers that control the naval traffic system in traffic control centres. It is well known that INFORMATION (of all categories, i.e. system information, specific information necessary for decision-making, information held by the enemy about us and moral support information) is an important source of power in any field (even more so in the military) because modern warfare (unlike classical warfare) is fought FOR information, THROUGH information and AGAINST information. So, at the same time, INFORMATION is a WEAPON, a MEANS and also an OBJECTIVE. It is said that the war of the third millennium will be centred on the ‘concept’ of information. The distortion, falsification or elimination of information are decisive factors in decision-making in a command centre, communications centre, or even on board a ship engaged in naval operations or electronic warfare missions.
There is a significant difference between a cyber attack on an adversary’s communications (command posts, communications centres, communications networks) and an electronic attack. Electronic attack actions only seek to disrupt a system, while a cyber attack aims to gain some control over the adversary’s communications in order to implant false and confusing information, which is much more valuable than blocking the adversary’s communications (which is useful but there are other less effective means of communication). Information warfare plays an important role in any cyber war, because false or distorted messages can be disseminated through multiple electronic channels (radio, TV, telephone, internet) with a significant impact on all those concerned.
It is relevant that the Internet has recently provided a new and effective means of communication. Moreover, it has also become a means of combat, regardless of the environment in which it operates. Electronic information has often played a decisive role in winning wars, and there are many examples of this.
The Naval Forces have adapted to the current trend and updated their communications so that every member of a ship’s crew, for example, can use email whenever they want. This has not only made everyone’s work easier and faster, but has also improved the morale of sailors who, by the nature of their job and missions, are forced to spend months at sea. Clear rules have been established for everyone on board ships and elsewhere regarding what can be transmitted and by what means. Also, as a security measure, all emails sent are monitored and scanned, as they may contain information about the ship’s position, readiness, mission, information that can be accessed and used by the enemy for a possible attack.
Within the Naval Forces, maintenance systems for military and civilian vessels depend on internet connection networks, so the same threats apply in these situations. There are also vulnerabilities in space satellites and computer-controlled coastal/land stations. Preventing communication with these leads to the suspension of GPS navigation (with potentially major implications), weather monitoring, telephone and television networks, in short, the disruption of information.
Another form of cyber attack is the theft of valuable data (practised by some institutions and organisations of nations with cyber capabilities) from commercial, government or military websites. This is a clear form of cyber espionage. Today, the use of the Internet and the large number of networks provide much greater opportunities for espionage. In response to such situations (attacks), a series of defensive measures are required against all forms of attack, especially those of a cybernetic nature.
4. CYBER DEFENCE.
This consists of applying security measures to protect against cyber attacks on communications systems and command infrastructure. These measures require training capabilities for:
– preventing and detecting cyber attacks;
– responding to attacks and recovering from them;
– lessons learned from cyber attacks that could affect the confidentiality, integrity and credibility of information, as well as the support system and resources.
Due to the complexity of this form of defence, many nations have begun to consider cyber defence as a significant defence capability. The establishment and design of CYBER DEFENCE CAPABILITIES is highly complex in terms of technology, procedures, challenges and certain needs and requirements that make implementation even more urgent. At NATO level, a group of experts has developed a new strategic concept to accelerate efforts to respond to the dangers of cyber attacks by:
– protecting their own communications and information systems by blocking networks, isolating known vulnerabilities, standardising basic information protection and configuring firewall systems, installing antivirus software and modifying all units when a new virus appears, using intrusion detection systems, strengthening networks and setting up security centres, etc.;
– collaborating with allies to improve their ability to prevent and respond to attacks;
– developing cyber defence capabilities to effectively detect and deter such actions.
