US Army Military Auxiliary Radio System (MARS) Headquarters is recommending that MARS members “migrate to stand-alone computer systems for [MARS] radio operations,” subject to the availability of a dedicated computer.
“These computer systems (or their associated local area networks) should be ‘air-gapped’ from the internet,” Army MARS Headquarters Operations Officer David McGinnis, K7UXO, said in a message to members. “Although not a requirement for membership at this time, we will continue make this a condition of certain parts of our exercises.”
McGinnis pointed to remarks by Cisco researchers in a recent Ars Technica articleabout VPNFilter malware: “Hackers possibly working for an advanced nation have infected more than 500,000 home and small-office routers around the world with malware that can be used to collect communications, launch attacks on others, and permanently destroy the devices with a single command.”
McGinnis told Army MARS members that MARS Headquarters does not discuss specific cyber threats with MARS members or with the public. “We also cannot confirm or deny information about specific threats,” he said, adding that he had “no specific knowledge” about VPNFilter malware and no comment on the Cisco report.
For communication exercises this year, MARS established conditions for a certain portion of the drill that requires use of standalone computer systems “normally not connected to the internet.”
MARS member and software consultant Steve Hajducek, N2CKH, has recommend that members using the MIL-STD (military standard) Data Modem Terminal (MS-DMT) communications software employ stand-alone computers in conjunction with the software as a best practice for achieving a high level of performance. McGinnis said discussion of stand-alone computer systems on Hadjuceks’s support forums and their use in communications exercises let Army MARS Headquarters weigh in on the discussion. He pointed out that the MARS mission assumes that an internet connection is not available. He said used or refurbished PCs are widely available at low cost and could be dedicated to serve a stand-alone function.
“The most effective way to protect against threats that come from the internet is to isolate from the internet,” McGinnis added.
“Despite a stand-alone environment, we assume that all computer systems in private citizens’ hands are infected with hostile software code of some sort and are not secured,” he said. “No amount of virus and malware scanning software changes that assumption. We can, however, isolate computers by disconnecting them from the international network in which hostile software will report and receive instruction.”
McGinnis said future versions of MARS software will check for an internet connection and will disable the software. “We understand this lock-out does not provide security in and of itself; rather, its value is in changing the behavior of members,” he explained.
He encouraged MARS to monitor for internet security threats and determine how to secure their internet-connected and stand-alone devices.
MARS Program Manager Paul English, WD8DBY, told ARRL that the MARS goal is to isolate MARS members’ computers from the internet as much as possible. “Having stand-alone computers running as few other resources than MARS-related software improves the overall MIL-STD system software performance and further isolates computers from infections, malware, and hacking,” he said. English added that isolating the computers that members use for MARS-related activity is “a goal, but has not been directed.”
HF Log Periodic Antenna – Frequency Range 3.0 – 30.0 MHz The LP-1005 antenna array is designed for medium and long range high fr... Read more
Diamond Antenna SG2000: 144MHz(2m) Length:1.59m / Weight:400g Gain:5.2dB / Max.power rating:150W / Impedance:50ohms VSWR:Less than 1.5:1 / Conn... Read more
Ohio ARES members stared down “Snowmageddon” 2019, the mid-January blizzard that blanketed the lower Great Lakes region. Based on ominous forecasts an... Read more
The International Amateur Radio Union (IARU) represented the interests of the Amateur and Amateur-Satellite Services in Geneva at last month’s second... Read more
Interference from what ISED, Canada’s telecommunications regulator, called an individual “operating an Amateur Radio station without proper authorizat... Read more
An FCC Enforcement Bureau Notice of Unlicensed Operation (NoUO) issued last fall to a California Technician-class licensee for alleged unlicensed FM b... Read more
MFJ-1204 Includes radio interface cable (8-PIN DIN) Sign up for the digital revolution and explore a whole new world of amateur radio excitement using... Read more
JS8Call Download “Hi folks! Happy to announce 0.8 of JS8Call. This is a backwards incompatible release (which is the primary reason for it being... Read more