5G is often touted for its consumer benefits. Everything from better, more reliable cell phone service to the proliferation of self-driving cars are made possible with 5G. However, the high speed, greater bandwidth, and lower latency of the 5G network are also ideal for various military and defense applications.
The DoD recognizes 5G as a game changer and has invested significant time, money, and resources into the development of the technology and the devices that will use it. In fact, the military has volunteered its bases as 5G testing grounds for US companies to help accelerate development. In June, the DoD announced seven new sites for a second round of 5G technology testing and experimentation, bringing the total number of military installations working on 5G to twelve.
Further emphasizing the DoD’s interest in 5G, they recently announced the 5G-to-XG initative which is an effort to partner with organizations in the private sector to accelerate 5G technology development. This initiative initially received $52 million of funding in 2019, but as of 2020 has received almost ten times that amount in funding to continue their 5G testing and experimentation efforts.
More connectivity streamlines processes and provides enhanced safety
As part of the DoD’s 5G strategy, Air Force bases will be wired with 5G infrastructure, bringing a new level of connectivity to fighter jets. By enabling advanced mobile applications in and around the cockpit, flight operations and maintenance teams will be able to leverage secure tablets to view real-time inventory and schematics, better utilize spare parts, and manage aircraft diagnostic solutions. These 5G-connected tablets will help with everything from ensuring safer, better maintained aircrafts to eliminating the need to use paper in flight. In fact, it is estimated that by switching to a mobile tablet, aircrafts can eliminate the approximately 120 pounds of paper, amounting to almost $780,000 in fuel cost savings, alone.
In addition to 5G-connected fighter jets, the Air Force operates and protects satellites that will eventually be part of the 5G infrastructure, if they’re not already. Those satellites are key components in the United States' early warning systems, detecting everything from missile and space launches, to nuclear detonations. These satellites will need to keep up with the threats they are meant to detect, and the speed and bandwidth of 5G will help achieve that.
More reliance on software increases security vulnerabilities
Prior to 5G, installing perimeter defenses, like a firewall, was considered a sufficient cybersecurity strategy. It was assumed that as long as perimeter protections were put in place, everything operating inside those perimeters was secure. With the introduction of 5G, that primitive defense model is no longer enough.
More often than not, the cybersecurity discussion swirls around Chinese 5G provider Huawei, and their potential ability to use their 5G infrastructure equipment to facilitate espionage for the Chinese government. Huawei designs and manufactures the equipment that controls how and where data shared over 5G is sent, as well as radio antennas and devices that live on the edge. Essentially, the company provides core equipment that touches virtually every piece of data shared over the network, and many governments see this as a huge national security risk.
However, many argue the greatest 5G security risk does not lie within Huawei and its potential for espionage using its core hardware, but the software-based nature of 5G that brings its fast speeds and greater bandwidth. It is this move from the centralized hardware-based network of previous generations to a distributed software-based nature of 5G that may actually be the greater threat. Tom Wheeler, former chairman of the FCC, and David Simpson, Chief of the FCC Public Safety and Homeland Security Bureau, highlighted the grave potential for disaster if the issue remains unaddressed.
If we focus all our attention on the hypothetical security risks posed by Huawei and do nothing to address the already-proven existence of the software vulnerabilities in 5G, we could be leaving an open door for attackers to exploit those vulnerabilities and turn them into cyberattacks. Software, as we all know, is never going to be perfect, and bugs in code will always exist. In fact, it has been proven time and again that there are anywhere from 15 to 50 bugs per 1,000 lines of code This means that 5G is potentially riddled with millions and millions of security vulnerabilities that could be turned into exploits by an attacker.
Providing security when Zero-Trust isn’t possible
In response to the obvious danger posed by the network and its software vulnerabilities, a defense-in-depth strategy is absolutely necessary when operating in 5G. If the network itself cannot be trusted, each and every device that is connected to 5G must have next-level security.
This strategy of assuming the network should never be trusted is known as zero-trust architecture. Zero-trust architecture means that all users are treated as potential threats, and should be prevented from accessing data and resources until the users can be properly authenticated and authorized.
Unfortunately, when working in unknown environments, zero-trust is not always possible. Oftentimes, devices will have to “operate through” a congested and contested spectrum. This means that data will be collected and shared through potentially insecure or compromised networks. This is where encryption and fine-grained authentication is necessary to ensure that all confidential and top secret information that is shared on these networks is never compromised.
