This is further supported by a brief mention of the threat cyber attacks posed to the entire Stryker family in DOT&E’s annual review of activities for the 2019 Fiscal Year. “Government testing revealed cybersecurity vulnerabilities,” that report said bluntly. The reports for both the 2018 and 2019 Fiscal Years both recommended actions to “Correct or mitigate cyber vulnerabilities.” It’s interesting to note that the 2019 Fiscal Year ended on Sept. 30 of that year, the same month that Shift5 says it first pitched its cybersecurity kits for the Strykers to the Army.
It’s also still not clear who the “adversaries” mentioned in the DOT&E report for the 2018 Fiscal Year were and where those apparent attacks occurred. It remains very possible that this was a reference to Russian forces in Europe, who have been linked to cyber and electronic warfare attacks in the region, including against U.S. troops, in the past. Russia has carried out electronic warfare attacks on U.S. military aircraft and drones in Syria.
Although it seems less likely, it may also have been a reference to American troops playing the role of adversaries, also known as the Opposing Force (OPFOR), during training. We know that the Army has been increasingly working to integrate electronic and cyber warfare attacks into exercises, and rightly so as it will only become more likely that U.S. forces will experience these kinds of threats during actual operations around the world as time goes on.
The scope of what cyber warfare encompasses on the battlefield will expand, as well. As it stands now, Russia and China, among others, have demonstrated the ability to spoof, as well as generally interfere with satellite navigation systems, which could impact the ability of U.S. forces on the ground, as well as in the air and at sea, to maneuver and determine the accurate position of other friendly forces. At the very least, it could disrupt commercial support infrastructure that would be critical to any war effort.
There have also been reports for years now that some cyber warfare attacks are capable of commanding certain systems to perform various tasks, such as pointing radars in the wrong direction, or just crashing their software and disabling their hardware components, remotely. Industrial controls, in general, are a known risk. There is also the risk of vulnerabilities that a hostile actor could exploit to gain access to sensitive networks and the data therein.
A 2018 report from the Government Accountability Office (GAO), a Congressional watchdog, highlighted digital radios, radar receivers, and other wireless links as potential vectors for cybersecurity attacks on American weapon systems. These were in addition to more physical pathways to gaining access to systems or networks, such as USB and other ports on computers and other pieces of equipment, and getting hardware that has been tampered with in some way into the supply chain.
It’s good that the Army is finally working to harden its Strykers against these kinds of threats, but how long it has taken to just begin prototyping these cybersecurity kits shows that there is still much work to be done.
Contact the author: email@example.com