An Interview with Rear Admiral Datuk Shamsuddin Ludin RMN, Director-General, Defence Cyber and Electromagnetic Division

Some of the world leading powers are investing heavily in developing not just defensive but offensive cyber security capabilities. In this respect the militarisation of cyberspace may lead to cyber arms races, and the pursuit of increasingly sophisticated cyber weapons, and the ensuing cyber security dilemmas. More generally, we are seeing the militaries of many countries taking an active role in cyber defence and offence. Asian Defence Journal sat down with Director-General , Defence Cyber and Electromagnetic Division (DCED) Rear Admiral Datuk Shamsuddin Ludin RMN for an interview on cyber security.

ADJ: Since it was established, what has changed at DCED (BSEP)? Is it business as usual or has there been any improvements in terms of manpower, assets, budget allocation?

DG-DCED: At the moment, we are getting a good cooperation and support from the various services. We are now operational using our current strength all over the country. We are also in the process of expansion of our systems and trying to extend our reach out to include remote tactical areas. This involves close cooperation and coordination with the Jendela Programme to extend secure network connectivity.

Although there was a reduction in budget allocation, we still manage to maintain our system and assets well. Of course, like any other organisations, we are always asking and looking for that extra budget.  The investments in strategic communications and military grade cyber security requires that significant amount of funding.

ADJ: How would you describe the current cyber and electromagnetic threats scenarios? Has there been an increase or decrease in terms of attacks detected / countered?

DG-DCED: Landscape of war fighting has changed. Physical war will only happen after cyber- attack has been launch to incapacitate the lines of command, control, communication and information. 

Cyberspace is now a strategic domain. Cyber-attacks will never end. It is happening every second and from everywhere. Our task is to protect our systems and communications.  We have to maintain this and ensure that the connectivity is kept alive and all systems can be access at any time.  The increment of cyber-attacks are always detected and cases are analysed by our Security Operations Centre (SOC).  Per day, our SOC detects millions of cyber-attacks of differing levels of sophistication, attempting to hit our open networks.

ADJ: The Pentagon recently experienced a major intelligence leak by a member of the US Air National Guards on the Discord social media platform. What has DCED learned from this incident and has there been any changes in terms of how classified information is handled here?

DG-DCED:  The Malaysian Armed Forces (MAF) has its own Cyber Security Policy covering all classified information and how to handle the information. Nothing changes, we are currently enforcing the existing policy.

We are very much aware that technology and hacking techniques have evolved and advanced in sophistication. New way of learning using existing AI exposes vulnerabilities of the system.

The recent Pentagon intel leaks are considered as internal threats. These can only can be countered with regular awareness programmes for the personnel. The MAF has seriously educates soldiers on the ethics of using social media platforms. Cyber security awareness campaigns are continuously carried out through high impact programmes such as Siber Siaga and other similar events.

ADJ: Is there are requirement for Malaysia to have its own military communications and / or reconnaissance satellite following the events happening in Ukraine (e.g., using the Starlink service to communicate with its drones)?

DG-DCED:  Yes indeed. The requirement for military satellite is there. It is a must have asset to be owned by Malaysia. It is almost financially impossible for Malaysia to have a more than thousand Low Earth Orbit (LEO) satellites in Mega Constellation such as providers Starlink or OneWeb due to its high value of the procurement.

The importance of military satellites is not only for communications but also of paramount for Intelligence Surveillance Reconnaissance (ISR), early warning as well as navigation and tracking in order to allow “assured” communications everywhere and anytime in all domains (air, land, and sea). A sovereign military satellite capability allows the armed forces to see with clarity, communicate with certainty, navigate with accuracy, strike with precision and operate with assurance.

ADJ: What is the significance of the CyberDSA event for DCED? How does the event contribute the whole-of-society /whole-of-government approach to cyber threats?

DG-DCED:  CyberDSA is a content and new knowledge driven event, serving key stakeholders who are protecting national, public and economic interest in cyberspace. It aims to help connect professionals in the industry with decision makers in government and private sectors to accelerate digital transformation. At the same time, we seek professional collaboration between military and the cyber defence / security industries to be together to protect and enhance cyber security in the MAF. We can also enhance our knowledge and skill accordingly with latest technology and systems at CyberDSA.

ADJ: Any last words for our readers, Admiral?

DG-DCED:  Cybersecurity is indeed a must in today’s digital age. With increasing reliance on technology and internet, cybersecurity become a critical aspect of personal, organisation and national security. Cybersecurity agencies cannot work in silo. It requires collaboration and cooperative effort between industries professional and military to achieve:

• Information sharing.
• Awareness and education.
• Cybersecurity expertise.
• Prompt Cybersecurity incident response.

DCED with our motto Connect, Protect, Control and Win (CPCW) will support the Force of the Future (AMH) plans. Future soldiers will become one component of the Internet of Things (IoT), which in turn, will be constantly exposed to the vulnerabilities of cyber-attacks if not properly protected. –adj/mgm/dl (Pix: DCED, Asian Defence Journal)