Armored Against Attack
Featured in Paris: new cyber tech protecting vehicles, networks
Last year, a teenager who wasn't even old enough to drive hacked into a car's computer using $15 in parts from an electronics store. All of a sudden, he could switch on the remote starter, control the windshield wipers and even honk the horn.
The hack was part of the Battelle CyberAuto Challenge in Troy, Michigan. It was also a warning that modern cybersecurity requires far more than virus scans and strong passwords. Experts from Raytheon are working on that front, developing cybersecurity systems that reach beyond traditional IT to protect everything from vehicles to mobile devices.
At the 2015 Paris Air Show, Raytheon touted technologies like hacker-blocking systems for vehicles, along with services like those provided by the Cyber Operations and Development Evaluation Center, a lab, testing ground and simulated battlefield for cybersecurity and cyber warfare tools.
“Much of the public thinks that cyber vulnerabilities only exist on their PCs or cell phones,” said Steve Rosenblum, senior director of the CODE center, where the company ferrets out and fixes weaknesses in various devices and computerized systems. “But in today’s Internet of Things, anything with an IP address, like smart TVs, new cars, thermostats, door locks and now even watches, can be hacked if it isn’t secure.”
'Kill Drone?' Not So Fast
Raytheon's systems can keep hackers from commandeering the controls of multimillion-dollar military machinery. But to show what the system can do without banging up expensive drones, helicopters and fighter jets, the company uses two gadget-store quadcopters infected with malware. One has the security system and the other does not.
During a recent trade show, Brian Stites, a Raytheon cybersecurity specialist and former U.S. Navy cryptologist, launched the unprotected drone. As it took to the air and ran through its aerial routine, he typed the words "Kill Drone" on a PC set up to hack into the controls. The quadcopter's blades stopped instantly and it crashed to the ground.
Next, he flew the drone with Raytheon’s security system. Again, he typed “Kill Drone.”
He tried again.
Still nothing. The drone stayed aloft.
The system works by learning what a computer system looks like normally, then using that information to detect anomalies, intrusions and tampering. If something seems off, the system can tell the equipment to ignore potentially harmful commands.
As hacking tools – and the hackers who use them – become more sophisticated, the array of cyber targets is growing beyond military hardware. Electronic equipment built in the '80s, '90s and '00s was designed to be reliable and redundant – not necessarily safe from cyber attack.
“The mechanisms for attack will not follow traditional routes, and the vectors of attack can come from anywhere,” Stites said. “Twenty years ago, if you wanted to stop an aircraft carrier from deploying, you’d have to send a submarine close to it, find the carrier with your radar, and launch an anti-ship missile at it.”
“In the Internet of Things, stopping an aircraft carrier from shipping out may be as simple as hacking the company that delivers the food to the ship, or making sure the toilet paper isn’t delivered,” Stites said.
Cyber Crash Testing
When Raytheon builds radars and weapons systems for the military, they go through a rigorous battery of tests and production milestones to ensure they work as intended, in real-world conditions. The same principle applies to cybersecurity technology. At Raytheon's Cyber Operations and Development Evaluation center, experts expose systems and equipment to realistic nation-state cyber attacks with the latest tools, techniques and malware.
“Raytheon is well aware of the many serious cyber threats in the world today,” said Bill Leigher, Advanced Solutions director at Raytheon’s Intelligence, Information and Services business. “For many years, Raytheon has ensured that when a piece of its equipment is under cyberattack on the battlefield that it works as advertised and our warfighters are able to continue to execute their missions.”
The good news, Rosenblum said, is that the CODE center tests equipment and components before they’re even built. “We’re checking for vulnerabilities during the initial design phases, so the final product is much more cyber resilient when it’s fielded,” he said.
Rosenblum warned that even if equipment has been protected against today’s threats, it may not be secure tomorrow. He said adversaries are constantly changing tactics and developing more sophisticated tools.
“Raytheon’s cyber-defenses are every bit as fluid and ever-changing,” he said.
Last Updated: 06/22/2015