Not long ago, if your computer network was cut off from the Internet, devoid of wireless routers and hunkered behind locked doors, you were safe.
But not anymore.
Several U.S. industry and military labs are improving the deciphering of the 1s and 0s that traverse these carefully guarded networks, and finding ways to inject data and infect systems with destructive viruses — “jumping the gap” into an ironclad network.
The progress in adding information to a network begins a new chapter in cyberwarfare, and the U.S. Army is looking to test the scientists’ handiwork. This new chapter also shows how longstanding research on the physical science of electromagnetic fields and radio frequencies is coming into play in the realm of cyberwarfare, an area typically focused on software.
The Army’s Intelligence and Information Warfare Directorate (I2WD) hosted a classified planning day Nov. 28. Sixty entities attended to discuss what can be done in the realm of electronic warfare and cyber, according to a source familiar with the program.
The roughly half-dozen objectives of the Tactical Electromagnetic Cyber Warfare Demonstrator program are classified, but the source said the program is designed to demonstrate ready-made boxes that can perform a variety of tasks, including inserting and extracting data from sealed, wired networks.
Being able to jump the gap provides all kinds of opportunities, since an operator doesn’t need to compromise the physical security of a facility to reach networks not connected to the Internet. Proximity remains an issue, experts said, but if a vehicle can be brought within range of a network, both insertion and eavesdropping are possible.
The Army program is designed specifically to test capabilities for air and ground platforms, according to an invitation to an information day on the program released by I2WD. The invitation does not provide details on the specific targets for the program, instead including several buzzwords and encouraging attendance.
The program, which will consist of a series of demonstrations roughly every three months for the next two years, will test a variety of electronic warfare (EW) capabilities, said Moses Mingle, branch chief of the EW systems ground branch at I2WD.
“It’s not a system, it’s a demonstration platform,” Mingle said. “Basically, we’re vetting systems concepts, tactical EW cyber scenarios that could be deployed in the future.”
Asked if one of the objectives is to demonstrate a system that could jump the gap and access systems remotely, Mingle declined to go into detail, citing classification issues, but said, “That’s a part of it, but not all of it.”
The source said the other objectives were more typical fare, including counter-improvised explosive device efforts. But the convergence of cyber capabilities and EW in the form of a box that provides easy access to a sealed network is likely the most sensitive aspect, given the questions surrounding the legality of certain cyber attacks and continued secrecy in the area, the source said.
Concerns about outsiders eavesdropping aren’t new, as various intelligence agencies became increasingly worried in the 1980s with what are called compromising emanations, the electromagnetic field distortions that give away electronic activity. The study of the emanations was code-named TEMPEST, and led to a variety of efforts to shield systems. Researchers found that keystrokes could be detected from signals sent from keyboards to computer units, as well as information on a monitor.
And while the detection of these disturbances has become increasingly sophisticated, with systems able to pick out signals from greater distances with greater clarity, advances in the insertion of data using radio frequencies are gaining special attention.
The ability to add data still has limitations, mainly proximity and bandwidth, experts said. At current levels, complex data can take extended periods to insert.
Experts declined to provide full specifics on data transfer rates and range, citing the classified status of the capabilities and national security issues. But the possibilities are being explored as the U.S. military increasingly recognizes the potential of cyber weapons in operations.
The actual technology that allows for the insertion of data isn’t novel, said retired Air Force Maj. Gen. Dale Meyerrose, former associate director of national intelligence.
“This is old technology,” he said. “The technology itself isn’t new, but the application of the technology is new, and the software running the technology on some of these devices is new.”
Meyerrose, who runs the Meyerrose Group, said connecting to closed networks using radio frequencies is about five years old, but some of the complications of cyber, including legal authority, have slowed progress.
“This could be used to drop a Trojan into a system,” he said. “Like everything else in cyber, there are not a lot of legal parameters. Like everything else in cyber, our legal system is about 20 years behind.”
The recognition that electronic warfare methods can be critical for future cyber application is clearly making its way up the leadership chain. Senior Pentagon officials are increasingly emphasizing the need for the U.S. to control the electromagnetic spectrum in the future, without going into specifics.
At a recent event at the Naval Surface Warfare Center’s Crane Division in Crane, Ind., Adm. Jon Greenert, chief of naval operations, made the case.
“We have to understand better the electromagnetic spectrum,” he said. “Cyber, our radar and communication, everything. If you control the electromagnetic spectrum, you control the fight.
Editor’s note: Staff writer Aram Roston contributed to this report.