moja polska zbrojna
Od 25 maja 2018 r. obowiązuje w Polsce Rozporządzenie Parlamentu Europejskiego i Rady (UE) 2016/679 z dnia 27 kwietnia 2016 r. w sprawie ochrony osób fizycznych w związku z przetwarzaniem danych osobowych i w sprawie swobodnego przepływu takich danych oraz uchylenia dyrektywy 95/46/WE (ogólne rozporządzenie o ochronie danych, zwane także RODO).

W związku z powyższym przygotowaliśmy dla Państwa informacje dotyczące przetwarzania przez Wojskowy Instytut Wydawniczy Państwa danych osobowych. Prosimy o zapoznanie się z nimi: Polityka przetwarzania danych.

Prosimy o zaakceptowanie warunków przetwarzania danych osobowych przez Wojskowych Instytut Wydawniczy – Akceptuję

Controlled Attack

It took the army over a year to test whether the purchased new model of ICT nodes, the most important devices in the command and communication network, meets all cybersecurity requirements. 

It used to be simple in the old days – administrative functioning of any army was based on paper. Today, paper has been superseded by electronic devices. There is probably no army left in the world which does not use less or more complex ICT systems. They are the basis of logistics (in accountancy, human resources and when managing various types of warehouses) or training (simulators, training equipment, educational laboratories). Most importantly, armies all over the world use ICT systems to execute combat tasks – from navigation systems, through communications, to solutions applied in command support and battle management. As recently as 15 years ago, top secret orders and reports were still delivered from point A to point B in a briefcase and under escort; now, they are “wandering” through cyberspace via satellite, optical fiber, cable or radio routes.

Due to the omnipresent digitization, commanders have received warfare tools their predecessors could only dream about. They now have the capability to manage their subordinates in real time, while being hundreds or even thousands of kilometers away from them. However, every rose has its thorn. This ICT revolution brought with it the risk of orders and reports being intercepted by the enemy, without us even knowing about it. What is worse, our adversary might also jam (though at least we can be aware of that), or in extreme cases even paralyze our command and communication systems.

Media reports show how real the threat actually is. In 2015, Bloomberg, the world’s biggest information agency, revealed that the motherboards of servers produced by Supermicro included special chips which made it possible to steal data. A journalistic investigation revealed that outside the Pentagon such devices were delivered to, i.a., the US Navy Command, a drone command center, American armament consortia and technological giants, such as Apple and Amazon. The whole thing was revealed by Amazon. While preparing for another tender to deliver Data Clouds for American services, they performed a security audit of a company they were planning to acquire. The discovery of the microchips was reported to appropriate services which initiated an investigation. Although no one was caught red-handed, the American services managed to establish that the Chinese Intelligence was responsible for the whole situation.

Poland on the Cyber Front

Ensuring cyberspace security has become one of the priorities of the modern world. In 2014, at the NATO Wales Summit, the heads of NATO member states decided that if any of the member states becomes a victim of a cyber attack, they can ask the Allies for help, invoking Article 5 of the North Atlantic Treaty. In 2016, the Warsaw Summit took things one step further – not only was cyberspace recognized as a domain of warfare, but it was also decided that defending it must be considered as one of the main tasks of the Treaty.

Poland has been active in this area for several years. In July 2018, the National Cyber Security System Act came into force (Journal of Laws 2018, item 1560), on the strength of which a new military component was created – the Cyber Defense Forces.

The most important institution responsible for the forming and functioning of the component is the National Cyber Security Center (NCSC), while the only unit in the Polish Armed Forces that can perform the whole spectrum of activities and military operations in cyberspace is the Cyber Operations Center. As emphasized by BrigGen Karol Molenda, the Director of NCSC, one of the most important tasks awaiting the Polish Cyber Defense Forces is looking after ICT networks, which are used by the Polish army to exchange classified and non-classified information with military units, as well as various institutions and commands.

In order for the ICT data transmission networks used by the army to be safe, they must meet three basic criteria: confidentiality (only authorized personnel can have access to information), integrity (guaranteed accuracy, cohesion and completeness of information), and accessibility (ensuring access to information and related resources to authorized users in the necessary extent). They translate into specific technical requirements that have to be met by the solutions applied in the army, such as access control mechanisms, protection against installation and activation of unauthorized equipment and software, as well as mechanisms monitoring user activity and collecting security violation data.

Key Tests

The command and communication network used by the Polish army comprises of various types of more or less advanced ICT systems used by all service branches of the Polish Armed Forces. They can work together due to the network of Jasmine Integrated Data Transmission Nodes stretching across Poland. These devices allow for transferring information with the highest security classification, “Secret” and “NATO Secret.” They are one of the most important elements in the command and communication network of the Polish Armed Forces, and thus face the biggest risk of cyber attacks. That is why, when a contract to deliver the new version of the ICT nodes was signed with Teldat three years ago, the priority was to check their level of cybersecurity.

In order to run necessary tests, at the beginning of 2019 the Head of the MOND’s Armament Inspectorate created a special group of the representatives of the Command Support and Signals Directorate of the Inspectorate of the Branches of the Armed Forces General Command, the Armament Inspectorate, Board VI of the Military Counterintelligence Service, the National Cyber Security Center, the 7th Regional Military Representation, the Command Systems Support Center of the Armed Forces General Command, and the Communication, IT and Electronic Warfare Equipment Operation Directorate of the Armed Forces Support Inspectorate.

