25 Nov 2024
by Dr. Andy Lilly

Secure Communications – the cornerstone of C4ISR

Guest blog by Dr. Andy Lilly, Director and Co-Founder at Armour Communications Limited #DefTechWeek

Use of mobile phones has transformed communication, a crucial element of C4ISR.  However, for all the impressive technology in such a tiny device, it opens up military/defence organisations to a range of potential attack vectors including:  IMSI catchers, fake basestations, AI/deepfake impersonation attacks, as well as unsanctioned consumer apps on BYOD devices, any of which could result in leakage of time/mission critical data.

Attacks using old technology still highly effective

Fake base stations and IMSI catchers are an old attack vector, but still in use today and catching out the unwary. This is where mobile phones are ‘fooled’ into locking on to the strongest antenna signal from a fake basestation which then negotiates reduced encryption standards that are easily cracked.

A recent investigation indicated that enemy forces are using this very method via transportable antenna (fake basestations launched via drones) to access data sent by devices, and in some cases to erase information held on phones. As long ago as 2017 soldiers were reporting ‘strange things’ happening to their phones such as contacts disappearing. Indeed, troops and those travelling in ‘unfriendly regimes’ should beware of posting content online, even to restricted profiles visible only to friends, because such posts can easily be accessed by uninvited third parties.

In early March the BBC reported that a European government admitted to a hack of a military meeting where officers discussed use of long-range missiles, and their possible targets. https://www.bbc.co.uk/news/world-europe-68457087.  The hack was helped in part by the fact that the participants were not using a secure communications channel.

AI generated impersonation-based attacks an increasing threat

The growth of artificial intelligence (AI) generated deepfakes for impersonation-based attacks is becoming more prevalent.  Video calls are becoming so believable that in February a finance worker in a multinational company was duped into paying out $25 million after a video call with a deepfake chief financial officer.   Not only was the CFO on the call a deepfake, so were all the other participants, all of whom were known to the finance worker.

Identity-based encryption – know who you are communicating with

One way that military organisations, or any other organisation for that matter, can protect against these threats is to use a secure communications platform that utilises identity-based encryption. Protocols such as the NCSC’s MIKEY-SAKKE ensure that people can be confident that they are communicating with who they think they are and not an impostor, however clever their fakery.

As these recent attacks demonstrate all too vividly, organisations of every shape and size in both public and commercial sectors need to take the cyber security of their communications seriously.  This means banning the use of unsanctioned shadow IT for business purposes. A built-for-purpose, Secure by Design (SbD) secure comms platform can provide an engaging user experience to rival any consumer app, plus the ability to manage and control the organisation’s data centrally.

Protect data sovereignty

Whether deployed on-premises (on in-house servers), or as a secure hosted solution, an enterprise-grade secure comms platform that covers voice calls, instant messaging and video conferencing ensures data sovereignty. This is where data stays on sovereign soil, something that some tech giants can’t guarantee, even for UK Government users. It also ensures data separation, no mixing of data, be that of different classifications of data, or business and personal, even on BYOD devices.

In short, a secure communications platform can protect military and other sensitive communications even in hostile conditions. Users and their data are managed centrally, meaning users can be confident that they are communicating with who they think they are, and not an adversary.


techUK's Defence Campaign Week 2024 - DefTech: Technology Transforming Defence

techUK is pleased to announce our first Defence Campaign Week, running from 25-29 November 2024.

Find all insight here!

DefTech: Technology Transforming Defence - techUK Report Published

techUK’s Defence Programme has published a report looking at how Defence Technologies (DefTech) will revolutionise how the UK defends itself, but that means a change in how governments think about capabilities.

Read here

DefTech: Technology Transforming Defence – Campaign Week Launch

Launch for techUK’s first Defence Campaign Week with a keynote speech from NSSIF Managing Partner and Head of Investment Hugo Jammes and pitches from SME members.

Book now!


Defence Programme activities

The Defence programme works to help the UK’s defence technology sector align itself with the MOD. techUK members are able to navigate and better understand the UK Defence sector to successfully align their own investment and resources to take advantage of business opportunities. Visit the programme page here.

