U.S. Coast Guard: Priorities for the Future–CSIS/USNI

The video above records an recent event, a “Maritime Security dialogue” presented by the Center for Strategic and International Studies (CSIS) and the United States Naval Institute (USNI) featuring Admiral Paul F. Zukunft, Commandant of the U.S. Coast Guard, for a discussion on the “U.S. Coast Guard’s future priorities.”

Despite the title, don’t expect a recitation of Coast Guard priorities. Most of the material is familiar, but there were a few interesting comments, including some that might be surprising. A number of things the Commandant said here made news.

  • That the NSCs could be made into frigates.
  • That the Polar Icebreaker would cost less than $1B
  • His support of transgender CG personnel.

I’ll give a quick outline of what was talked about. At the end I will rant a bit about some of my pet peeves.

The Commandant’s prepared statement is relatively short beginning at time 2m45s and ending about 11m.

6m00 In our listing of missions, the Commandant said Defense Operations should be listed first. He noted that there are 20 ships chopped to Combatant Commanders including eleven  ships operating under SOUTHCOM.

Q&A begins at 11:00.

16m20s The Commandant noted there is a Chinese ship rider on a USCG cutter off Japan and that Coast Guard aircraft are flying out of Japan.

17m30s Boarder protection/drug interdiction

20m Called the OPCs “light frigates”

22m As for priorities the Commandant noted a need to invest in ISR and Cyber

23m Cyber threat.

24m Expect return to sea duty because of length of training.

26m30s “Demise of the cutterman”/Human Capital Plan–fewer moves–removed the stigma of geographic stability

29m25s Highest percentage of retention of all services–40% of enlisted and 50% of officers will still be in the service after 20 years

30m Law of the Sea. Extended continental shelf in the Arctic.

32m30s Need for presence in the Arctic.

36m ISR, 38m15s Firescout. An interesting side note was that the Commandant seemed to quash any possibility of using the MQ-8 Firescout. He noted when they deployed on a cutter 20 people came with the system.  He called it unoccupied but not unmanned.

40m Icebreakers

43m30s Comments on transgender members

45m15s Icebreakers–will drive the price down below $1B.

47m NSC as frigate–no conversations with the Navy about this. Performance of Hamilton.

49m50s Count the NSCs toward the 355 ship Navy.

50m30s Illegal migration and virulent infectious disease

53m35s CG training teams in the Philippines and Vietnam to provide competency to operate platforms to be provided by Japan. Two patrol boats going to Costa Rica. Other efforts to build capacity.

56m DHS is the right place for the CG.

The Commandant touched on a couple of my pet peeves, specifically

  • He called the OPCs “Light Frigates,” so why aren’t they designated that way? WMSM and WMSL are just wrong in too many ways.  Give our ships a designation our partners and politicians can understand. A WLB is a cutter and also a buoy tender. The OPC can be both a cutter and a light frigate. I have suggested WPF. Maybe WFF for the Bertholfs and WFL for the Offshore Patrol Cutters. If we want to be thought of as a military service, we need to start using designations that will be seen and understood as military.
  • He mentioned the possibility of including the Bertholfs in the 355 ship fleet total. Coast Guard combatants should be included when the country counts its fleet. No, the cutters are not aircraft carriers or destroyers, but the current fleet of about 275 ships includes about 70 ships that have no weapons larger than a .50 cal. These include eleven MCM ships and about 60 ships manned by civilian crews such as tugs, high speed transports, salvage ships, underway replenishment ships, and surveillance ships. Counting the Cutters as part of the National Fleet would raise  our profile as a military service. The Navy might not like it, but it does give a better idea of our actually available assets for wartime, which is the point of such a listing.

 

 

Hearing: Coast Guard Requirements, Priorities, and Future Acquisition Plans (FY-2018)

 

May 18, the Commandant, Admiral Paul F. Zukunft, addressed the House Appropriations Homeland Security Subcommittee. The recorded testimony is above. It is fairly long (1h40m). The Commandant’s initial statement, following the introductions, begins at 8m40s and ends approximately minute 14.

The administration’s FY 2018 budget request was not available, but the Commandant was there to discuss future priorities, requirements, and programs. The Department Secretary, General Kelly, is expected to address the Subcommittee on May 24 at 3PM Eastern.

I will just mention a few of the items I thought significant.

