A blog by our CTO Dr Andy Lilly as part of techUK’s Defence Technology Week
Use of mobile phones has transformed communication, a crucial element of C4ISR. However, for all the impressive technology in such a tiny device, it opens up military/defence organisations to a range of potential attack vectors including: IMSI catchers, fake basestations, AI/deepfake impersonation attacks, as well as unsanctioned consumer apps on BYOD devices, any of which could result in leakage of time/mission critical data.
Attacks using old technology still highly effective
Fake base stations and IMSI catchers are an old attack vector, but still in use today and catching out the unwary. This is where mobile phones are ‘fooled’ into locking on to the strongest antenna signal from a fake basestation which then negotiates reduced encryption standards that are easily cracked.
A recent investigation indicated that enemy forces are using this very method via transportable antenna (fake basestations launched via drones) to access data sent by devices, and in some cases to erase information held on phones. As long ago as 2017 soldiers were reporting ‘strange things’ happening to their phones such as contacts disappearing. Indeed, troops and those travelling in ‘unfriendly regimes’ should beware of posting content online, even to restricted profiles visible only to friends, because such posts can easily be accessed by uninvited third parties.
In early March the BBC reported that a European government admitted to a hack of a military meeting where officers discussed use of long-range missiles, and their possible targets. https://www.bbc.co.uk/news/world-europe-68457087. The hack was helped in part by the fact that the participants were not using a secure communications channel.
AI generated impersonation-based attacks an increasing threat
The growth of artificial intelligence (AI) generated deepfakes for impersonation-based attacks is becoming more prevalent. Video calls are becoming so believable that in February a finance worker in a multinational company was duped into paying out $25 million after a video call with a deepfake chief financial officer. Not only was the CFO on the call a deepfake, so were all the other participants, all of whom were known to the finance worker.
Identity-based encryption – know who you are communicating with
One way that military organisations, or any other organisation for that matter, can protect against these threats is to use a secure communications platform that utilises identity-based encryption. Protocols such as the NCSC’s MIKEY-SAKKE ensure that people can be confident that they are communicating with who they think they are and not an impostor, however clever their fakery.
As these recent attacks demonstrate all too vividly, organisations of every shape and size in both public and commercial sectors need to take the cyber security of their communications seriously. This means banning the use of unsanctioned shadow IT for business purposes. A built-for-purpose, Secure by Design (SbD) secure comms platform can provide an engaging user experience to rival any consumer app, plus the ability to manage and control the organisation’s data centrally.
Protect data sovereignty
Whether deployed on-premises (on in-house servers), or as a secure hosted solution, an enterprise-grade secure comms platform that covers voice calls, instant messaging and video conferencing ensures data sovereignty. This is where data stays on sovereign soil, something that some tech giants can’t guarantee, even for UK Government users. It also ensures data separation, no mixing of data, be that of different classifications of data, or business and personal, even on BYOD devices.
In short, a secure communications platform can protect military and other sensitive communications even in hostile conditions. Users and their data are managed centrally, meaning users can be confident that they are communicating with who they think they are, and not an adversary.
