Meshnet Digital Armor To Protect Tanks

An anonymous reader writes "General Dynamics Canada and Secure Computing have partnered to develop Meshnet, a hardware/software firewall designed to protect networks and digital devices inside tanks and other military vehicles from hostile computer and virus attacks. Without adequate protection a tech savvy enemy can infiltrate networks, manipulate information, and deny crews the data they need to participate in modern warfare. Exactly such an event happened last year to an Israeli crew, when hackers from Hezbollah eavesdropped on their communications. 'The system uses Secure Computing's off-the-shelf Sidewinder Security Appliance ... Sidewinder consolidates all major Internet security functions into a single system, providing "best-of-breed" antivirus and spyware network protection "against all types of threats, both known and unknown," according to Secure Computing.'"

Why?

[msi (641841)]

Or just shoot any one coming towards you with a laptop!

Re:Why?

[eobanb (823187)]

Well, that's not entirely true. For example: 2.4 GHz, which is an ISM band in the United States, is used by the French military in France. Therefore, a number of common electronics, like cordless phones, Bluetooth devices, 802.11, etc., have faced problems with the government banning their use; over time, industry groups have been able to cut through the red tape, but both Bluetooth and Wi-Fi was not allowed in France for several years after it was already in wide use in other countries.

Re:

[Mister Whirly (964219)]

The French Military? Why even bother trying to encrypt "We Surrender!" - their enemy will find out soon enough.

If you want a chuckle, go to Google and type "French military victories" and click on the "I'm Feeling Lucky" button...

Umm?

[pembo13 (770295)]

Is there some deficiency in the military's current ability to kill people that I am not aware of? Or are they preparing to defend against extra terrestrial attacks? Isn't this the second military research story for week?

Re:

[aadvancedGIR (959466)]

No, they are still as deadly, it is just that if a hidden guy with a wireless laptop could trick a nearby MBT crew to fire on their own troops, it would be bad news.

Sanity check:

[Jennifer York (1021509)]

Do anyone think the Hezbollah reference is a little bit odd? How does intrusion detection and firewalls stop someone from eavsdropping on communications? Please point out the reference that deatils how an Isreali tank was denied information, or misled by false information.

This unsubstantiated BS as a justification for an obvious product placement requires more scrutiny. I don't doubt that there IS a chance that some enemy force could have the capability to "hack" a tank, but the "Exactly such an event happened last year to an Israeli crew" needs some evidence.

Re:

[ByOhTek (1181381)]

So, lets say I'm connecting to my computer via SSH, and I'm a savvy individual, I notice a keyswitch, etc, and won't connect if I see something like that (suggesting a man in the middle).

No you think "great, it'll be hard to evesdrop on my conversation, I'm running SSH, it's encrypted!"

So, now some hacker comes along and wants to observe me. He *could* go after my SSH traffic, and try to decode it, but look! I'm not running a firewall or intrusion detection software. He figures (correctly in most cases), it

You still haven't said how he would do that.

[khasim (1285)]

So, now some hacker comes along and wants to observe me. He *could* go after my SSH traffic, and try to decode it, but look! I'm not running a firewall or intrusion detection software. He figures (correctly in most cases), it will probably be easier to hack into my system, and put monitors there.

HOW does he do that?

Does he send you an email with an attachment named "nude girl.jpg.exe" that you open?

Does he send you an HTML email that exploits a vulnerability in Outlooks/IE?

Does he use a worm to attack the v

Re:

[ByOhTek (1181381)]

There are a lot of ways to hack into a system, it varies on the system. Cracking a Windows box is different from a Linux box which is different from a FreeBSD box which is different from a Solaris box. If there are many applications running, one of those could be the culprit.

The best answer that can be given without more information is simply - they try stuff until they get some indication of the quality of the user, and the OS. At which point, they pick their method and target.

The firewall can make this a

Yeah, you go with that.

[khasim (1285)]

There are a lot of ways to hack into a system, it varies on the system.

No, there are not. There are very few avenues to crack any system.

#1. Attack the daemon listening on an open port.

#2. Trojans.

#3. Exploiting a vulnerability in an app when fed specific data (IE is a good example).

#4. Viruses that attach themselves to other apps.

The best answer that can be given without more information is simply - they try stuff until they get some indication of the quality of the user, and the OS. At which point, they p

How about making that #7?

[khasim (1285)]

Since the tanks PROBABLY aren't running fiber or CAT 5 between them ... we're talking radio signals. So yeah, if they can attack TCP/IP or exploit a vulnerability in the transmission itself ...
http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks [lucidinteractive.ca]

And as you've noted, a firewall would NOT be much help.