There are a number of ways the DoD intends to achieve the high level of security 5G demands, all of which are outlined in the Secure 5G and Beyond Act. Passed by Congress in March 2020, the Secure 5G and Beyond Act, requires the President to develop a strategy to secure and protect US 5G (and future generations) systems and infrastructure. Section four of the bill is a strategy implementation plan which outlines each step necessary to secure 5G.
The plan requires the President to identify and evaluate the security threats and vulnerabilities in all aspects of 5G, including the infrastructure, systems, and software. The plan also calls for a set of security standards to be developed, which all 5G-connected devices would need to meet, including military devices.
As we’ve established zero-trust is not always possible, especially in a 5G environment, and complex software is always going to contain vulnerabilities, so what can the DoD do to protect against this? That’s where Dover’s CoreGuard technology comes in—it can secure 5G devices, systems, and infrastructure against the inherent software vulnerabilities that exist in the software they run. CoreGuard is specifically designed to immunize systems against the exploitation of entire classes of software vulnerabilities.
When operating through unknown environments, encryption and fine-grained authentication is a must-have. However, both encryption and authentication are software solutions to a cybersecurity problem, and can still be vulnerable to attack.
As recently as February 2020, a security vulnerability, called Kr00k, was found in Broadcom and Cypress WiFi chips that would allow an attacker to completely bypass the encryption functions on the chip. The bug, when exploited, would force the devices into a dissociated state, receive WiFi packets meant for the corrupted device, and then use the bug to decrypt WiFi traffic.
With CoreGuard protecting the device, Kr00k would never have the opportunity to be exploited or cause any damage. CoreGuard’s Confidentiality micropolicy guarantees that the encryption function is called when it is supposed to be and cannot be bypassed, ensuring no private data is sent outside the system without first being encrypted.
This micropolicy works with a three step approach:
1. First, the micropolicy labels all private data as private, while all output locations are labeled as “public.”
2. A trusted encryption function is identified, and if any data labeled as private exits that entrusted encryption function, that private tag is also removed. In other words, that encrypted, previously private information, is no longer considered private and allowed to leave the system. As data flows through a system by being copied from one region of memory to another, any data tagged as private will keep that tag unless and/or until it is declassified by exiting the entrusted encryption function.
3. Ensures that a check is called when data is copied to a memory location tagged as public to check if the data being copied is labeled as private or public. If data labeled as private is attempted to be copied to a public location, CoreGuard will issue a violation and block the instruction from executing.
5G Military applications require real-time cyberattack detection & response
CoreGuard’s real-time response is particularly important in securing military applications. Just like the hypersonic weapons will require a detection system with a split-second reaction time, the cybersecurity defenses implemented in military applications need to be able to stop a cyberattack in real-time, at the byte-level.
Inside a CoreGuard micropolicy violation, not only does it indicate what the violating action was—like trying to write to a place in memory that is marked as read-only—but it also shows the exact program counter where the violation occurred and therefore the precise line in the source code where the error should be fixed. So CoreGuard stops the attack when it happens, before damage can be done and enables you to fix the error in the code to permanently eliminate that vulnerability for the future.
Perhaps even more crucial than detecting a potential cyberattack, is responding to a cyberattack. In a CoreGuard-protected system, once an attack is detected, a pre-programmed response can then be triggered. That response can be customized depending on the system it’s protecting. There may be some scenarios wherein simply logging the attack and continuing the application is all that’s needed, or perhaps the system needs to be shut down and restarted.
Of course, there are plenty more scenarios where killing the application could be disastrous. If a military drone flying over enemy territory is hacked, it cannot be restarted mid-flight. Instead our recommended response, in this case, would be to switch to an alternate safe application that can take over in the event of a cyberattack. This would stop the drone from listening to the network, pull the GPS coordinates to the drone’s home base from a secure location in memory, and then instruct the drone to fly safely there.
It is not a novel concept to say that military and defense environments require best in class cybersecurity. When it comes to issues of national security and human safety, protecting against potential cyberattacks is not an option, it’s a requirement. With 5G entering the picture, bringing its many cyber-risks with it, the need for better security has never been greater.
CoreGuard secures 5G-connected systems and devices, including those in the military space, by preventing the exploitation of software vulnerabilities, immunizing processors against entire classes of attacks, and enabling real-time response.
To learn more about how CoreGuard provides the next-level security required for military applications in 5G, request a demo today.