Emerging technologies in the communications and electronics sector
should be exploited to fight the war on terrorism, said U.S. officials.
“We need to use all instruments of national power,”
said Air Force Gen. Richard B. Myers, chairman of the Joint Chiefs
of Staff. At a conference of the Armed Forces Communications and
Electronics Association, Myers explained that as the United States’
means of acquiring information increases, so does its intelligence.
“We hear from some law enforcement official in London, who
has seen something, or someone makes an arrest in Morocco. Pretty
soon you start to piece this together and connect the dots, and
you can take action against financial networks, against the leadership,
or take actions to disrupt the weapons flow,” he said. Myers
explained that it is currently an arduous process to “put
it all together,” but with new capabilities and technologies,
“we can make the cycle go much faster,” he said.
“If you think it’s true that this is the most important
thing those of us in uniform have ever done … then we also
have got to expect to make some sacrifices,” and work harder
to thwart another attack, he said.
Shoring up technology in the areas of fiber optics, computer programs,
biometrics and network-centric warfare improvements, companies are
working to market new products to the Defense Department and U.S.
allies.
News reports about al Qaeda’s attempts to launch cyber-attacks
are likely to spur business opportunities for the network-security
industry. Opterna, a Quakertown, Pa.-based company that manufactures
fiber optic network equipment, has developed a new technology that
can prevent an intrusion based on the hacker’s attempt to
log onto the network from the fiber optic line, before the intruder
even reaches the network. Opterna’s Fiber Sentinel system
uses artificial intelligence and optical digital signature recognition
to monitor fiber connections, and can detect and deal with intrusions,
said Michael Cohen, vice president of Global Marketing for Opterna.
“We have seen a tremendous upsurge in interest among government
and military customers for a system that can eliminate their fiber
optic network vulnerabilities,” said Bret Matz, Opterna’s
president.
After detecting the intrusion, Fiber Sentinel denies access to
the intruder, simultaneously re-routes legitimate traffic to a backup
fiber path and then notifies the network operator of the intrusion.
The system, which has no known competitor, provides continuous,
real-time monitoring of the network connections without any disruption
of the data stream, said Cohen. Fiber Sentinel identifies such intrusions
as Trojan Horses, worms, denial-of-service attacks and other hacking
attempts, he said. “The system shuts down the hacker’s
path in milliseconds.”
The company recently completed a proof-of-concept study for the
Fiber Sentinel system, and has had favorable reviews from the military
users, Cohen said. “Our target markets are embassies, financial
services communities, air traffic controllers, the Defense Department,
Border Patrol and the White House Communication Agency.” Other
potential customers are companies concerned about industrial espionage,
he said.
Denial-of-Service Attacks
Denial-of-service attacks on computer networks can result in a complete
network shutdown, which can cost companies a lot of money and time.
“In the national defense business, you’ve got people
in the battlefield,” said Ted Julian, chief strategist and
co-founder of Arbor Networks, a two-year-old small business based
in Lexington, Mass.
“A few minutes of them having no information is completely
unacceptable. It’s literally a life or death scenario,”
he said.
Arbor Networks is commercializing a program whose underlying technology
was developed at the University of Michigan, with funding from the
Defense Advanced Research Projects Agency. The company’s flagship
product, Peakflow, helps detect, trace and filter denial of service
attacks. Usually, once a denial-of-service attack occurs, network
operators need to be on hand to get the system back up.
Denial-of-service attacks are not difficult to detect. “If
there’s one thing nice about a denial of service attack, it’s
that it’s not subtle, it’s like a freight train crashing
through your network,” said Julian.
Peakflow proactively monitors for distributed threats within the
network, and responds with focused, rapid resolution of attacks.
Network engineers can direct the program to shut down attack traffic,
without blocking legitimate traffic, said David Olverson, an Arbor
Networks senior product engineer.
“Given the dynamic nature of denial-of-service attacks, we
sought an anomaly-based solution that would enable us to proactively
detect and respond to both known and previously unseen threats,”
said Girish Pathak, vice president and chief technology officer
for a Canadian communications company called Telus. Telus chose
Peakflow “for its scalable, non-intrusive architecture,”
he said.
Julian explained that it’s easy to launch a denial of service
attack.
“There are thousands of sites on the net that have point
and click tools to teach you how to launch a denial of service attack.
The level of sophistication required to launch these is minimal,”
he said. “Peakflow filters information closer to the source.
It automates detection, tracing and filtering so that it goes from
taking a day or so to a minute or two.”
Anti-virus systems are usually signature-based, Julian said. Programs
usually look for signatures to defend against attacks. “Peakflow
uses algorithms to flag when things aren’t normal and to tell
you exactly how they’re not normal,” he said.
One other technology that is gaining attention in the security
business is biometrics.
Biometrics technologies are based on the notion that measurable
physical characteristics or personal behavior traits can be used
to recognize the identity or verify the claimed identity of an individual.
Examples include speaker verification, iris scans, fingerprints,
hand geometry and facial recognition.
In 2000, the Defense Department designated the Army as the executive
agent for developing and implementing biometrics technology. The
Biometrics Management Office currently is testing technologies for
potential adoption.
Firms such as Biodentity, based in Ottawa, Canada, are in the process
of developing facial-recognition software. It recently secured a
$7 million deal with Germany to install a face-recognition security
system. The Defense Department Biometrics Management Office has
yet to purchase any systems, but is evaluating new technologies
at the Biometrics Fusion Center, based in Bridgeport, W. Va.
“The BMO is directed by Congress to lead, consolidate and
coordinate the development, adoption and institutionalization of
biometric technologies throughout DOD,” said Linda Dean, director
of the Army’s C4 Enabling Technologies Directorate.
Network-Centric Warfare
Protecting information is a top priority for military agencies and
units in the field, officials said. “We are beginning to connect
data in ways we couldn’t do before,” said Air Force
Maj. Gen. Charlie Croom, vice director for C4I systems on the Joint
Staff.
The soldier fighting in the mud is a sensor, and there is information
that he sees that others need to know, Croom said. “With network-centric
warfare, we think like a street gang, swarm like a soccer team,
and communicate like a Wal-Mart.”
“We are enabling our war fighter through actionable information,”
tying together logistics, intelligence and C4ISR, said Army Maj.
Gen. Steve Boutelle, director of information operations, networks
and space at Army headquarters. “We need to marry up ground-based
terrestrial infrastructure with air-breathers, to only give the
warfighter information that is actionable,” he said.
Security remains a problem, even when dealing with allies, said
Rick Rosenberg, program executive for the Navy-Marine Corps Intranet.
“We don’t yet have the technology to fully connect an
ally and still protect our secrets. We fight wars with our allies;
obviously, we’d like to see them on our networks. But there
is some information on our networks that we don’t want them
to see. So we do it through a family of guarding solutions,”
he said.