October 1, 2019 | International, C4ISR, Security
By: Christina Mackenzie
PARIS — Maj. Gen. Didier Tisseyre is France's new cyber defense force commander — the “conductor” of an orchestra made up of military officials and the domestic defense industry, as he puts it.
Cyber Defence Command was created in 2017 and was expanded in January when Armed Forces Minister Florence Parly announced France will develop and deploy offensive cyber weapons. Tisseyre took on the lead role Sept. 1 from his predecessor and most recently served as the deputy to that former commander. He spoke to Defense News earlier this month in a meeting room at the Armed Forces Ministry.
What is your role as the head of Cyber Defence Command?
I am a conductor, and my orchestra is made up of the Army, Navy and Air Force chiefs of staff, ANSSI [France's National Agency for the Security of Information Systems], and defense industry leaders.
We must protect our systems, be robust, be resilient because if France's vital interests are attacked, then the armed forces must be able to react. Our weapons systems, our command systems are all computer-controlled. This makes them powerful and effective but also vulnerable, so we must be able to protect them. And today this protection must be as global and end-to-end as possible. This means that everyone in the Ministry of the Armed Forces must work together, and there must be a conductor to coordinate the protection and the defense of our interconnected networks. That is my job
I have a staff and a number of specialized units who contribute to this defense and coordinate it. But within each armed force — the Navy, the Army, the Air Force — there are cyberwarriors who liaise with us to defend their systems.
We work very closely with ANSSI, exchanging information so that we can anticipate future attacks. We also work closely with our fellow NATO members, our bilateral partners and other international organizations. The idea is to be able to anticipate and not just to react.
What does France consider a top cyberthreat?
Cyberspace is a very positive place for bringing people together and is wonderful for the economy, for arts and so on. But precisely because it brings thousands of people into contact with each other, it is also used to get money fraudulently, to influence, to destabilize, to spread ideologies. And even if we must maintain freedom of expression, there are certain things in France which cannot be said publicly — [incitement to ethnic and racial hatred, for example]. Our principle is that everything that happens in real life is transposable into cyberspace, so for France and many other countries, the law is just as applicable in cyberspace as it is in real life. But because there is a general impression that no rules apply in cyberspace, then individuals and groups use it for criminal activities, spying, destabilizing electoral processes. And the question arises as to whether these individual or groups are being backed by states.
As a member of the armed forces, my duty is to be paranoid and assume that the cyber enemy may have a strong, state-backed criminal intent to prepare conflicts, and so that is what we must be prepared for.
How do you anticipate the ways imaginative hackers will act?
By hiring imaginative youngsters ourselves. Our cyberwarriors have to be extremely motivated to protect the ministry's systems and France, obviously. They must have very specialist IT technical or social media know-how, or be brilliant intelligence gatherers. A lot of what is said on social networks allows us to learn about our enemy, to anticipate possible attacks, or even enables us to hinder their propaganda, particularly on our theaters of operation in Africa or the Levant, for example, where part of our mission is to stop jihadist groups from recruiting.
Our cyberwarriors have to have a particular frame of mind because we are not asking them to configure the network or equipment, we are really in a combat situation in cyberspace. We work on operations to defend or to undertake offensive actions to protect our systems, our freedom to act, to guarantee the sovereignty of our systems.
Is France confronting specific threats that are different from those faced by other countries?
Fundamentally, no, because we are all cyberattacked by people trying to block our computers, and attackers are becoming increasingly sophisticated in their ways of hacking.
How does France respond?
We must be prepared to react. But France considers that attributing an attack — notably where advanced persistent threats, [or APT], are concerned — is a very political, highly sensitive thing to do. APT can be the work of individuals seeking ways to make money, or being paid by others and potentially linked to intelligence services of other nations.
If an organization such as NATO is attacked, then France is, by principle, against collective attribution. Each member of the organization must agree that the attacking individual or group is taking its orders from a state because attribution of blame, as I said, is highly political: You're designating a state as being responsible for attacking another one, and that has a very strong impact. You have to be able to prove it, and the state that has been blamed might not appreciate having the finger pointed at it.
