Electronic Warfare and Cyberspace

The writer Stephen King once said, “Sooner or later, everything old is new again.” Today we’re going to talk about how old techniques – like jamming, spoofing, chaff, and flares – re-emerged as new techniques in cyberspace.

Aren’t these apples and oranges? Don’t all these old electronic warfare technologies only use the electromagnetic spectrum (EMS)? What in the world does that have to do with cyber? It’s been a big shift for militaries around the world to get their heads around blending traditional electronic warfare with newer cyber capabilities.

The radars and jammers of World War II were built on analog hardware. They performed their tasks by using hardware components that operated on analog signals. These systems evolved after the war. They were influenced by inventions like computers and software, information theory and coding, and the transistor and the integrated circuit. Today,  radars and jammers take advantage of digital technology and are implemented using hardware, software, and firmware. They still rely on the EMS to deliver their capabilities and effects.

There was no cyberspace before the internet was invented and became available to everyone in the 1990’s. Cyber came along and made undreamed-of capabilities and services available. Most cyber devices take advantage of digital technology. Connecting to cyberspace can be over physical connections like fiber optic cables and/or over radio frequencies (RF). And a single message in cyberspace may traverse several wired and wireless links!

So far, so good. So how has the old idea of jamming morphed into cyberspace? Remember that jamming was originally a countermeasure designed to keep your enemy from successfully using his EMS systems. Today’s version of jamming in cyberspace is called the Distributed Denial of Service (DDOS) attack. DDOS attacks flood websites or  computers with more computer traffic than they can handle. When successful, the attack can cause systems to crash. Just as radar and communications systems are vulnerable to jamming because they operate in the EMS, cyber devices are vulnerable to DDOS attacks because they operate on the internet. DDOS attacks can be delivered via cable and/or RF.

What about spoofing? We first saw electronic spoofing during the Civil War, when Confederate forces pretended to be Union forces sending legitimate telegraph messages. In the cyber era, spoofing is still called spoofing, and it basically means very much the same thing. Cyber spoofers disguise themselves as legitimate sources and ask their victims to do something for them. They ask for things like money or private information. We’ve all seen spoofing attacks in things like email, websites, caller id, and text messaging.  They’re so common we take them for granted. We always need to have our guards up for spoofing attacks when we are in cyberspace.

OK, how about chaff? In World War II, chaff was developed to defend planes against enemy radars. It worked by sending lots of reflections back to the enemy radar system to confuse it. Today, the firewall performs a chaff-like function in cyberspace. It defends our trusted network from an untrusted network (like the internet). It monitors and controls incoming and outgoing network traffic according to specific security rules, and blocks prohibited messages from transiting the untrusted/trusted boundary. Just as chaff prevents the enemy from accurately detecting and targeting an airplane, a firewall prevents a cyber attacker from detecting a network vulnerability and targeting it. You get the idea.

What is analogous to the flare in cyberspace? A flare is a device operating in the infrared that draws a heat-seeking missile away from its intended target. The cyberspace version of a flare is the honeypot. A honeypot is an attractive target placed intentionally by defenders on a computer network. It’s intended to attract the attention of cyber attackers and/or distract them from away from legitimate targets. It may look as enticing as a jar of honey, but in actuality, it’s more like a mousetrap baited with cheese.

So this is this remarkable evolution from traditional radar to new cyber techniques. We will talk more about cyber security in future blogs, but not until we’re done talking about radar-related technologies. Next week, we will take a look at a remarkable radar known as Over The Horizon Radar (OTHR).