 

Upcoming events

Latest news and insights 

Learn more and get involved

 

Defence updates

Sign-up to get the latest updates and opportunities from our Defence programme.

 

 

Here are the five reasons you should join the Defence programme.

Learn about the value members get from our work.

Download

Join techUK groups

techUK members can get involved in our work by joining our groups, and stay up to date with the latest meetings and opportunities in the programme.

Learn more

 

Become a techUK member

Our members develop strong networks, build meaningful partnerships and grow their businesses as we all work together to create a thriving environment where industry, government and stakeholders come together to realise the positive outcomes tech can deliver.

Learn more

Meet the team  

Fred Sugden

Fred Sugden

Associate Director, Defence and National Security, techUK

Fred is responsible for techUK's activities across the Defence and National Security sectors, working to provide members with access to key stakeholders across the Defence and National Security community. Before taking on the role of Associate Director for Defence and National Security, Fred joined techUK in 2018, working as the Programme Head for Defence at techUK, leading the organisation's engagement with the Ministry of Defence. Before joining techUK, he worked at ADS, the national trade association representing Aerospace, Defence, Security & Space companies in the UK.

Fred is responsible for techUK’s market engagement and policy development activities across the Defence and National Security sectors, working closely with various organisations within the Ministry of Defence, and across the wider National Security and Intelligence community. Fred works closely with many techUK member companies that have an interest in these sectors, and is responsible for the activities of techUK's senior Defence & Security Board. Working closely with techUK's Programme Head for Cyber Security, Fred oversees a broad range of activities for techUK members.

Outside of work, Fred's interests include football (a Watford FC fan) and skiing.

 

Email:
[email protected]
Phone:
07985 234 170

Read lessmore

Raya Tsolova

Senior Programme Manager, techUK

Raya Tsolova is a Programme Manager at techUK. 

Prior to joining techUK, Raya worked in Business Development for an expert network firm within the institutional investment space. Before this Raya spent a year in industry working for a tech start-up in London as part of their Growth team which included the formation and development of a 'Let's Talk Tech' podcast and involvement in London Tech Week. 

Raya has a degree in Politics and International Relations (Bsc Hons) from the University of Bath where she focused primarily on national security and counter-terrorism policies, centreing research on female-led terrorism and specific approaches to justice there. 

Outside of work, Raya's interests include baking, spin classes and true-crime Netflix shows! 

Email:
[email protected]
Phone:
07712630603

Read lessmore

Jeremy Wimble

Jeremy Wimble

Programme Manager, Defence, techUK

Jeremy manages techUK's defence programme, helping the UK's defence technology sector align itself with the Ministry of Defence - including Defence Digital, DE&S, innovation units and Frontline Commands - through a broad range of activities including private briefings and early market engagement events. It also supports the MOD as it procures new digital technologies.

Prior to joining techUK, from 2016-2024 Jeremy was International Security Programme Manager at the Royal United Services Institute (RUSI) coordinating research and impact activities for funders including the FCDO and US Department of Defense, as well as business development and strategy.

Jeremy has a MA in International Relations from the University of Birmingham and a BA (Hons) in Politics & Social Policy from Swansea University.

Email:
[email protected]

Read lessmore

Tracy Modha

Tracy Modha

Team Assistant - Markets, techUK

Tracy supports several areas at techUK, including Cyber Exchange, Cyber Security, Defence, Health and Social Care, Local Public Services, Nations and Regions and National Security.

Tracy joined techUK in March 2022, having worked in the education sector for 19 years, covering administration, research project support, IT support and event/training support. My most outstanding achievement has been running three very successful international conferences and over 300 training courses booked all over the globe!

Tracy has a great interest in tech. Gaming and computing have been a big part of her life, and now electric cars are an exciting look at the future. She has warmed to Alexa, even though it can sometimes be sassy!

Email:
[email protected]
Phone:
02073312000
Twitter:
@TracyModha,@TracyModha
Website:
www.techuk.org,www.techuk.org
LinkedIn:
https://www.linkedin.com/in/tracymodha83,https://www.linkedin.com/in/tracymodha83

Read lessmore

 

 

 

 

Authors

Dr. Andy Lilly

Dr. Andy Lilly

CTO, Armour Comms