5 ways you might not expect to be cyber-attacked, and how we mitigate them

22 October 2018
2017_petya_cyberattack_screenshot.jpg

It is no exaggeration to say that cyberwarfare represents the single most significant threat to the military today. Pervasive and persistent cyberthreats continue to emerge from a broad range of sources: unfriendly governments, terrorist organizations, disenchanted pressure groups, criminal gangs – and even lonely hackers.

The following are the five threats that we see as a significant supplier to defense organization and how we’re addressing them.

Security of manufacture

The recent revelation by Bloomberg that embedded computing boards produced off-shore had been tampered with via the insertion of silicon designed to enable the board to create a stealth doorway into any network that included it was as shocking as it was, perhaps, predictable. Even if Bloomberg’s allegations prove to be untrue – both Amazon and Apple have denied them - and there are not thousands of compromised boards out there, the potential for such a hardware-based cyberattack unquestionably exists.

And: it’s not just the likes of Apple. According to investment managers Spruce Point Capital Management, at least one major embedded computing supplier to the military may be affected: its boards are manufactured offshore by Supermicro, the company named in the Bloomberg report as being the supplier to Amazon and Apple.   

That’s perhaps the most important reason why we manufacture our single board computers in-house at our secure, government-approved facilities. Inside our facilities, we have total control over the entire build process – from goods received up to our customer shipments – to eliminate the malicious alteration of board circuitry.

Counterfeit components

Some 50% of electronics distributors say they have encountered counterfeit parts. The most common perception of such parts is that they can compromise reliability – which is, of course, wholly unacceptable in mission critical systems. Less widely understood is the potential these parts have for malignant functionality having been designed into them – functionality that could disable a weapons system, mine sensitive data or intercept top secret communications.

At Abaco, we have the most rigorous processes in place to identify and eliminate counterfeit parts from the supply chain – processes that are fully compliant with industry standards including AS5553B. The tests we perform include, but aren’t limited to, package permanency markings; X-ray difference detection; identification of reclaimed (cleaned, re-balled) parts; and parts marking variances.

Supplier qualification

For the unsuspecting and unprepared, there are numerous unqualified suppliers of electronic components. Even with authorized distributors and brokers – not all are created equal. It is a potentially profitable business to be in – and can attract the unscrupulous or just the well-meaning but ill-equipped. Not all have the comprehensive quality inspection processes, the discrepancy checks and other procedures designed to ensure the integrity of what they provide.

Throughout the company, Abaco has implemented SQAR - Supplier Quality Assurance Requirements – in line with the practices of many of our major customers such as defense prime contractors. These requirements are flowed down to our suppliers, and adherence to them is a pre-requisite for us to maintain long-term relationships with them. We regularly audit all our suppliers with extreme rigor to ensure continuing compliance.

And, if manufacturing in-house and detecting and eliminating counterfeit parts isn’t enough – we also offer our customers a service providing the opportunity to approve the use of parts procured from an independent distributor.

Hardware vulnerability

It is a truism to say that any building is only as secure as its foundations – and that applies no less to the relationship between secure software and the hardware on which it runs. Today’s real time operating systems – on which many defense applications are built – rely on the underlying hardware to provide certain functionality.

Abaco’s single board computers include a range of security features designed to assist with user-defined anti-tamper and information assurance strategies, such as volume protection, anti-tamper sensory technologies, encryption and memory sanitization. Other security functionality includes trusted/secure boot (such as Intel’s Trusted eXecution Technology (TXT)) or FNXP’s Trusted Execution Environment (TEE)), and an inherently secure FPGA solution (SmartFusion2 from Microsemi, which provides a ‘security hub’ on which a secure strategy can be built).

Network attack

Thus far, the majority of cyberattacks have been executed via insecurities in the network. Those remain the most prevalent form of assault - SQL injection, IP spoofing, brute force password guessing  and the like - whether to mine data or to insert Trojans, worms, keyloggers, ransomware and so on.

For military networks, Abaco has created – and developed over 30+ years – OpenWare, a network switch management environment that, in conjunction with the switch hardware, prioritizes military-grade security in the form of access control and authorization; authentication; password and certificate management; hardware write protection; configuration hardening; and sanitization.

OpenWare’s multi-level security delivers the optimum application-dependent balance between protecting data and preventing unauthorized access on the one hand, and accessibility and usability on the other.