In today’s increasingly digital world, the defence industry is increasingly adopting cutting-edge technologies to enhance its capabilities. These technologies, such as the Internet of Things (IoT), cloud computing, artificial intelligence (AI), and virtual reality (VR), offer tremendous opportunities for improved operations and services.
However, their integration brings forth new challenges related to security, privacy, and the reliability of underlying systems. As a result, robust cybersecurity solutions, including encryption, are vital to protect sensitive data.
In the past two decades, a staggering number of records (numbering in the billions) have been stolen or compromised, with barely a week going by without news of a major data breach. This month, for example, the Pentagon announced plans to tighten protection for classified information following the explosive leaks of hundreds of intelligence documents that were accessed through security gaps at a Massachusetts Air National Guard base by Guardsman Jack Teixeira. The leak is considered the most serious US national security breach since more than 700 000 documents, videos and diplomatic cables appeared on the WikiLeaks website in 2010.
Breaches on the rise
Only a few weeks ago, MOVEit, a popular file transfer tool, was compromised, leading to the sensitive data of many companies who use the software being compromised. Affected companies include payroll provider Zellis, British Airways, BBC, and the province of Nova Scotia. In May, it was alleged that vehicle manufacturer Suzuki had to stop operations at one of its plants in India after a cyberattack, incurring a production of loss of more than 20 000 vehicles during this time.
The defence industry and military have been targeted as well. Last year Kon Briefing recorded 34 major cyberattacks on the military and defence industry, which amongst others saw 1.7 million Polish Army logistics data sets published; data about 120 000 Russian soldiers fighting in Ukraine leaked; over 15 000 emails from a Russian military construction company leaked; 400 000 emails of the Chilean Ministry of Defence leaked; a database of the Russian military intelligence service leaked; and secret NATO documents from Portugal offered for sale on the Darknet etc.
What has emerged as a leading cause of data loss or compromise, was data stored on mobile or removable devices, as well as internal breaches that happened as a result of unauthorised employee access to private data. The theft of devices has also been revealed as a major factor in data breaches, and the loss of confidential information is not limited to theft of the device alone, as malware attacks increasingly go after proprietary business information and customer data.
A list of dire consequences
Furthermore, the consequences of a data breach go way beyond the direct financial costs alone, including the loss of confidence and irreparable damage to an organisation’s reputation. Add to this the fact that data security and privacy have become legally mandated in many major markets as the environment grows more stringent, with regulations such as PoPIA and GDPR working to safeguard sensitive information.
So what can be done to mitigate the damage of stolen devices, or malware that exfiltrates company or military information? The answer is encryption, which has emerged as a critical defence mechanism. By making use of encryption, organisations render their most confidential data useless to nefarious actors or viewers who are not authorised, guaranteeing its protection and ensuring the confidence of their stakeholders.
What is data encryption?
Data encryption refers to the process of converting data from its original form into an unreadable format called ciphertext, meaning it becomes useless to unauthorised parties. To turn the data back into its original state, a specific encryption key or cipher is needed.
Although data varies greatly in nature, encryption can be applied to practically every type of data. Encryption can be employed when data is “at rest,” which means it is stored in a fixed location such as a disk. It can also be employed when data is “in motion,” being transmitted over a network. Data encryption is also compatible with a host of operating systems, file systems, block data, bare-metal servers, virtual machines, and virtual disks.
Certain data, such as the information stored in the /proc directory on a Linux server, may not necessarily need to be encrypted, and in these cases, alternative security measures such as file-level access control should be implemented to safeguard the data.
The effectiveness of different encryption algorithms varies depending on the types of data being encrypted. Additionally, the performance of these algorithms can be influenced by the underlying infrastructure on which they are implemented.
Some algorithms may demonstrate superior performance in environments with abundant memory but limited CPU power, while others may excel in CPU-intensive environments. It is therefore recommended to experiment with different encryption algorithms to identify the ones that align best with the business’s specific requirements.
There are also some best practices that militaries and defence businesses should follow when embarking on an encryption journey.
Firstly, safeguarding the encryption keys is crucial. Mistakes can happen, and if the encryption key is compromised, unauthorised access to company data becomes a real danger. Avoid storing the key in an unencrypted file on your computer. Instead, adopt measures such as separating the keys from the data, implementing user access restrictions and responsibilities, and regularly rotating encryption keys based on a predetermined schedule.
Next, encrypt all sensitive data, irrespective of its storage location or perceived risk. Breaches are seen as an inevitability now, so by encrypting sensitive data, the business significantly increases the barriers to unauthorised actors attempting to breach the systems.
Finally, effective data encryption involves making data unreadable to unauthorised parties while maintaining efficiency and utilising resources optimally. If the encryption process is overly time-consuming or consumes excessive CPU time and memory, consider switching to a different algorithm or experimenting with encryption tool settings to strike a balance between security and performance.
By embracing encryption as an essential security measure, the defence sector can fortify its data protection capabilities, maintain confidentiality, and instil confidence among stakeholders. Encryption serves as a cornerstone in safeguarding sensitive information, preserving national security, and supporting the defence sector’s digital transformation endeavours.
Written by Caryn Vos, Senior Manager: Crypto at Altron Systems Integration
Vos has specialised in information security for over 20 years, during which time she has dealt with all facets of this industry. This has given her a deep and broad understanding of information security as a whole. While she has focused on the financial services sector for many years, she has also worked with most industries during the course of her career. She has built an extensive network throughout the channel and end-user customer base and has extensive experience in dealing with end users as well as through partners.
For more information contact me via LinkedIn – https://www.linkedin.com/in/caryn-vos-4763047/