Hardware-based crossdomain access solutions for OSINT

In the past few decades, conflicts like the war in Afghanistan and the recent Russian invasion of Ukraine have demonstrated the need to encourage a culture of information sharing among Nato members, as the amount of gatekeepers currently in place on the various systems involved make it difficult to openly share information with allies on the same network.

The war in Ukraine has also served to highlight the modern landscape of warfare, captured in real time due to the widespread proliferation of the internet, social media and smartphones.

Alliances and partnerships between armed forces create a need for seamless coordination, communication and synchronicity, particularly as they move from traditional battlefields into the emerging space and cyber sectors. As a result, open-source intelligence (OSINT) has become a central part of military operations in these modern conflicts – but challenges remain over its implementation.

For its part, Nato has been working to drive OSINT capabilities and information sharing across its member nations, looking to foster an improved ability to access and understand the information environment and to inform decision-making in the context of today’s hyper-connected global society.

On 4 April 2022, Nato shared a number of goals in this area through a request for information (RFI) for OSINT services. The alliance plans to implement automation within the intelligence cycle to enable processes, activities and information management to compensate for limited manpower and to increase sustainability.

Similarly, it is looking to create an integrated and coordinated working environment for real-time information sharing to produce fused actionable intelligence, while situational awareness and responsiveness will be aided through a synchronised understanding of the information environment.

Above all, Nato is seeking to provide deeper access to open-source information shared across the OSINT community and with other ‘communities of interest’. “At the moment, the key Nato goal is the necessity to enhance their interoperability capability,” says Dave ‘Flash’ Flanagan, VP Secure Consulting at Garrison, a leading cybersecurity company that specialises in providing hardware-based cross-domain access solutions. “The ability to interoperate with not only the defined partners that they have – the people that they know they have to work it – but [also] all those people that they don’t know they need to work with until the operation kicks off.”

Pathway to assurance

Today’s armed forces rely on their ability to access, view and search for specific information in real-time in its native environment, and then transfer the required information to controlled or classified networks. Other cross-domain access and transfer solutions have existed in the past but, to date, the former have not been robust enough to connect to high threat networks while the latter have been unable to handle the complexity of new and emerging data sets, demonstrating the need for innovation and development in this area.

Garrison was founded in 2014 by David Garfield and Henry Harrison, who set out to reinvent our approach to secure connectivity. Their pioneering hardware based technology designed to isolate risky environments has enabled a step change in ways of working for both commercial and government/defence organisations.

Nato members’ militaries have access to vast quantities of data that is constantly changing and often widely distributed, making it hard to access the desired information on demand. In the defence sector, where information can rapidly devalue as it ages, accessibility and timeliness are key issues. At the same time, the required information can frequently be located on high-threat networks from untrusted sources, and traditional software-based technologies cannot pass information assurance requirements as they are not secure enough, made vulnerable by the same flexibility that helped drive the modern information revolution.

Garrison has taken a new approach to multi-domain operations, developing a unique, ultra-secure, hardware-based, commercial-off-the-shelf (COTS), cross-domain access solution that addresses these issues. This system aims to provide previously unachievable levels of connectivity between a wider range of systems and networks – allowing key information to be accessed more easily, letting decisions be made faster and more securely, thereby enabling the safe operation of a complex, multidomain infrastructure.

“What Nato has is a need to embrace open-source intelligence,” explains Flanagan. “A need to reach out to all these different information spaces but, prior to technology like Garrison’s, what that would have resulted in was a degraded cybersecurity posture.”

As Nato laid out within a recent RFI around cyber operations, the alliance is looking to harden their cybersecurity posture, which is somewhat at odds with its drive towards OSINT – by its very nature, it involves reaching into more dangerous places and the increased risk that goes with it.

This paradox is where Garrison comes in. Its hardware-based cross-domain access technology hardens users’ cybersecurity posture, thereby enabling that desired reach into the broader opensource environment. “Put on the rubber gloves and reach into the mess that is the internet safely, without getting anything icky on your hands,” sums up Flanagan.

In addition, much of the data transmitted for operational forces can be in a format that cannot be sufficiently filtered, making it difficult to transfer from its native platform to sensitive environments. For example, when a Word document is imported into a secured network, any macros within it are too complex to make safe and are therefore excluded.

At the simplest level, Flanagan says, Garrison aims to bolster its clients’ interoperability by easing their ability to natively engage in a range of remote environments – for example, handling complex data, sending and receiving email in-domain, and minimising the need for exchanges cross-domain.

This approach can significantly mitigate the information exchange requirement between domains, easing the challenge of connectivity – doing it securely, effectively and efficiently.

Ease of access

For Nato personnel and those operating elsewhere in the defence sector, accessing public networks like the internet would require an entirely separate infrastructure – or, alternatively, would lead to people turning away from their classified workspace to access the internet on their personal devices and try to remember what they saw back at their workplace. Similarly, the chief concern for Nato members and other armed forces around the world is that their OSINT systems are both safe and secure. At the same time, allies or other departments within a nation may make use of older or near-obsolete systems, with users seeing little need to move on from what has worked for them in the past – creating the need to overcome this overreliance. Garrison’s cross-domain access solution resolves these problems, enabling personnel to access the internet and other high-risk networks directly from the comfort of their usual desktop, without compromising the safety or security of the classified network. It provides an ultrasecure mechanism that allows Natoclassified environments to connect directly to these partner environments, but without needing to move the data in question.

“It’s a cross-domain access solution, rather than a cross-domain transfer solution,” Flanagan explains. “When I’m working into that remote environment, I’m using its native tools, native data, native applications. I don’t need to worry about information transformation at the boundary, because I never move it across the boundary – I just reach in and see it.”

This also effectively prioritises operators’ needs so that they don’t require new training and responsibilities that are not native and natural to their prior experience – creating that key blend of people, processes and tools outlined by Nato in their stated OSINT goals.

For Garrison, it’s a priority that – even as its cross-domain access solution integrates and streamlines information sharing within a robust security model – as far as the user is concerned, they’re continuing to use the same browser, desktop, tools and processes with which they’re familiar.

“We want to change the world, basically,” says Flanagan. “[To get people to] stop trusting complex software and actually get into proven hardware-based separation and isolation. That’s the goal.”