Why JADC2 AND JWCC Requires No Less Than Zero Trust Security

Intrusion Team
Feb 09, 2023

As part of its initiatives to maintain tactical and strategic superiority over US adversaries, the US Department of Defense (DoD) launched Joint All Domain Command and Control (JADC2), a warfighting concept designed to integrate sensors and shooters across all US military services into one unified network. 

In this post, we’ll take a closer look at JADC2, not only what it is and its purpose, but also at some key aspects pertaining to cybersecurity. We’ll also talk about Joint Warfighting Cloud Capability (JWCC), a multi-vendor cloud-based system that supports JADC2, and its cybersecurity aspects as well. 

Cyber Has Entered The Battlefield

A few hours before setting in motion its kinetic military invasion of Ukraine about a year ago, Russia unleashed a series of destructive cyber attacks against Ukrainian computer systems. These attacks involved wiper malware that corrupted files, rendering systems inoperable. Turns out, that was just a foretaste of things to come. Throughout this war, Russia has been employing both cyber and kinetic warfare in combat. 

While Russia’s invasion of Ukraine is so far the clearest demonstration of cyber’s increased role in the battlefield, Russia isn’t the only nation state that leverages as well as targets computer systems in geopolitical conflict. In its 2022 Digital Defense Report, Microsoft identified China, Iran, and North Korea, along with Russia, among those nation state actors that frequently conduct cyber attacks. All those countries have geopolitical tensions with the United States. 

As part of its efforts to maintain tactical and strategic superiority across all domains—air, ground, sea, space, and cyberspace—the United States DoD has taken deliberate steps to integrate cyber (i.e., computer hardware, software, and networks) into its warfighting functions as well. JADC2 is a major step in that direction. But what is it?

JADC2 – Improving Coordination in All-Domain Warfare

JADC2 is a DoD concept that aims to interconnect all sensors and shooters across all branches of the US armed forces—Army, Navy, Air Force, Marines, and Space Force. To speed up analysis, coordination, distribution, and utilization of what should amount to a massive cacophony of data, JADC2 will leverage Artificial Intelligence (AI) and Machine Learning (ML).  

Each branch of the armed forces already has its own command and control (C2). However, for the most part, these C2s lacked interoperability, and in fact operated in siloes. JADC2 is architected to break down these siloes and provide a joint command and control that greatly improves coordination among all branches, especially in warfighting functions. 

A joint C2 can provide forces a comprehensive view of the battlefield in the quickest time possible. This will in turn enable these forces to respond faster than their adversaries and in true “all-domain warfare” fashion. In addition, the enhanced coordination gained from a joint C2 can significantly improve efficiency, accuracy, and the chance of success. 

JADC2 doesn’t function on its own. It’s being supported by other technology-driven DoD initiatives. One of them is JWCC. 

A Multi-Cloud Approach to Warfighting

The Joint Warfighting Cloud Capability or JWCC is a cloud initiative that enables the DoD to acquire cloud capabilities from a selection of vendors, namely Amazon Web Services (AWS), Google, Microsoft, and Oracle. These four vendors will compete for individual task orders, which, in line with the spirit of a multi-cloud strategy, allows the DoD to gain access to best-of-breed cloud capabilities while taking advantage of competitive pricing. 

At the same time, JWCC enables US forces to leverage the elasticity, resiliency, availability, and scalability of cloud infrastructures as well as serve as the cloud computing backbone for JADC2. Through the combined global reach of these major cloud service providers (CSPs), units from all branches of the military can acquire cloud capabilities regardless whether they’re within the US or at the tactical edge. 

In a press briefing held by defense officials in December last year, DoD Chief Information Officer John Sherman declared that JWCC brings cloud computing capabilities at all three security classification levels, i.e., unclassified, secret, and top secret. As you can imagine, securing this multi-cloud environment is paramount. 

Cloud Security is of Utmost Importance

As the cloud computing backbone of JADC2 and a potential repository of secret and top secret information, JWCC can very well be a target of nation state-level cyber attacks. Count on nation state adversaries to look for weaknesses they can exploit—from cloud misconfigurations, through software vulnerabilities, to insecure cloud user practices. 

If they can somehow break into a JWCC cloud-based resource or any of the CSP’s data centers, threat actors can perform lateral movement and privilege escalation to compromise additional IT assets in the cloud infrastructure. After establishing a foothold, attackers can then conduct a range of nefarious activities, including espionage, sabotage, denial-of-service, ransomware infection, and so on. 

Although the CSPs involved in the JWCC have security features built into their cloud environments, they still have certain security deficiencies. For instance, CSPs lack the capability to deliver the dynamic network protection needed in environments that require constant accessibility. In these scenarios, a cloud network security solution that automatically identifies and blocks malicious inbound and outbound cloud connections would be a better fit. In fact, environments like those that constitute the JWCC and JADC2 really require zero trust security. 

No Less Than Zero Trust

The Zero Trust model operates under the assumption that malicious actors may already exist within your network. Based on this assumption, Zero Trust security requires:

  • Constant authentication and verification of trustworthiness of all resources 
  • Establishment of a least privilege model of access
  • Continuous inspection, logging, and analyzing of all network traffic within and between an organization’s network boundary

The very nature of the network activities and environments constituting JWCC AND JADC2— which involves rapid data exchange and processing in aid of mission-critical decision-making in warfighting—calls for nothing less than a Zero Trust approach to security.

To ensure the integrity of data transmitted between multiple sensors and shooters, the overall integrity of the network must first be preserved. This objective calls for real-time monitoring that continuously verifies the trustworthiness of each resource and network traffic involved. For instance, if an internally-based resource in a JWCC cloud is found to be connecting to a known malicious host, that connection must be automatically shut down.

You don’t have to be a branch of the US armed forces to require Zero Trust security. If you feel your organization needs to implement Zero Trust but don’t know how to go about with it, contact us. We’ll be happy to answer any questions about Zero Trust and cybersecurity in general.

Resources that might interest you.

Get the insights cybercriminals don’t want you to know.