Particularly, as noted in the article, and "off the shelf" firewall.

Re:

[MrMr (219533)]

I second the suspect BS motion.
The article that is being referred to doesn't provide a working link to the alledged hacking story.

Re:

[ArcherB (796902)]

The communication is wireless. Either they were not encrypted, did not frequency hop or were jammed. Probably a combination.

Re:

[ZonkerWilliam (953437)]

How does intrusion detection and firewalls stop someone from eavesdropping on communications?

There are still ways for an IDS/IPS to detect network cards in promiscuous mode (without an IP address), which most hackers use to sniff traffic.

Re:Sanity check:

[dwillden (521345)]

Absolutely it's odd, since Hezbollah wasn't really able to listen in on the Israeli radio's, they just used Direction Finding to locate where the Israelies were broadcasting from, and used that to plot where the Israelies were and where they were going.
There was no great security hack, just monitoring and DF'ing the encrypted radio traffic. I don't need to know what is actually said. If I can track the enemies location by simple DF'ing of their communications, I can quickly locate them and then track their movements. And when that indicates that a large number of radio's are moving up the valley towards my position, I know to be ready to attack, defend or run.

Don't want to imagine

[downix (84795)]

This article begs the thought, what if a hostile force did take over the computer systems of military vehicles. With the advent of fly by wire and now drive by wire systems, the computer can pretty much take complete control over the vehicle. Add in something like Storm, which can run more brute force keygens than even the best supercomputer, and none of these vehicles are in any way secure, even with this new digital armor installed.

Re:

[Sqweegee (968985)]

The easy option: Don't have any remote communication/data systems connected to vehicle control systems, unfortunately there's already a lot of hardware out there already.

The solution the US military will come up with: Spend trillions setting up a super intelligent AI that can defeat hackers on the fly and control all military weapons on it's own to spare ever needing to send real troops into battle again... it will be named Skynet...

Re:

[Dunbal (464142)]

Don't have any remote communication/data systems connected to vehicle control systems, unfortunately there's already a lot of hardware out there already.

      It will be funny the day all the Predators fail to come in for landing and the guys in Nevada are left staring at a marijuana leaf on their screens...

They will need to study hard though.

[AltGrendel (175092)]

If the current defenses against phishing, spam, and botnets are any example, it's going to be a long, long struggle to keep things "clean".

Did I really understood TFR?

[aadvancedGIR (959466)]

So, defense contractors plan to use off the shelf network security tools in the future because the one currently deployed are too easily hacked. What the point in having that on the main page?

This reminds me

[javilon (99157)]

This reminds me of Ghost in the shell, "I pwned your eyes".

Re:

[Billosaur (927319)]

I was thinking of Keith Laumer's "Bolo" stories actually... how long till we have a completely self-aware tank?

Buzzword threshold exceeded

[arivanov (12034)]

Incoming buzzword alert!!! Run for best of bread cover against unknown threats.

Re:

[Critical Facilities (850111)]

Run for best of bread cover

Isn't that when 8 track tapes of bad 70's bands rain down from the sky?

Hey, it runs BSD!

[downix (84795)]

They won't say which BSD, but who wants to bet OpenBSD or at least parts of OpenBSD have found their way into it?

Re:

[canuck57 (662392)]

They won't say which BSD, but who wants to bet OpenBSD or at least parts of OpenBSD have found their way into it?

One would think you would choose a stable, high uptime secure OS in a tank as it's fundamentally a good idea. Makes me wonder why it already isn't intrinsically firewalled. I wonder if some idiot put Windows inside the tank? I can hear it now:

Gunner: Can't fire yet, waiting for the A/V to finish scanning...

Boom, silence after. It crashed thinking the shell was in mid flight when it restar

Skynet

[jandoedel (1149947)]

Hope it helps a bit when Skynet takes over. I for one don't welcome our Skynet overlord with his beowulf cluster of hacked tanks.

Technology Worth It?

[ObsessiveMathsFreak (773371)]

Exactly such an event happened last year to an Israeli crew, when hackers from Hezbollah eavesdropped on their communications.

In fact, the entire war was characterized by the overall failure of modern military technology, gadgets and intelligence to defeat an enemy essentially using little more than AK-47s, mortars, and sandbags. The entire Israeli army could do little more than advance ~2km into Lebannon. It's clear that military reliance on technological silver bullets is no match for simple numerical sup

Re:

[TheLink (130905)]

I bet the real reason why the Israelis didn't get further in was more political than tech. They were already bombing practically any building they wanted in Lebanon.

AFAIK Israel doesn't really want Lebanon or other countries, they want Israel. Judging from the UN Security Council "vetoes" and other similar stuff they've already got the USA by the balls.

