IoT connected soldiers were found vulnerable to a sophisticated cyber attack that disrupted communications during a mock cyber security drill conducted by the Ministry of Defence.
The government aims to conduct regular cyber security challenges to make the military capable of defending its IoT systems from cyber threats.
A mock cyber security drill organised by the Ministry of Defence, Her Majesty’s Government Communications Centre (HMGCC), and defence major BAE Systems involved cyber security amateurs simultaneously attacking and defending IoT connected soldiers by simulating live conditions.
A team of experts was tasked with conducting a man-in-the-middle cyber attack on communications equipment carried by soldiers to disrupt communications and to intercept them. Another team was entrusted with battling the cyber attack and protecting communication lines.
The drill ended when hackers were able to successfully intercept communications, causing loss of contact among the soldiers. Similar attacks during real-time hostile situations can leave the military seriously vulnerable to cyber threats and incapable of winning battles.
“Cybercrime affects all organisations, whether that’s corporations, charities or even the military. Our events represent the scenarios that cyber security experts in the field could experience on a day-to-day basis, and the types of attacks they could come up against,” said Nigel Harrison, acting Chief Executive of Cyber Security Challenge UK.
The drill is part of the government’s ambition to secure the military’s cyber systems from potential threats in the near term. Aside from conducting cyber security challenges, the government has also poured in £265 million in funding to modernise the military’s cyber assets.
“Training, real-life experience and education are essential to develop future cyber security professionals. Working on programmes such as this puts us at the heart of finding the best talent, helping organisations stay safe from digital threats,” said Cathy Sutherland, Director for National Security at BAE Systems.
According to Her Majesty’s Government Communications Centre, initiatives such as the Cyber Security Challenge UK will help the government sustain design and delivery of communication systems and technical solutions to protect national security at home and overseas.
Back in June, British American Security Information Council warned that the UK’s fleet of four Vanguard-class nuclear submarines is vulnerable to cyber-attacks that could lead to a catastrophic exchange of nuclear warheads.
A research paper published by the Council stated that existing cyber-security capabilities are at present outmatched by an ‘exponential growth in the complexity of cyber-attack techniques. It added that submarines are vulnerable to malware injection during manufacturing, mid-life refurbishment or software updates.
“Future weaponized underwater drones may facilitate close proximity kinetic and cyber-attacks on ballistic missile submarines (SSBNs). Advanced nano and bionic technologies such as implantable and subdermal data storage and communication devices may be smuggled into the vessel and activated autonomously, manually or remotely,” the Council warned.
A Trident missile failure during testing last year forced the government to announce the replacement of the four Vanguard-class nuclear submarines at a cost of £40bn. It is expected that the newer versions will feature enhanced cyber protection, more resilient IT systems and up-to-date assessments of cyber threats.