Absolute network and device integrity is key to all of this.
A platoon of war fighters is slowly advancing through hostile terrain. They’ve studied their enemy and their environment. They know what to look for, and what to look out for.
Or, so they think. Unbeknownst to the soldiers, their movements are being tracked and closely monitored — not by drones or other visible apparatuses, but by trees, flowers and other parts of the landscape.
This may sound like science fiction, but for the U.S. military, it’s quickly becoming reality. The Internet of Things (IoT) — which itself seemed like a concept that author Arthur C. Clarke may have devised — is advancing into the theater of war and becoming the Internet of Battlefield Things (IoBT).
Planning for the IoBT
The U.S. Army Research Laboratory is devising ways to turn inanimate and innocuous objects, including plants and stones, into connected information gathering points. This work complements initiatives undertaken by the Defense Advanced Research Projects Agency to provide war fighters and their commanders with critical information through the innovative use of smartphones, floating sensors and more. It also recently began working with leading universities on an initiative called the Alliance for Internet Battlefield Things Research on Evolving Intelligent Goal-driven Networks (IoBT REIGN) to bring more IoBT technologies to the Army.
While the work being done can offer enormous and unparalleled potential for a better-informed military, the amount of data produced by these can create significant challenges. In fact, according to a report from the IEEE Computer Society, the IoBT will lead to “an unprecedented scale of information produced by the network sensors and computing units.” Already overtaxed and undermanned, some IT [Cyber Warrior] teams may be about to meet one of their greatest challenges. As they prepare, here are some things they should consider.
Monitoring the monitors
Ensuring the security of IoBT networks will most likely be unchartered territory for network administrators. The military will not control nontraditional IoBT sensors or their pathways (it’s hard to control a rock, for example). Also, enemies could use similar tactics and their own unorthodox devices to breach U.S. defense networks.
Gaining greater visibility into the devices and connections using these networks will be more important than ever. Automated tools that scan and alert to suspicious devices will likely prove invaluable to ensuring that only devices deemed secure are gaining access to their IoBT networks. These devices must be automatically tracked and monitored throughout the networks. Watch lists should be established to account for rogue or unauthorized devices and sensors.
The IoBT, much like the IoT, will prove too vast and complex for human reaction to every potential security threat. Ultimately, the goal should be to create an intelligent and automated network of devices that can respond to potential threats or service interruptions with minimal input from an operator.
Ready for change
Networks are evolutionary, not revolutionary. Change can happen over time, but also quickly, so employees should prepare.
Employees, despite what we think, may not be adequately prepared. A 2018 SolarWinds public-sector IT trends report found that a large portion of survey respondents ranked inadequate organizational strategy and lack of user training as barriers to network optimization. What happens when something as complex as IoBT management is thrown into the mix? It’s easy to quickly discard terms like IoBT and IoT, as this is really an extension of the network itself. What we should remain cognizant of, is that the size and complexity of these networks changes quickly — and the devices on these networks are becoming diverse.
Complex networks may [do] require a holistic approach to security across the entire organization. Policies and procedures formulated at the top should be clearly articulated to define what constitutes a potential risk and how to report it. Just like an airport traveler who sees a suspicious package, military IT pros can be trained and reminded about vigilance, or as the old adage goes, “If you see something, say something” — equally important, they should know exactly who to say it to.
IT teams need to be properly trained on network security solutions. In addition to understanding the features and functions of their tools, they should continuously evaluate and reevaluate these tools to ensure they are adequate to address their security concerns and network complexity. Like networks, threat vectors are also evolutionary, and can change quickly. Regular testing of network tools and adjusting security protocols are important to a healthy, proactive, and robust security posture.
Winning the battle
The IoBT may seem like something straight out of “Starship Troopers,” but it is very real, and is evolving rapidly. While it’s likely IT administrators will not begin to see the full impact from this program for a few years, there is no time like the present to prepare. The IoT will likely only become more pervasive. Soon, it will hit the battlefield, so administrators can benefit from getting ahead of the challenge now.