Admiral Zukunft noted that Huntington Ingalls has begun cutting steel for NSC #9. Questioned about NSC#10, he said, if it were funded, the Coast Guard would of course use it, but that the Offshore Patrol Cutter (OPC) is the Coast Guard’s #1 priority. His response, that another NSC would have an effect on long-range operating cost, seemed to suggest anticipated significantly lower operating costs for the OPC. Significantly, there has been no mention of reducing the OPC program by one ship to offset the addition of NSC #9. (There is already a strong push to build more NSCs, a bill to authorized a multi-year buy of three more.)

He contended that the Coast Guard has taken a harder hit, due to budget restrictions, than other armed services and would need 5% annual growth and at least $2B annually for Acquisitions, Construction, and Improvements (AC&I). Later he stated that this annual AC&I appropriation would included about $300M annually for shore facilities. He pointed to a need to restore 1100 Reserve Billets and add 5,000 active duty military billets while retaining current levels of Civilian staff.

Apparently the FY2918 budget will begin a program to replace 35 Inland tenders at an estimated cost of approximately $25M each ($875M total). (Even if, in the unlikely event, this program were funded in only five years, that would only average $175M/year, so it is not a big program, but one that should have begun at least a decade ago.)

Cyber security for ports was discussed. The Commandant sees the Coast Guard role as decimating best practices, rather than imposing regulation. We now have a cyber program of record–still very small, two CG Academy graduates going directly into the program. The fact that two billets is worth mentioning, is probably the best indication of how really small the program is. A much smaller pre-World War II Coast Guard probably had more people working on breaking German and Japanese codes. 

Marine Inspection was addressed. The Commandant noted the increased demand for Inspections because 6,000 tugs have been added to inspection program. He noted a need for more stringent oversight of 3rd party inspectors, who in some cases have not been as meticulous as they should have been. He also noted that the US flag merchant fleet, notably the MSC’s Afloat Prepositioning Fleet, will need replacement, which will also raise demand for marine inspectors.

The Commandant also voiced his support for the Jones Act. He noted, we only have three shipyards building Jones Act ships in the US, and their loss would be short-sighted.

There was much discussion about the Arctic and the Icebreaker Fleet. Looks like follow-on funding for icebreaker program (at least after the first) will have to come from CG AC&I rather than the Navy budget. This may be difficult, but it is the way it should be. The chair of committee expressed his reservations about attempting to fund such big-ticket items through the DHS budget. The Commandant stated that the Coast Guard is still considering the acquisition of the commercial Icebreaker Aiviq (but apparently they are doing it very slowly–the chairman of the committee seemed a bit irritated about this).

The committee members seemed to latch onto the idea that the USCG, rather than the Navy, would be responsible for enforcing US sovereignty in the Arctic (which by US definition includes the Aleutians), and seemed to be asking if the Coast Guard was prepared to fight the Russians and/or Chinese in the Arctic. The Commandant suggested instead, that our role was to provide presence in the pre-conflict phase in order assert US sovereignty. He acknowledged that the National Security Cutters are only armed defensively and are not suitable for conventional naval warfare against an enemy combatant.

The Commandant acknowledged that, at some point it may be desirable to arm Polar Icebreakers, meaning they should be built with space, weight, and power reservations for additional weapons.

(I am all for keeping open the option of arming our icebreakers, so that they can defend themselves and do their part, if there is a conflict in a polar region, but there did not seem to be recognition among the Congression Representatives, that an Arctic conflict is most likely to be determined by submarines and aircraft. The icebreakers’ role is likely to be primarily logistical.)

The Commandant apparently does expect that there may be disagreements with regard to the extent of the US authority over certain areas of the Arctic.

In discussing the need for land based Unmanned Air Systems, there was a curious note at minute 40 about go-fast boats going south. Where are they going?

Alien Migrant Interdiction (AMIO). We have gone for seven weeks without a single Cuban Migrant being interdicted. This is because of the end of Wet Foot/Dry Foot Policy. This has allowed reallocation of resources to drug interdiction South of Cuba and human trafficking from the Bahamas

A Congressional Representative, from Texas pointed out there is no CG presence on the Rio Grande River, in spite of it being an international waterway. There was no mention of it, but perhaps he was thinking of the Falcon Lake incident in 2010 when an American was allegedly shot in the head by Mexican drug runners. Maybe something we should reconsider.

The Commandant promised the CG would have an unfunded priority list for FY2018.

Maritime Cyber Security, Impressions–Juramentado

The following is a brief report of some of the content of a recent symposium that discussed a increasingly important topic, of which, I am woefully ignorant. Fortunately I have a friend who worked with me earlier on the CIMSEC Corvette Week Project who has expertise in the field, and he has been kind enough to provide his impressions. He goes by the pseudonym Juramentado.