Re:

[Dunbal (464142)]

Stalin once asked of the Pope: "How many divisions has he got?". It shows the mindset of those whose countries actually fought in a major and prolonged conflict. For them, it was not as much about which tank could turn faster, or whose radios had a better signal. It was about how many men (and for the Soviets, women) they actually had to fight with.

Good post and I essentially agree with you, however this is a bad example. The Russians threw countless bodies in front of the German advan

Well no, not really

[SmallFurryCreature (593017)]

That conflict showed the failure of an army fighting by the rules, against an enemy that did not, and never has.

If Israel could have used the full force of its military without the world breathing down its neck, hezbollah would have been so much smoking corpses.

What this shows you is that most advanced tank cannot deal with a meat shield if there is a camera crew near. Hezbollah has become very good at using this kind of war, they had to, the more recent lebanese actions have shown they suck at military conflict. Note that lebanon could just blow the hell out of hezbollah bases and civilian casualties be damned. Suddenly the world realises that just because a shot up corpse is dressed in civil garb, does not make it a civilian.

In fact the military conflics around Israel have shown just how bloody effective modern equipment is, outnumbered in every way, Israel nonetheless manages to hold out, because they use tech to the max.

You are also wrong about the soviets, the russians were actually the one with the better gear against the germans. It just took a while for it all to come together, but it was the germans that copied soviet tech, not the other way around. The turn around came when russia learned to use the tech advantage it had and properly equip its soldiers with it. Early in the war, it had excellent tanks, but often without radios, or it had motivated troops, who lacked guns. Once that was sorted out, the germans never won a single battle against the russians. Superior tech.

Offcourse, you got to use it properly.

Iraq again shows you just how lethal tech is over numbers. The iraq army was many times greater and was wiped out.

The current conflict has nothing to do with the lack of manpower or reliance on tech. You cannot occupy a country that doesn't want to be occupied unless you are capable of dealing out massive amounts of punishment Roman style. Storm the city, kill everyone inside, tear down the buildings, plow up the ground and sow it with salt, so that you can then point to the desolate area and say, "this is what we do with those who oppose us, any questions?"

In a way, Hezbollah uses very modern weapons, western media, to fight the war. No use of radio? How do you think the images of bloodshed, real and staged made its way to the west? Pigeons?

One final note. You state that Israel only managed to advance X miles. How many miles did Hezbollah advance? Okay, yards then. Feet? Inches? So much for low tech then. Hezbollah has never once manage to threaten Israels survival. It is one of the reasons Lebanon is so fed up with them and finally took action against them and this time, the world media didn't care.

And those protected devices now slow to a crawl...

[securityfolk (906041)]

C'mon Joe, aim the turret, aim the turret!!! Sorry Jim, I can't - my system isn't responding right now - it's scanning for spyware :(

BOOM...

In reality...

[Javarufus (733962)]

The evidence from the digital attack last year is as follows:

"The A-176 tank scope operator was panning to the North to acquire the target in question when a pop-up add appeared in the view finder alerting him of a fantastic deal on Viagra. Later alerts included free porn and offers to download virus scanning software"...

Nice ad

[Pedrito (94783)]

How do I get my products advertised as articles on Slashdot? I imagine that could be pretty lucrative. Who do I pay?

Re:

[Nimey (114278)]

Zonk.

More seriously, this is at least a somewhat interesting post.

Single Point of Failure

[cyberbian (897119)]

Any security consultant worth his salt would be aghast at the military taking up a posture that allows for a single point of failure. Defense in depth is the current mechanism of choice... talk about putting all of your eggs in one basket.

Missing the obvious

[athloi (1075845)]

Just shoot back at the enemy. If your tanks are getting hacked, cancel the MySpace page for your regiment.

What is their "antivirus" protecting against?

[argent (18001)]

Is the military so stupid they're actually using Windows-based software (or software running ANY consumer OS for that matter) in battlefields? If so, there's been a major drop in their design and code standards in the past few years.

Also, what's the threat? "This was reportedly the case during Israel's incursion into South Lebanon last year, where Hezbollah hackers were allegedly able to monitor IDF communications, giving the guerrillas a leg up in attacking Israeli armor." sounds like ordinary signals intelligence. You don't fight that with firewalls and antivirus software, you fight it with encryption and electronic countermeasures like dummy sources to fight tracking and traffic analysis.

Re:

[argent (18001)]

If so, there's been a major drop in their design and code standards in the past few years.

Really?

Yeh, I know a lot of people who were working on mil-spec stuff back in the '80s and earlier, and their battlefield and avionic firmware was using languages and systems developed specifically for military use. Some of them were even dismissive of ADA. I think using C++ would have started a rebellion.