In the physical world when an aircraft crosses into another nation's airspace or a vehicle crosses a border, there is concrete proof: radar, photographs and so on. The difficulty in cyberspace is that it's very easy to pass oneself off as somebody else and to hide one's tracks; [just] because an APT is perpetrated by attackers physically present in one country, that [doesn't mean] they were taking their orders from that country. Here's an example to illustrate my point: They could use a server in Germany to send the data to the U.K., which then rebounds in France and finally attacks the United States. So Washington would try and work back to see where the attack came from and would eventually discover that it came from Germany, but that doesn't mean the order to attack came from Germany. In cyberspace, leads very quickly get entangled. So we really have to be extremely careful about a hack-back before thorough due diligence has been undertaken.
What France wants is that each member state validates the blame before the finger is pointed. We are against the idea that just because one member blames a state for attacking it, that NATO takes it as a given and invokes Article 5 of the NATO treaty, [which calls for collective action if a member state is attacked].
What would happen if France is attacked?
It depends. If France thinks that the attack came from a state and wants a collective reaction from NATO, then there'd be a whole lot of discussions about the risk of escalation, Article 5, the right to self-defend and so on. These notions involve significant commitments for countries, and so we want things to be clearly defined where cyberspace is concerned: What is an attack? Who was targeted? What are the consequences of the attack? Did it touch the physical integrity of nationals of the country? Were the operating systems of a hospital or a power station impacted?
We want to take into account the economic or human impact of the attack and the nature of the attacker: Was it an individual having fun? Was it a group, and what were its motivations? Was it a jihadist group with terrorist intent, or was it outright a state pre-positioning itself for future conflicts or trying to wield influence?
France wants things to be clear. We want to establish how international laws apply to cyberspace, and as I mentioned earlier, we insist on due diligence.
Could you explain what you mean by “due diligence”?
If, for example, France sees that it has been attacked via a server in Germany, then “due diligence” means that instead of us simply hacking Germany back, we would ask the authorities in Berlin to act to stop that server being used. So even if, within NATO, a member state is attacked, then France holds that that state is not authorized to hack back without due diligence being undertaken first.
It's a bit complex, but we've listed the types of attack, the principle of digital sovereignty, the references to the Tallinn Manual — [the independent academic research product authored by an international group of about 20 experts to guide how international law applies to cyber conflicts and cyberwarfare]. And we've positioned ourselves with regards to this, and in certain particular cases have said, “Be careful, our interpretation of X is slightly different for these reasons,” and we explain why.
We also explain that we consider an attack on information systems in France is an attack on our national sovereignty. That gives us the right to riposte, not necessarily in a cyber way but it could be a diplomatic response or an economic one ― it depends on the nature of the attack and the impact it has and on the attacker himself, what his motivations were and in what framework the attack took place.
How does the ministry work with industry?
The ministry knows how to defend itself, and we have the right, within a very strict framework, to undertake offensive cyberattacks in foreign operations. The attacker knows that a direct attack on us is thus likely to fail. So he will ruse. He'll attack the weak link: the defense industry, notably the subcontractors that may only make a small component of a weapon or an IT system. He'll put a virus or malware in that subcontractor's system, and it will progressively make its way into the major contractor's system and then into the weapon system. And as all these are interconnected, then this is how we would be attacked. So we need to have confidence in the entire supply chain, and we are on the verge of signing a convention with industry aimed at raising general awareness of this risk at every level of industry.
France has allocated €1.6 billion (U.S. $1.8 billion) to cyber defense in its 2019-2025 military program law. What are the main spending priorities?
To ensure that the system is protected and defendable. Until recently, we concentrated on the functionality of the system: what it was designed to do and who for (the Air Force, the Navy, the Army, etc.). And making the systems secure was an additional layer to the basic functions, so if funds ran out, then sometimes the layer would be only half done or had holes in it.
