Cybersecurity
Since the rapid digital transition resulting from technological evolution, cybersecurity has become a priority at international level. In our industrialised societies a vast majority of information, management and decision-making relies heavily on the use of Internet and computers. This makes us particularly vulnerable to an intentional or non-intentional breakdown of IT systems and, what is more, of the network. The urgent need for action in this domain justifies the strengthening of the security of IT systems through research, resulting in very short-term applications. In such a technological war with increasingly frequent and rapid adaptations, it is vital to follow up simultaneously the defensive and offensive aspects. There is also the risk of being very quickly overtaken by and becoming dependent of specialised firms, which would constrain the deliberative space available to national decision-making.
Research in cyberwarfare includes many fields of study. These fields can be grouped in three categories which correspond to the three first strategic objectives from the “Cyberstratégie pour la défense” (“Cyberstrategy for Defence”)* document by the Belgian Ministry: protection (SO_I), strengthening the cyber culture within defence (SO_II) and reaction (SO_III).
For
– The use of Artificial Intelligence and machine learning techniques. (Research Area 04)
– The hardware and software encryption of communications and data.
– The development of redundant and resilient IT systems.
– The analysis of blockchain-related technologies (principle used by cryptocurrencies).
– Security by design
– The development of rapid and automated accreditation and certification methods.
Recently, quantum information science arose in the field of cybersecurity with its unprecedented capabilities, both in information processing power and in communication reliability. Quantum computing is capable of making frequently used asymmetric key distribution methods for safe communication very vulnerable. To this end, post-quantum cryptography technologies are under development. At the same time, quantum technologies as such can be used to enhance communication safety. An example of a quantum technology for enhanced communication safety is quantum key distribution (QKD).
Strategic Objective II “Strengthening the cyber culture within Belgian Defence” aims to address the human as a weak link in cyber defence. To this end, cyber awareness of the people involved is increased and they are trained on how to respond to cyber security incidents. To this end, campaigns, courses and training opportunities are available for the end-user within Belgian Defence. These campaigns, courses and training programmes are continuously updated, and this requires state-of-the-art research. Research in this area will continue to focus on the development of high-performance simulation environments. These environments are used for assessing new concepts and technical solutions as well as for the training forces, from the specialised technical level through to the highest decision level. An example is the development and use of automated red teaming and non-player characters for training.
Strategic Objective III “reaction” is about more than only the human response. By responding adequately as fast as possible to cyber incidents, the incident can be contained. However, a fast and adequate reaction is only possible if the cyber incident is detected and communicated to the right instances, and if adequate mitigation strategies are available. Research includes the development of intrusion detection systems exceeding the quality of commercial solutions to enhance attack detection. Another research topic within this strategic objective is the development of solutions for assessing and improving cyber situation awareness in a multi-domain operation context.
* ACST-COD-CYSTRAT-DCC-001 / DRC2, Cyberstratégie pour la défense, May 2019