Search

Title

Author

Article Body

Manager


Manager - AB7RG
Manager Notes

Use of Isolated Computers for MARS

Created by W4JDY on 2022-06-10

 

As one of the DoD and USAF Cyber Resiliency SMEs for Weapon Systems and Defense Business Systems, the use of an isolated computer asset for MARS is an over-reach. The panic by IT System Security Engineers I suspect would have been such with regards to hackers and crackers - where there training and legacy mindset are.

 

As with any IT system to include US Government and military assets, common sense and proper use of NITS SP800-53b controls for non DNI NSS and for all others systems, CNSSI 1253b technical specification controls are more than enough to protect your personal assets for any use on the internet.

 

The latest trends in system and system-of-system development is now to resort to hardware vice software for critical mission and safety functions.

 

Unless you are on the air 24 hours a day and tied to any MARS or emergency frequency for the local EMC types, isolating your IT system is over-kill.

 

Try limiting the front-end of your modem and/or router/switch that is east to do if you know the devices and software ports you are using. Along with encryption, this is as good as it gets for the low-end military support user's systems.

 

From the reports we review daily, the largest problems is physical security and personal screening or personnel. Until the US does what Europeans do, that is forbid any foreign born national from access and employment in our Government, we will have the internal problems ... externally, software will always be hacked/cracked, but hardware is more difficult to do so. Firmware and updates from screened personnel has alleviated a lot of high end problems.

 

I have a number of IT assets I use with my radios from LF to SATCOM; but that is because I can afford the money and space to do so. If I was restricted to a single IT assets for amateur, personal and MARS use, it is simple to button the system up with some common sense security practices.

 

The sky is falling ... it always has fallen folks.

 

 

 

K4GTE2022-07-08
Re: Use of Isolated Computers for MARS
Like I said, the MARS mission statement is very broad and vague. After 30 years serving in the US military, one thing I learned was if the DOD loses communication ability, we've lost the war and amateur radio will not save us. If all "traditional" means of communication goes down, ham radio will be included.
Reply to a comment by : KG4RUL on 2022-07-08

The official mission is: The program is a civilian auxiliary consisting primarily of licensed amateur radio operators who are interested in assisting the military with communications on a regional and national level when access to traditional forms of communication may no longer be available. But the problem is that if "traditional forms of communication" are not available (after and EMP event for example), will amateur radio be functional? If the DOD can't maintain communications, with many millions of dollars spent, how will hams be able to?
Reply to a comment by : K4GTE on 2022-07-07

I was seriously thinking of joining MARS, my application was approved, but the more I thought about it, and researched, I have not been able to find a clear cut mission statement for MARS. In the pre cell phone days, MARS phone patches were invaluable to the military overseas. Just what is the MARS mission today, and is it still relevant ?
KG4RUL2022-07-08
Re: Use of Isolated Computers for MARS
The official mission is:

The program is a civilian auxiliary consisting primarily of licensed amateur radio operators who are interested in assisting the military with communications on a regional and national level when access to traditional forms of communication may no longer be available.

But the problem is that if "traditional forms of communication" are not available (after and EMP event for example), will amateur radio be functional?

If the DOD can't maintain communications, with many millions of dollars spent, how will hams be able to?
Reply to a comment by : K4GTE on 2022-07-07

I was seriously thinking of joining MARS, my application was approved, but the more I thought about it, and researched, I have not been able to find a clear cut mission statement for MARS. In the pre cell phone days, MARS phone patches were invaluable to the military overseas. Just what is the MARS mission today, and is it still relevant ?
K4GTE2022-07-07
Use of Isolated Computers for MARS
I was seriously thinking of joining MARS, my application was approved, but the more I thought about it, and researched, I have not been able to find a clear cut mission statement for MARS. In the pre cell phone days, MARS phone patches were invaluable to the military overseas. Just what is the MARS mission today, and is it still relevant ?
G7ENQ2022-06-18
Use of Isolated Computers for MARS
I would not hold us Europeans up as any kind of example in terms of governmental security. Here in Ireland a Russian GRU agent maskerading as a Brizilian spent several years at Trinity College doing a degree in some business/economic context and was spotted by the Dutch security service attempting to gain employment on some EU agency based in the Netherlands. This news broke yesterday and demonstrates how the sleepers get into governmental systems because a majority of European states have no clue as to who and what is in their country. It is crystal clear that the enemies of the West are licking their chops at the muppets in political power across Europe are only interested in their back pockets and their own self-promotion. A despicable bumch of vainglorious poppinjays.

EI9FDB, G7ENQ
K0CFI2022-06-14
Use of Isolated Computers for MARS
ISSM day job…
One could always configure their system IAW the Windows 10 Security Technical Implementation Guide (STIG) (https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_10_V2R4_STIG.zip).
My “gut feeling” (i.e., I have no evidence) is that there is a lack of trust that an individual who has no experience in a secure operating environment would maintain the security of their information system. For example, regardless of the operating system, a significant attack vector is not patching for known vulnerabilities.
As a side note, nothing in MARS would be considered classified information. Only perhaps, Controlled Unclassified Information (CUI).

73, Tom
KT4WO2022-06-13
Use of Isolated Computers for MARS
--"Secret Squirrel" operations.--

I asked a MARS op a few years back what freq.
he was on and got the "It's secret" reply.
I could not help but laugh at him!! to his face!

Fired up my SDRPlay and had it in 10min.

You can encrypt but you can't hide.
KT4WO2022-06-13
Re: Use of Isolated Computers for MARS
"rapidly becoming irrelevant."

MARS has been "irrelevant" for at least 30 years.
I joined, for a short time, over 25 years ago and quickly found that out.
Reply to a comment by : KG4RUL on 2022-06-11

One of the reasons I got out of participating in MARS was their move towards what I call "Secret Squirrel" operations. I.E. MARS operating frequencies being treated like secrets. Anyone with a scanner can and have figured them out in a short time. That, and their not having enough bodies to fill all the positions they needed to fulfill obligations to served agencies. This resulted in personnel wearing multiple hats at the same time. This is an operation that is rapidly becoming irrelevant.
KG4RUL2022-06-11
Use of Isolated Computers for MARS
One of the reasons I got out of participating in MARS was their move towards what I call "Secret Squirrel" operations. I.E. MARS operating frequencies being treated like secrets. Anyone with a scanner can and have figured them out in a short time. That, and their not having enough bodies to fill all the positions they needed to fulfill obligations to served agencies. This resulted in personnel wearing multiple hats at the same time. This is an operation that is rapidly becoming irrelevant.