Breaking Defense website has an article announcing the
Navy’s push to convert from multiple networks to a single Amazon Web Services
cloud based data storage/sharing system. (1)
While the benefits are obvious and loudly trumpeted by the
Navy, the dangers are waved away and not discussed.
To illustrate, in my personal life I’ve moved to a 100%
local data storage system, meaning, all my files are on jump drives in my
possession. I have no data files on my
PC, whatsoever, and none on any cloud service.
Why? Because there is no such
thing as a secure Internet/cloud system.
Every system has been and will repeatedly be compromised. It’s not through lack of effort by the system
owners. It’s simply impossible to
protect data that can be accessed and, indeed, is designed to be accessed.
My jump drives, on the other hand, cannot be accessed. They are completely secure. When I access them, I do so on an isolated
computer that acts as a connectivity gap.
The modified files are then loaded on a dedicated transfer jump drive
for subsequent uploading to the Internet on a dedicated and protected PC.
Think about the last few years. Every company swears to us that if we’ll give
them our data as we conduct transactions with them, the data will be protected
and secured on their impenetrable networks and, yet, we hear week after week
about another major company whose data has been compromised. How many times have you been warned that your
personal data, being held by xxxx Corporation, may have been compromised and
that you should change your passwords (at that point, they’ve already got your
information – changing your password is pointless but if you want to secure the
barn door after the horses have left, go ahead)?
So, I pose the question, why do we believe that Amazon Web
Services will be somehow immune to the now routine hacking that every other
company is subject to, and victim of?
The answer, if we’re being honest and realistic, is that the Navy’s
Amazon cloud will be just as vulnerable as every other system. I know, people are going to write comments
about the latest ten thousand bit encryption protection system or whatever. You know … the same kinds of protection that
every other hacked system has had.
Another drawback to consolidating all of the Navy’s
information is that if when an enemy does successfully hack the system,
they’ll get EVERYTHING. The current
situation, where data resides on many different systems may be inefficient but
at least it has the unintended benefit of limiting the amount of data that any
one successful hack can acquire.
Okay, so there are dangers associated with this cloud data
storage that the Navy has not bothered to share with us but is that the end of
the story? Not quite. What have we constantly said about military
programs? We’ve said that everything
should run through the filter of, “will this improve our combat capability”? If the answer is no, we shouldn’t be doing it
(oops, there goes our gender sensitivity training!). If the answer is yes, then we’re okay. So, does moving to cloud storage, with its
attendant dangers, improve our combat capability? Let’s see what the Navy has to say.
One
of the biggest benefits to the Navy, Geurts [Navy acquisition chief James
Geurts] said, is that sailors and civilians on the pier or on the flight line
will be able to reach into the cloud to keep an eye on parts bouncing through
the pipeline …
Okay, tracking spare parts is certainly a peacetime
convenience. Whether ‘keeping an eye’ on
parts will actually produce the requisite number of parts or simply allow
people to verify that the parts are unavailable, is not clear. Currently we suffer from a lack of necessary
parts. Being able to track that isn’t
going to produce the non-existent parts, it will just verify what we already
know. Now, if we have plenty of parts
but we’re having problems shipping the parts to the needed locations then this
might help. Of course, we already have
multiple systems that are intended to do that so why this system will work and
the others haven’t, has yet to be explained by the Navy. Well, I’ll explain it to you.
The problem with current systems is not that they can’t
track a part – that’s computing child’s play - , it’s that the data inputs are
garbage and you know the ancient computer axiom: GIGO (garbage in, garbage out). Heck, it’s scratched on cave walls! We’re not taking the time to accurately input
parts inventories. Well guess what? If we don’t accurately input parts
inventories to the cloud, it will be just as inaccurate as what we have
now. ‘The Cloud’ is not magic. It’s only as good as our data inputs which,
apparently, are horrendous. That’s not
going to change.
Moving on …
Simply
put, “it will increase the visibility of the data,” Navy Comptroller Thomas
Harker added. “Right now, in order to run audits the Navy has to pull data from
nine different systems, not all of which are configured the same, and then
slice it and dice it and put it all together.” Working that way is time
consuming, and “creates challenges in financial reporting.
So, this will allow for easier, more accurate(?) audits. That’s nice but that does nothing for our
combat capability so why are we doing this?
Any other benefits?
If
the Pentagon fails to build a common system to share data rapidly among units
in different services and different globally-dispersed theaters, it’ll fail to
implement the kinds of high-speed, AI-assisted Multi-Domain Operations that military leaders say are imperative in
potential future conflicts against advanced adversaries.
So, this cloud will somehow, in some unexplained manner,
provide ‘high-speed, AI-assisted Multi-Domain’ operations. Buzzword bingo, anyone? Sure, the enemy will be raining old-fashioned
artillery shells down on us but we’ll crush them with ‘high-speed, AI-assisted
Multi-Domain’ operations. The poor
bastards will never know what hit them.
When you don’t have any good justification, just string
together a bunch of buzzword phrases.
This looks to be a perfect example of that.
This cloud effort sounds like an exercise in convenience
rather than combat capability. It also
sounds like a venture that has a lot of potential for profound, unintended,
negative consequences. Hey, China, would
you like one-stop shopping for all of our data?
Come hack the cloud!
____________________________________
Side Note: F-35 ALIS Case Study in the Making
The Air Force, frustrated with the abject failure of the
F-35 ALIS logistics and combat planning software, has instituted a ‘Mad Hatter’
program to transfer the ALIS functionality (the theoretical functionality
because, you know, there is no actual functionality!) to cloud servers and a
bunch of apps. In addition to being
non-functional, ALIS is also, apparently, quite vulnerable to cyber attack.
…
with the current setup, ALIS may be so vulnerable that Robert Behler, the OTE [Director,
Operational Test and Evaluation – DOT&E] director, thinks the program
should be able to operate for a month without hooking up to it at all. Now
that’s a bad sign. (2)
So, as with the Navy’s plan to migrate to cloud storage, no
one is explaining how ‘the cloud’ magically eliminates cyber threats whereas
the previous, highly encrypted, well protected computing system could not.
____________________________________
(1)Breaking Defense website, “Navy Takes
First Big Step To Cloud, Pushing Logistics To Amazon’s Service ”,
Paul McLeary, 23-Aug-2019,
https://breakingdefense.com/2019/08/navy-takes-first-big-step-to-cloud-pushing-logistics-to-amazons-service/
(2)Defense News website, “Air Force
Tries To Fix F-35’s ALIS — From A Big, Broken Box To the Cloud ”,
Colin Clark, 6-Mar-2019,
https://breakingdefense.com/2019/03/air-force-moving-f-35s-alis-from-a-big-broken-box-to-the-cloud/
