Nato,
the joint European-US defence force, has just taken delivery of a
key phase of a custom-built defence of its communications networks
against cyber attacks fromTelindus
.
The deal, worth more than £4.2m, stems from a Nato contract
starting in 2005 to harden its defences against cyber
terrorism.
Luc Hellebooge, Telindus's defence unit director and leader on
the Nato project, said the initial contract from Nato's
Consultation, Command
and Control Agency included engineering and design,
implementation, logistics and quality, proof of concept and
roll-out, testing, acceptance, training and equipment sourcing.
Nato's core networks cover the 26 members as well as operational
theatres such as Afghanistan and the Balkans. They include both
business and battlefield networks for telephone, computer, and
video conference communications. However, they also support Nato's
non-military actions such as disaster relief and protection of
critical national infrastructure, Hellebooge said.
The first phase covered 70 systems over all the network. In the
following phases there will be more countries, more sites, more
nodes, and a network upgrade. "The main tasks are prevention,
detection, reaction and recovery," Hellebooge said. "Putting them
together and handing it over on time and on budget took a lot of
cross-domain skills."
Since the new defence went live, Nato detected a "surprising"
number of attacks and also noticed a growing level of expertise
among attackers. "We accelerated the roll-out as a result," he
said.
Details of the exact technology Telindus is using is classified,
he said. But there has been a great swing in the military to use
Cots (commercial off-the-shelf) equipment and software. This helps
cut costs and makes keeping abreast of the latest technology easy.
But it opens otherwise inherently more secure systems to
widely-known exploits.
Following events such as 9/11 in 2001, the May 2007 DDoS attack
on Estonia, and with more attacks suspected to come from
governments, Nato has sharpened its attention on cyber defence,
said Hellebooge. "It is very reasonable to suppose that Nato is a
target it is very visible to hackers," he said.
The key system that Telindus delivered is the intrusion
detection system. This identifies attacks, their nature and origin,
and what the attackers might do in response to a defensive or
restorative action.
"We aim to learn as much as possible from an attack so that we
can avoid all future attacks that use similar vectors. That means
we have Plan A, Plan B, Plan C and so on to meet any possible
challenge," Hellebooge said.