In the comprehensive analysis of existing capabilities and needs, three areas for the development of multinational cyber capability initiatives have been identified, as follows:
1. cyber information and incident management (representing the capability to manage incidents and efficiently exchange cyber security information between computer security and incident response teams);
2. cyber information situation (operational cyber defence is achieved using a variety of means and procedures including intrusion detection systems, security incident management, database vulnerability);
3. distribution to multiple collective sensors and correlation of capabilities (ensures the efficient collection, gathering, handling and correlation of a large volume of information gathered from a variety of sources, over a long period of time within one or more communications and information systems, in order to discover deficiencies identified with the traditional computer network used).
CYBERSPACE – is now widely recognised by the military as the fifth operational domain, alongside LAND, AIR, MARITIME and SPACE. Success in conventional maritime operations, but also in other domains, is possible but dependent on ensuring availability and access to CYBERSPACE.
5. CONCLUSIONS
The difficulties that will be encountered in ensuring MARITIME SECURITY against cyber attacks will probably arise from the following questions:
– Where will future attacks originate?
– What will be the motivation for cyber attacks?
-What will their objectives (targets) be?
-What will the cyber attack on our objectives consist of?
It is clear that the attackers, like us, will seek to attack the most advanced elements in the technological field, or the place where the ‘brain of the operation’ is concentrated (the command ship, the command post, the communications centre).
Recent examples in the Black Sea confirm the above. Over the past 4-5 years, we have witnessed provocative actions by the Russian Federation’s air force and navy, testing the coastal surveillance capabilities of some Black Sea littoral states. More specifically, for example, Russian military aircraft flew to the edge of Romanian airspace, leading to the scrambling of aircraft (from NATO member states – Canada and the United Kingdom) performing air policing duties in Romanian airspace. Russian military aircraft also came dangerously close to American ships and aircraft, carrying out cyber warfare actions that blocked their surveillance and command systems (actions that took place in 2011-2012 and in the summer of 2018). The American ships were in the Black Sea legally, as they were participating in joint exercises with the navies of NATO member states. However, the most recent example of a violation of international maritime law, seriously endangering maritime security in the Black Sea area, was the opening of fire in the Crimean peninsula (occupied by the Russian Federation in March 2014) on three Ukrainian ships attempting to pass through the Kerch Strait (towards the Ukrainian port of Mariupol), followed by the seizure of the ships and their crews. Regardless of the Russian Federation’s motivation, this use of force, including the use of weapons on board, constitutes an aggressive act and a deliberate escalation by Russia in its campaign to gain as much control as possible over Crimea and eastern Ukraine. The perpetuation of such situations can only lead to increased instability in the area, where Russia wants to dominate through threats, deterrent actions, and the use of force, as has already happened.
It should be noted that the same technology that brings benefits also brings vulnerabilities and options for attack. The spectrum of threats must be seen in the context of technology but also of military implications, as follows:
-conventional activities (including naval activities) rely on ensuring access to cyberspace;
-the military’s dependence on civilian cyber infrastructure is growing (even in theatres of operations);
-the military, like all people, are becoming increasingly interconnected through the use of internet technology (internet vulnerabilities affect almost every member of the military, their weapons and their actions).
The issue of MARITIME SECURITY is very complex, and existing and future solutions are and must be available to analysts and decision-makers, politicians and military personnel empowered and invested with the enforcement of legality in their respective fields of activity.
In general, naval forces are called upon, through active and proactive participation, to ensure a climate of maritime security in areas where the interests of the state require it. Success in military action does not only mean inflicting significant losses on the adversary, but also destroying the information system and, implicitly, its leadership through cyber actions.
BIBLIOGRAPHY
1. James DUNNINDAN – ‘The New Global Threat’ – Curtea Veche Publishing House, Bucharest, 2010
2. Ioan NEGRU – ‘The Contribution of the Naval Forces to Ensuring Euro-Atlantic Security in the Black Sea’ – Bucharest, 2016
3. Doctrine of the Romanian Naval Forces, Bucharest, 2010
4. Maritime Doctrine of Great Britain, London, 2010 (translation by Bocai, Domînco), Constanța, 2018