I seem to recall a battleship that got stalled a few years back ...

Yeh, an experimental one. After that fiasco, the

MS has a version

[switcha (551514)]

"You have aquired an enemy target. Cancel or Allow?"

Sorry folks, we're not that Sci-Fi yet

[blueZ3 (744446)]

The article makes it sound like M1s are Bolos, or something. But slow down there, McFly. The ability to "blind" a tank assumes a level of tech that's not currently available.

Sure the commander is getting info electronically. But it's not like the computer that stabilizes the gun and sight is connected to the network. Nor is the turret traversing mechanism. The article at best glosses over the systems that are networked, and at worse is FUD. From TFS it sounds like there's imminent danger that Al Queda is go

Crap! It's updating!

[centron (61482)]

"We're taking small arms fire, possible RPG position sighted!"

"Ballistics are non-responsive! The whole thing is locked up! Possible enemy infiltration of system... wait, no, it's installing new DATs. 28% complete... 29%... RPG fire! Cover!"

The 800 LB gorilla in the room...

[tgatliff (311583)]

No one wants to suggest the obvious, which is systems like this should never require antivirus and spyware support. For mission critical systems, the only thing they should use is embedded devices where the only way to install additional software is by flashing the firmware on the device. Also, use of a hardened kernel would be nice...

Re:

[somersault (912633)]

How are they meant to install their bonzai buddy on that?

Re:

[krazytekn0 (1069802)]

The problem with this is that the spec-writers for government contracts don't know anything about the products they are trying to buy. Therefore we would end up with job specs at my old job that said stuff like, "1 piece tank with no seams that is 6' tall by 6' diameter, delivered and set in place." Which would normally be ok except the only doors on the facility are 30" wide. So one could imagine that the spec for these systems had some kind of requirement for the vendor to remotely update many tanks/vehic

Re:

[Critical Facilities (850111)]

It apparently does run Linux!

No, It doesn't. According to the PDF in the article:

Administration system requirements OS - MS Windows 2000 or XP CPU - Intel (1 GHz minimum) Memory - 512 MB minimum Drives - 300 MB of available disk space, 3.5" 1.44 MB floppy disk drive, CD-ROM drive Monitor - 1024 x 768 or higher Network interface card - access to your firewall network Browser - Internet Explorer 4 or later; Netscape 4.x or later Model 2100 & 2150 - 2U platform Model 1100 - enterprise 1U platform Model 410 & 510 - smal

Re:It runs on snake oil.

[russ1337 (938915)]

Exactly. It's the same old story with military hardware salesmen. The put words in nice brochures that attract the senior officers who don't understand the details. Look at the words used in the ad.

"The system uses Secure Computing's..... " makes it sound secure.
"off-the-shelf.... " makes it sound 'cost effective'
"...Sidewinder Security Appliance..." makes it sound like a cool offensive weapon
".... consolidates all major Internet security functions into a single system" makes it sound like they

Re:

[CheeseTroll (696413)]

How do you use your eyes to sight a target in the dark? I'd say the system on the Abrams is doing its job well, if the 95% hit percentage is accurate.

http://en.wikipedia.org/wiki/M1_Abrams#Aiming [wikipedia.org]

Re:

[stoicfaux (466273)]

The sorry state of affairs today in that our boys on the field rely TOO MUCH on TECHNOLOGY is reflected in what happens when that technology FAILS. People DIE.

a) Technology can give you a huge advantage over The Enemy(tm). Which is why the US led coalition was able to dominate in Desert Storm.

b) Because technology acts as a "force multiplier," meaning you can do a lot more with less people/tanks/planes/etc.. Without high technology we would need many more real live people in the military. So you

Re:id4-type attack?

[IgnoramusMaximus (692000)]

You are confusing logic with sales. The point of this excercise is to sell a bunch $50,000 anti-alien-mind-control-ray tin foil hats. "100% Guaranteed and Tested! No Space Aliens have ever penetrated our ReflectoBeanie! Its a real bargain!"

Never you mind that practicality of manipulating takns into shooting each other or their own troops is beyond ridiculous from the perspective of logistics on the battlefield and return on investment for the attacker who would have to be just in the right place in the right time with a complete understanding of the internal workings of the enemy's command and control systems and procedures, relative tank positions and in respect to their true targets and also to be able to plausibly override voice communications when one tank commander goes on his radio to ask "Sir, why are we prorized to shoot a target 90 degrees from the direction towards the enemy positions?".

But thats Military Industrial complex for ya. Next up, $500 military-grade anti-vampire garlic patches.