According to legal regulations, in order for the shelter and portable ICT nodes to be introduced into service in the Polish army, they had to undergo security tests, including vulnerability, penetration and verification tests. The first type of test consists in conducting a controlled attack on the system. Its aim is to detect vulnerabilities in software or hardware, check it for faults arising from improper configuration or weak points in adopted and implemented technical and organizational protection measures, and determine if the system is secured against threats arising from the users’ insufficient awareness. Verification tests check whether a given solution meets all technical requirements indicated by the army in tender specifications (initial tactical and technical assumptions). Since the ICT nodes, just like the Jasmine Integrated Data Transmission Nodes, are also to be used in the creation of the Polish Mission Network 2.0 (PMN 2.0), i.e. the command and communication network for foreign missions and multinational operations, they were also tested on whether they meet related NATO requirements.

In order for the devices to start work in the Polish army, they also had to receive electromagnetic protection certificates issued by military services. To this end, they underwent tests using specialist measuring stations equipped with sensitive receivers and chambers that enable detection of unwanted electromagnetic emissions.

They Are Safe!

All the tests, verifications and checks performed on the shelter and portable ICT nodes before they could be introduced into service in the Polish Armed Forces took several months and had a positive outcome.

“We are glad our ICT nodes meet all military standards and guidelines regarding cybersecurity,” emphasizes Sebastian Cichocki, President of Teldat, adding that the nodes were the first product that underwent such extensive and complex testing according to the revised law. “It required a lot of hard work both, on our part and on the part of the Polish Armed Forces. We had to prepare, among other things, new testing and verification methodology, and choose competent laboratories to perform the tests,” he explains.

The first batch of the systems ordered in 2018 (24 shelter [stationary], 15 portable and two training sets) has already been delivered to army units. According to the contract, the deliveries of the ICT nodes will be completed by the end of 2021.

Krzysztof Wilewski

autor zdjęć: Łukasz Blechman / Teldat

dodaj komentarz

komentarze


Jak Polacy szkolą Ukraińców
 
„Husarz” wystartował
„Siły specjalne” dały mi siłę!
Ostre słowa, mocne ciosy
Karta dla rodzin wojskowych
Olympus in Paris
Ustawa o obronie ojczyzny – pytania i odpowiedzi
Zmiana warty w PKW Liban
Trzy medale żołnierzy w pucharach świata
Medycyna w wersji specjalnej
Ustawa o zwiększeniu produkcji amunicji przyjęta
Nowe uzbrojenie myśliwców
Nowe Raki w szczecińskiej brygadzie
Wojskowa służba zdrowia musi przejść transformację
Wybiła godzina zemsty
Rekordowa obsada maratonu z plecakami
Święto w rocznicę wybuchu powstania
Żaden z Polaków służących w Libanie nie został ranny
Norwegowie na straży polskiego nieba
Fundusze na obronność będą dalej rosły
Wojskowi kicbokserzy nie zawiedli
Donald Tusk po szczycie NB8: Bezpieczeństwo, odporność i Ukraina pozostaną naszymi priorytetami
Polsko-ukraińskie porozumienie ws. ekshumacji ofiar rzezi wołyńskiej
Sejm pracuje nad ustawą o produkcji amunicji
Triatloniści CWZS-u wojskowymi mistrzami świata
Czarna Dywizja z tytułem mistrzów
Ustawa o obronie ojczyzny – pytania i odpowiedzi
Czworonożny żandarm w Paryżu
Huge Help
Selekcja do JWK: pokonać kryzys
Jesień przeciwlotników
Trudne otwarcie, czyli marynarka bez morza
Right Equipment for Right Time
Transformacja dla zwycięstwa
W MON-ie o modernizacji
Polacy pobiegli w „Baltic Warrior”
Rosomaki w rumuńskich Karpatach
„Nie strzela się w plecy!”. Krwawa bałkańska epopeja polskiego czetnika
NATO odpowiada na falę rosyjskich ataków
Wzmacnianie granicy w toku
Ustawa o obronie ojczyzny – pytania i odpowiedzi
„Szczury Tobruku” atakują
Co słychać pod wodą?
Olimp w Paryżu
Terytorialsi zobaczą więcej
Wielkie inwestycje w krakowskim szpitalu wojskowym
Marynarka Wojenna świętuje
Setki cystern dla armii
O amunicji w Bratysławie
„Jaguar” grasuje w Drawsku
„Szpej”, czyli najważniejszy jest żołnierz
Polskie „JAG” już działa
Święto podchorążych
Od legionisty do oficera wywiadu
Trzynaścioro żołnierzy kandyduje do miana sportowca roku
Szwedzki granatnik w rękach Polaków
Inwestycja w produkcję materiałów wybuchowych
Szef MON-u na obradach w Berlinie
Nasza broń ojczysta na wyjątkowej ekspozycji
Operacja „Feniks” – pomoc i odbudowa
Jaka przyszłość artylerii?

Ministerstwo Obrony Narodowej Wojsko Polskie Sztab Generalny Wojska Polskiego Dowództwo Generalne Rodzajów Sił Zbrojnych Dowództwo Operacyjne Rodzajów Sił Zbrojnych Wojska Obrony
Terytorialnej
Żandarmeria Wojskowa Dowództwo Garnizonu Warszawa Inspektorat Wsparcia SZ Wielonarodowy Korpus
Północno-
Wschodni
Wielonarodowa
Dywizja
Północny-
Wschód
Centrum
Szkolenia Sił Połączonych
NATO (JFTC)
Agencja Uzbrojenia

Wojskowy Instytut Wydawniczy (C) 2015
wykonanie i hosting AIKELO