The Navy is deploying a cyber analysis team to investigate the potential role of network vulnerabilities on one of its two destroyers involved in deadly collisions during a three-month span this year, according to Director of Naval Intelligence Vice Admiral Jan Tighe.

The Navy has sent a team comprised of its Tenth Fleet Cyber Command and technical experts from Naval Sea Systems Command (NAVSEA) and Space and Naval Warfare Systems Command (SPAWAR) to analyze possible anomalous activity in its networks prior to the collision involving the USS John S. McCain’s collision on Aug. 21 off the coast of Singapore, Tighe said at an event hosted by the Center for Strategic & International Studies.

Director of Naval Intelligence Vice Admiral Jan Tighe. Photo: U.S. Navy.
Director of Naval Intelligence Vice Admiral Jan Tighe. Photo: U.S. Navy.

Tighe specified that the Navy would not be sending a similar team as part of its investigation into the USS Fitzgerald (DDG-62) collision investigation, as a conclusion was made that malicious cyber activity was not a factor in the crash.

“There was no indication on either account that there was any cyber implication for the cause of the accident. We put the team onto the McCain to go confirm that. We have all the data from the Fitzgerald, and if anything is found we can go back and take a look at that,” said Tighe.

While discussing her role in overseeing maritime cyber operations, Tighe discussed how the cyber investigation is a vital opportunity to test the Navy’s ability to use a team aimed specifically at analyzing the role of network vulnerabilities in causing physical disruptions and mitigating future risks.

“We do have to worry about the same thing that a lot of the industry is worried about and corporations, and that is the cyber fatigue is starting to set in,” said Tighe. “But we don’t have cyber fatigue in the Navy or in the department. There is no sense of helplessness here. We have an awful lot to do and there’s certainly more to be done. We have organized around this problem. We’ve created processes. We’ve made investments, about $1.5 billion between fiscal year ‘14 and projected into fiscal year ‘23. That said, there is more to be done and we need to do it faster than we are typically able to make changes in our architecture.”

The greatest threats to Navy systems remain potential state actors from nations such as Russia China and Iran, she said.

To mitigate some of the future cyber risk, Tighe said the Navy adopted the National Institute of Standards and Technology cyber resilience framework two years ago in order to better detect threats to its networks in machine speed.

Within that framework, the Navy is enabling teams such as the one examining the McCain to become a common fixture in future investigations as threats to the cyber domain continue to proliferate. In conjunction with that, Tenth Fleet Cyber Command is working to improve the Navy’s cyber situational awareness capabilities so warfighting commanders are able to fully assess their cyber risk posture.

“The situational awareness in cyber space is something that Fleet Cyber Command need to defend the network. But it’s something that each of our tactical and operational commanders also need to be able to tailor their view to, and we’ve been working that very hard for the C4I systems and all networks,” said Tighe.

Tenth Fleet Cyber Command is also working with Naval officers on their ability to maintain operational capabilities during cyber threats, by segmenting affected systems so the entire network does not need to be shut down and ensuring the resiliency of bandwidth communications.

“My job from an architecture perspective is to try make that bandwidth as resilient as possible,and have multiple ways with which we can provide bandwidth in innovative ways. We have undertaken an assured command and control study that allows us to generate bandwidth in different kinds of situations,” Tighe said, who expressed concerns over adversaries’ present ability to jam and disrupt critical communications. “A cyber threat hits you, we can’t afford to shut down the network. We can’t afford to shut down the propulsion system. We’ve got to be able to, just like in kinetic operations, fight through any kind of network attack that’s there.”

Tighe views systematically addressing cyber vulnerabilities and adopting new measures to assess and investigate potential threats to critical networks as among the top Navy priorities.

“Moving forward we’re clarifying how we would do these types of mishap investigations to account for a cyber component, and we’ll learn from the results of the McCain investigation and just make it part of the normal process of how we conduct these investigations,” said Tighe.

Prior to becoming the director of Naval Intelligence, Tighe commanded Tenth Fleet.