While the benefits are obvious and loudly trumpeted by the Navy, the dangers are waved away and not discussed.
To illustrate, in my personal life I’ve moved to a 100% local data storage system, meaning, all my files are on jump drives in my possession. I have no data files on my PC, whatsoever, and none on any cloud service. Why? Because there is no such thing as a secure Internet/cloud system. Every system has been and will repeatedly be compromised. It’s not through lack of effort by the system owners. It’s simply impossible to protect data that can be accessed and, indeed, is designed to be accessed.
My jump drives, on the other hand, cannot be accessed. They are completely secure. When I access them, I do so on an isolated computer that acts as a connectivity gap. The modified files are then loaded on a dedicated transfer jump drive for subsequent uploading to the Internet on a dedicated and protected PC.
Think about the last few years. Every company swears to us that if we’ll give them our data as we conduct transactions with them, the data will be protected and secured on their impenetrable networks and, yet, we hear week after week about another major company whose data has been compromised. How many times have you been warned that your personal data, being held by xxxx Corporation, may have been compromised and that you should change your passwords (at that point, they’ve already got your information – changing your password is pointless but if you want to secure the barn door after the horses have left, go ahead)?
So, I pose the question, why do we believe that Amazon Web Services will be somehow immune to the now routine hacking that every other company is subject to, and victim of? The answer, if we’re being honest and realistic, is that the Navy’s Amazon cloud will be just as vulnerable as every other system. I know, people are going to write comments about the latest ten thousand bit encryption protection system or whatever. You know … the same kinds of protection that every other hacked system has had.
Another drawback to consolidating all of the Navy’s information is that
if when an enemy does successfully hack the system,
they’ll get EVERYTHING. The current
situation, where data resides on many different systems may be inefficient but
at least it has the unintended benefit of limiting the amount of data that any
one successful hack can acquire.
Okay, so there are dangers associated with this cloud data storage that the Navy has not bothered to share with us but is that the end of the story? Not quite. What have we constantly said about military programs? We’ve said that everything should run through the filter of, “will this improve our combat capability”? If the answer is no, we shouldn’t be doing it (oops, there goes our gender sensitivity training!). If the answer is yes, then we’re okay. So, does moving to cloud storage, with its attendant dangers, improve our combat capability? Let’s see what the Navy has to say.
One of the biggest benefits to the Navy, Geurts [Navy acquisition chief James Geurts] said, is that sailors and civilians on the pier or on the flight line will be able to reach into the cloud to keep an eye on parts bouncing through the pipeline …
Okay, tracking spare parts is certainly a peacetime convenience. Whether ‘keeping an eye’ on parts will actually produce the requisite number of parts or simply allow people to verify that the parts are unavailable, is not clear. Currently we suffer from a lack of necessary parts. Being able to track that isn’t going to produce the non-existent parts, it will just verify what we already know. Now, if we have plenty of parts but we’re having problems shipping the parts to the needed locations then this might help. Of course, we already have multiple systems that are intended to do that so why this system will work and the others haven’t, has yet to be explained by the Navy. Well, I’ll explain it to you.
The problem with current systems is not that they can’t track a part – that’s computing child’s play - , it’s that the data inputs are garbage and you know the ancient computer axiom: GIGO (garbage in, garbage out). Heck, it’s scratched on cave walls! We’re not taking the time to accurately input parts inventories. Well guess what? If we don’t accurately input parts inventories to the cloud, it will be just as inaccurate as what we have now. ‘The Cloud’ is not magic. It’s only as good as our data inputs which, apparently, are horrendous. That’s not going to change.
Moving on …
Simply put, “it will increase the visibility of the data,” Navy Comptroller Thomas Harker added. “Right now, in order to run audits the Navy has to pull data from nine different systems, not all of which are configured the same, and then slice it and dice it and put it all together.” Working that way is time consuming, and “creates challenges in financial reporting.
So, this will allow for easier, more accurate(?) audits. That’s nice but that does nothing for our combat capability so why are we doing this?
Any other benefits?
If the Pentagon fails to build a common system to share data rapidly among units in different services and different globally-dispersed theaters, it’ll fail to implement the kinds of high-speed, AI-assisted Multi-Domain Operations that military leaders say are imperative in potential future conflicts against advanced adversaries.
So, this cloud will somehow, in some unexplained manner, provide ‘high-speed, AI-assisted Multi-Domain’ operations. Buzzword bingo, anyone? Sure, the enemy will be raining old-fashioned artillery shells down on us but we’ll crush them with ‘high-speed, AI-assisted Multi-Domain’ operations. The poor bastards will never know what hit them.
When you don’t have any good justification, just string together a bunch of buzzword phrases. This looks to be a perfect example of that.
This cloud effort sounds like an exercise in convenience rather than combat capability. It also sounds like a venture that has a lot of potential for profound, unintended, negative consequences. Hey, China, would you like one-stop shopping for all of our data? Come hack the cloud!
Side Note: F-35 ALIS Case Study in the Making
The Air Force, frustrated with the abject failure of the F-35 ALIS logistics and combat planning software, has instituted a ‘Mad Hatter’ program to transfer the ALIS functionality (the theoretical functionality because, you know, there is no actual functionality!) to cloud servers and a bunch of apps. In addition to being non-functional, ALIS is also, apparently, quite vulnerable to cyber attack.
… with the current setup, ALIS may be so vulnerable that Robert Behler, the OTE [Director, Operational Test and Evaluation – DOT&E] director, thinks the program should be able to operate for a month without hooking up to it at all. Now that’s a bad sign. (2)
So, as with the Navy’s plan to migrate to cloud storage, no one is explaining how ‘the cloud’ magically eliminates cyber threats whereas the previous, highly encrypted, well protected computing system could not.
(1)Breaking Defense website, “Navy Takes First Big Step To Cloud, Pushing Logistics To Amazon’s Service ”, Paul McLeary, 23-Aug-2019,https://breakingdefense.com/2019/08/navy-takes-first-big-step-to-cloud-pushing-logistics-to-amazons-service/
(2)Defense News website, “Air Force Tries To Fix F-35’s ALIS — From A Big, Broken Box To the Cloud ”, Colin Clark, 6-Mar-2019,https://breakingdefense.com/2019/03/air-force-moving-f-35s-alis-from-a-big-broken-box-to-the-cloud/