We have seen a fraction of what is possible through network attacks in conflict. Sprawling espionage campaigns and occasional attacks against industrial control systems only teach us so much. Public perspective on the likely face of cyber-warfare has been manipulated by limited exposure to actual attacks and a perspective bias from available data. When military conflict eventually erupts between major players, they will look to target ships, planes, missile systems, and the networks that fuel their sensors, communication, and targeting. It is crucial to discuss how such attacks are possible and what they could achieve.
This talk will explore how the modern military is information security’s worst nightmare. In particular, we will focus on the US military and its decades-old, globe-spanning operational networks powering weapons designed by a dozen low-bidding contractors with enormous supply chains. Weapons must be remotely targeted, operated and maintained thousands of miles from home, and potentially work both over civilian and military infrastructure. For an attacker, that is an incredible playing field.
The talk tackles specific examples such as the US Navy’s Littoral Combat Ship, the F-35, and military satellite comms. We will explore their design vulnerabilities, opportunities for compromise, and how they may be attacked for operational gain during – or right before - conflict.