Nato, the joint European-US defence force, has just taken delivery of a key phase of a custom-built defence of its communications networks against cyber attacks from Telindus.
The deal, worth more than £4.2m, stems from a Nato contract starting in 2005 to harden its defences against cyber terrorism.
Luc Hellebooge, Telindus's defence unit director and leader on the Nato project, said the initial contract from Nato's Consultation, Command and Control Agency included engineering and design, implementation, logistics and quality, proof of concept and roll-out, testing, acceptance, training and equipment sourcing.
Nato's core networks cover the 26 members as well as operational theatres such as Afghanistan and the Balkans. They include both business and battlefield networks for telephone, computer, and video conference communications. However, they also support Nato's non-military actions such as disaster relief and protection of critical national infrastructure, Hellebooge said.
The first phase covered 70 systems over all the network. In the following phases there will be more countries, more sites, more nodes, and a network upgrade. "The main tasks are prevention, detection, reaction and recovery," Hellebooge said. "Putting them together and handing it over on time and on budget took a lot of cross-domain skills."
Since the new defence went live, Nato detected a "surprising" number of attacks and also noticed a growing level of expertise among attackers. "We accelerated the roll-out as a result," he said.
Details of the exact technology Telindus is using is classified, he said. But there has been a great swing in the military to use Cots (commercial off-the-shelf) equipment and software. This helps cut costs and makes keeping abreast of the latest technology easy. But it opens otherwise inherently more secure systems to widely-known exploits.
Following events such as 9/11 in 2001, the May 2007 DDoS attack on Estonia, and with more attacks suspected to come from governments, Nato has sharpened its attention on cyber defence, said Hellebooge. "It is very reasonable to suppose that Nato is a target it is very visible to hackers," he said.
The key system that Telindus delivered is the intrusion detection system. This identifies attacks, their nature and origin, and what the attackers might do in response to a defensive or restorative action.
"We aim to learn as much as possible from an attack so that we can avoid all future attacks that use similar vectors. That means we have Plan A, Plan B, Plan C and so on to meet any possible challenge," Hellebooge said.