The primary role of the RAF and other military branches is to defend our country and allies from outside threats. Historically, this threat has always been tangible and located in a physical space. However, as the military and our lives have become more integrated with advanced digital technologies, new spaceless and faceless threats have evolved.
Cyber security has now become a key aspect of both internal and external defence for the MOD. As the Service invests in greater amounts of digital infrastructure, and further develops its network maps, the Service is opening itself up to new and dangerous cyber security risks, which need to be mitigated.
The RAF is particularly concerned with the threat of cyber-attacks owing to two key issues. Firstly, the RAF, and Military more broadly, is responsible for protecting some of the nation’s most important data, including contact details, troop locations, and access codes.
Secondly, and in line with the topics outlined as part of this eBook, the RAF relies on a large amount of digital technology for its everyday operations. Communication systems, navigation, and specific technologies (i.e. UAVs) rely on secure network connections for regular operation. These networks and systems are therefore vulnerable to the threat of hostile takeovers.
An example of the importance of cyber security to the RAF has been the development of the Service’s communication networks and systems, responsible for transferring operational information and mission commands in live combat scenarios.
The Royal Air Force relies heavily upon a complex network of communication, radar, and information systems around the world, to carry out local, national, and international missions. A key challenge that this presents is that these systems are vulnerable to the threat of espionage efforts and network exploitation. A further weakness is that the digital nature of the system gives hostile parties a large attack-surface to engage with, creating various weak-spots and entry points within the integrated system.
In response to this, network mapping has been undertaken to determine where the greatest weaknesses in the communication networks are, along with ‘cyber threat actor characterization’ to create profiles for relevant threats/attackers.
This combination of techniques, along with monitoring of major access points and media channels, now enables the RAF to be one step ahead of their cyber-attackers, providing the Royal Air Force with early warning systems against defence penetrations on communication networks.
The challenge for the RAF and MOD, however, is that the technology and intelligence behind cyber-threats is constantly advancing in response to increasingly powerful (and successful) cyber-security systems. There are recognised holes within the current cyber-infrastructure, which are increasing in size and number, as daily military operations become increasingly digitalised.
In line with this, the RAF are primarily focused on sourcing innovative technology and software solutions that will keep them ahead of security hackers. Being at the forefront of this development is crucial for enabling the service to function to the success it has been able to achieve in the modern era, and for protecting its global information grid.
In line with the Strategic review, the RAF and MOD are currently focused on forging relationships with companies who are disrupting cyber security and driving forward knowledge and skills within the sector. They are keen to explore how innovative and novel solutions can be best used for the benefit of the RAF, and military more widely.