Today we are aware that there is such vulnerability in computer systems that security has to be built in by design. It's part and parcel of the functionality of the system.
We're also spending money on the detection of attacks. Our network has sensors in it to detect whether anyone is using the network who shouldn't be. We're working on the characterization of attacks, which means we're collecting data on malware — a bit like a laboratory that might keep a sort of library of viruses and bacteria — to be able to quickly establish what type of attack is being undertaken and therefore what the best “medicine” is for it.
And of course we'll be hiring another 1,000 cyberwarriors between now and 2025.
April 1, 2024 | International, Aerospace
The Air Force cut its planned F-35 and F-15EX purchases in 2025 by six apiece due to budgetary constraints, as well as delays to F-35 upgrades.
August 29, 2024 | International, C4ISR, Security
May 22, 2019 | International, Aerospace, Naval
By: Megan Eckstein The Department of the Navy awarded Sikorsky a $1.13-billion contract for 12 CH-53K King Stallion heavy-lift helicopters, the Defense Department announced on Friday. The contract to the Lockheed Martin-owned company covers Lots 2 and 3 of the helicopter, which will replace the aging CH-53E Super Stallion. The Navy plans to buy 200 CH-53Ks over the life of the program. This award comes after an overhaul of the helicopter's test program, which had fallen behind due to inefficiencies in the test plan and technical problems in the design of the aircraft. Those problems included an exhaust gas reingestion problem in the helo's three-engine design. A recent Pentagon Selected Acquisition Report noted 126 design deficiencies, Bloomberg has reported, and the Department of the Navy has since worked with Sikorsky to restructure the remaining test program. After cost growth in the Lot 1 contract for the helicopters, the Navy and Marine Corps reduced this contract to 12, compared to a previous plan to buy 14 under Lots 2 and 3. “The aircraft quantity was negotiated for 12 vice 14 aircraft due to cost growth identified during Lot 1 production as well as the cost of incorporating the correction of known technical deficiencies that have resulted from developmental flight test to date,” Navy spokesman Capt. Danny Hernandez told USNI News. “The lower quantity will allow the program to afford the aircraft while preserving planned support efforts within the budget and program schedule.” In a Friday news release, Navy and Marine Corps leadership expressed confidence in the program despite the challenges it has faced over the past year or so. “The Marine Corps is very appreciative of the efforts by the Navy and our industry partners to be able to award the LRIP 2/3 contract,” Lt. Gen. Steven Rudder, the deputy commandant for aviation, said in a news release. “This is a win for the Marine Corps and will secure the heavy-lift capability we need to meet future operational requirements and support the National Defense Strategy. I'm very confident in the success of the CH-53K program and look forward to fielding this critical capability.” “This contract award reflects close cooperation and risk sharing between the Government and industry teams to deliver critical capabilities to the Marine Corps,” James Geurts, assistant secretary of the Navy for research, development and acquisition, said in the release. “Working with our industry partners, the team ensured that solutions for technical challenges are incorporated into these production aircraft. This reflects the urgency to ensure we deliver capabilities necessary to support the Marine Corps and the Department of Navy's mission, while continuing to drive affordability and accountability into the program.” In a House Armed Services Committee hearing earlier this spring, Daniel Nega, the deputy assistant secretary of the Navy for air programs, told lawmakers on the tactical air and land forces subcommittee that the upcoming contract would put the onus on Sikorsky to address remaining design flaws and fix any other problems that come up during the remainder of testing. “The flight envelope's been tested to the corners; Gen. Rudder talked about how we've sort of wrung it out,” he said at the hearing. “There's a relatively low risk that anything major will be found. However, if nuisance issues come along, we are not going to give those nuisance issues to the Marines, and the Navy and Marine Corps team is not going to accept the full risk of that. So the risk concurrency between the development and the production, that overlap is going to be taken care of.” Asked how the contract awarded today would do that, Hernandez told USNI News that “the production contract is structured to ensure a deployable configuration is delivered for fleet use. All known issues are included in the contract, additionally the contract provides provisions for any new issues discovered during flight