Infragard Rhode Island Chapter recently hosted a “Maritime and Port Security” symposium in June. The speakers included representatives from various federal, military and law enforcement agencies.

Infragard is a coalition of civilian industry members and the FBI – covering multiple national security critical sectors including but not limited to Finance, Manufacturing, Energy, Maritime, Rail, and Aviation. The main theme that emerged from various presentations is the convergence of Physical and Cyber security and its impacts, especially in the Maritime space.

A good example of convergence is the risk of foreign marine traffic acting as an information gathering node. Vessels can easily house Wifi antennas connected to computing assets running software designed to penetrate vulnerable wireless networks. By “war-driving” US shorelines and ports, a lot of useful information could be gathered in plain sight. This is a variation of a long-standing malicious actor practice – “war-driving” became popular first as hackers wished to just gain free Internet access, and eventually leading to more nefarious goals.

The Industrial Internet of Things (IIoT) has many unexpected side effects – for example, many vehicles today can use firmware updates to improve performance and control of commercially made subsystems. These updates would be delivered via remote means, such as SatLinks. The updates can be vulnerable to corruption during download, and if allowed, can install automatically without notifying the operators. In one instance, this resulted in unexpected loss of subsystem control at a critical time. Many industrial zones claim to not be running wireless networks, but the proliferation of cheap and easily available wireless networking appliances, coupled with users’ natural tendencies for more convenience, have made the average network’s perimeter what security practitioners call “soft and chewy.” There are now many devices that utilize the Public Internet for both control and convenience. While wireless cameras are easy to set up (think of a home security system you can control over your smartphone), that same video feed is traveling over the world’s largest unsecured network, and subject to many possible attacks including spoofing, interference and other threats.

Food for Thought: “In this age of the IIoT, relationships equal opportunities for attackers.” The Global Supply Chain network provide entry and exploit points to get from small, relatively low risk targets to larger targets. A recent example cited hacker attempts to obtain login information to enter the computer network of a manufacturer of retail parts. This small supplier was tied to a client’s network – Supplier B. Supplier B serviced in turn – a large critical industry manufacturer. The interconnectedness of their networks is a reflection of the global economy and Just-InTime production. Each manufacturer is connected to each other’s computer systems for convenience, efficiency and speed of delivery, but this intermeshing is also a channel by which malicious actors can exploit for their purposes as well.

Efforts by commercial intelligence firms have revealed a criminal cyber campaign underway since late 2015 called “The Daily Show.” It was dubbed as such because the perpetrators used the pseudonym Jon Stewart to file for fraudulent Internet Domain addresses used in their attacks. The Daily Show is the brainchild of a Nigerian based criminal enterprise – they’ve managed to penetrate multiple industrial sectors, including maritime domains, mostly through unsecured and weakly protected computer systems. The truly concerning aspect is that “The Daily Show” has not relied on sophisticated malware and social engineering campaigns of the like conducted against the Financial or Defense sectors. Rather, they often use basic tools such as keyloggers (a virus that once installed on the target machine automatically records the keystrokes of the operator and sends it back to the attacker), delivered through fraudulent e-mails loaded with malicious attachments. Keyloggers are not new; nation-states were using them as far back as the 1970s to compromise electric typewriters in foreign embassies. This fairly unsophisticated method having such a successful outcome reflects the constant need to develop cyber-security maturity against both old and new attacks.

Notably, exploits used by The Daily Show have strong similarity to the attack methods used in the 2013 Antwerp Drug Heists, whereby entire containers of illicit drugs were smuggled into the port, then cleared for release without the proper authorities ever knowing about it.

Malicious actors are also openly attending Global Supply Chain conferences, actively looking for new technologies to exploit, interrupt or steal and reconnoitering for whitepapers and other publicly accessible documents that give context to how a particular component or product in a supply chains is built, maintained and protected. There was a recent concerted effort by unknown parties to gain as much information as possible on Industrial Flow Metering, the same kind of equipment used in POL storage, shipping and transfer. As with many things in the age of IIoT, that kind of industrial control directly connected to the Internet becomes an exploit point – to cause market volatilities, supply interruptions, all the way to a potential environmental disaster.

The bulk of malicious activity aimed against Maritime Security so far is financially motivated. But as we all know, money is what makes the world go round, and terrorism, non-state actors and even hostile nation-states needs a share of that in order to further their causes.

Juramentado is an observer of naval matters. He is an IT Risk and Information Security practitioner in the defense and financial services industries. The views and opinions expressed in this article are those of the author, and do not necessarily represent the views of, and should not be attributed to, any particular nation’s government or related agency.