A recent study by Lancaster University, The Future of Maritime Cyber Security, has found that Britain’s aircraft carriers and warships are at risk due to their reliance on ageing software. The research team has warned that the Royal Navy and it’s international allies need to “fundamentally rethink” how they use technology on warships, as the software being used has a far shorter lifespan than the ships and aircraft carriers themselves. As such, new cyber defense strategies need to be implemented and Navy personnel trained in how to be secure online.
All cyber attacks have their consequences and how far reaching the effects are clearly varies from case to case. One thing I think we can all agree on though, is the havoc that would be wrought should the Navy come under attack. While our armed forces are well acquainted with defending against the enemy, in the cyber world it can be far more challenging to determine exactly who that enemy is, and what they are doing.
We live in an age where the use of Advanced Persistent Threats (APTs) is on the rise, which, by nature, are often left unidentified for years. The researchers from Lancaster are quite right to point out that the armed forces’ aircraft and warships are built to last, while the software is not. However, all software is effectively under threat as soon as it is deployed, and understanding that is key for every organization—armed forces or otherwise.
The solution is not necessarily to constantly deploy new software to combat the risk—that just leads to a tedious game of cat and mouse. Instead, it is imperative to constantly monitor the network for unusual activity in order to identify suspicious behaviour as quickly as possible. The Navy is no stranger to intelligence—the more information you have, the better position you are in to defend yourself—and it is no different when it comes to cyber security. For all of us, it is a case of when, not if, an attack takes place, but with the right security intelligence measures in place, the risk can be minimized.