testing. This will ensure appropriate shared risk between the government and industry.” Sikorsky's Path Forward Despite the ongoing technical challenges with the helicopter design and the delays in the test program – which has set back the planned start of initial operational test and evaluation but does not appear to threaten the planned first deployment of the helicopter in 2023 or 2024 – Sikorsky officials remain confident that the aircraft is on the right path following last year's restructure. “The majority of the technical issues that we've discovered over the 1,400 hours of flight test, nothing too terribly different than we would expect to find on a development program,” Bill Falk, Sikorsky's program director for CH-53K, told USNI News in an interview earlier this month. “The majority of them are already resolved, already proven and demonstrated in aircraft. We do have a set of issues that we still are in the process of resolving and demonstrating, but we've got a plan in place, parts installing in the aircraft and flight test plans to demonstrate that.” Falk said the company has dedicated one of its six test aircraft to tackle the exhaust gas reingestion issue, spending the last four or five months using computer-aided modeling and data from test flights to develop prototype solutions and test them out on the aircraft. “We have enough data that we now understand what solution we need to install on the aircraft, demonstrate and validate, which will become part of the production solution,” Falk said. “So we are at a completely different spot: where there was uncertainty four to five months ago, we have complete confidence now.” The new test plan is also more focused than the original one, tying each flight test to the delivery of a specific capability rather than just flying for flying's sake, Falk told USNI News. The helicopter has already demonstrated that it meets or exceeds all requirements for speed, range, altitude, lift capacity and more. Sikorsky and the Navy/Marine Corps team have also conducted hot weather and brownout condition testing in Arizona, and they have certified the helicopter can be transported via C-5 and C-17 cargo planes. A key upcoming test will be sea trials, where the CH-53K will have to prove it can fly on and off a flight deck and that Marines can maintain it at sea. Falk said the Navy is looking at a window of late February or early March through May of 2020 for sea trials, and that the tests will take place aboard a yet-to-be-decided amphibious assault ship. Initial operational test and evaluation is set to begin in early 2021, which would allow the Marine Corps to declare initial operational capability in time for the first deployment in 2023 or 2024. Though work still remains to be done, Paul Fortunato, director of Marine Corps business development at Sikorsky, and John Rucci, the company's senior experimental test pilot for the CH-53K, said the new helicopter has already proven it is easier to operate and maintain than its predecessor and that its warfighting capability surpasses the requirements for the aircraft. Rucci said pilots have total trust in the fly-by-wire cockpit, which essentially lands the helicopter on its own – meaning the pilots can focus on the mission at hand or evading a threat, or can safely land in a sandstorm or other degraded conditions. And Fortunado said the helo was built with easy maintenance in mind: fewer tools are required, the all-electronic maintenance documents include graphics that maintainers can zoom in on and rotate to help them maintain or repair parts, the logistics footprint is smaller and easier for deployments aboard amphibious ships. The design even includes putting electronic components in “backwards,” meaning the connections are facing outwards and easily accessible when maintainers take off a panel, instead of the wiring being in the back like usual and requiring a Marine to use a mirror to see what is going on behind the component. At Marine Corps Air Station New River in North Carolina, Falk said, Marines are using one of the system demonstration test article (SDTA) helicopters to work out any remaining issues in the maintenance manuals and to start learning more about how to fix and sustain the new helo. “There's Marines crawling around that aircraft, taking it apart, putting it back together again, running the maintenance procedures, and basically using what we developed in order for them to be able to maintain the aircraft,” Falk said. “So the opportunity for us before we start delivering production aircraft, we can learn from that, we can feed all that back, we can improve our maintenance procedures and basically when the aircraft is deployed deliver a much higher-quality, more efficient set of maintenance instructions. Plus, you've got Marines that have already used it, done it, learned.” https://news.usni.org/2019/05/17/navy-awards-sikorsky-1-13b-for-next-12-ch-53k-heavy-lift-helicopters