Hello everyone! Chris here from Zokyo Labs.

I have a very interesting piece for you today, we’re going to change it up a bit from blockchain security and talk a little about Artificial Intelligence and Large Language Models (LLMs) (wooohhh 👻).

It’s no secret that AI has reshaped the way we do our work, run our businesses, create content, and entertain ourselves (remember during the outbreak when everyone started asking ChatGPT to write their high school essays?). But a key area that we’ll be talking about today is how AI has impacted the landscape of modern warfare from an objective point of view (no politics here).

We’ll start by touching on the attack chain in modern warfare and compare it to the cyber attack chain. Then we will analyze what is currently being done in space, examining big tech’s involvement and the ethical/legality of the use of AI by the military. We’ll end things by taking a glimpse into the future and determine if our fate will resemble the Terminator franchise. Join me as we discuss some of these points!

The Attackchain in Modern Warfare and Cyberspace – How It Relates To AI?

The cyber attack chain was inspired by the attack chain used in modern warfare. In order to understand what Artificial Intelligence is trying to achieve on the battlefield, we must first understand the attack chain. As a refresher on cyber, the attack chain is as follows:

• Reconnaissance: Run recon activities on the targeted system in an effort to identify outstanding critical vulnerabilities.

• Weaponisation: Craft malware and special tooling for the given scenario.

• Delivery: Exploitation of identified vulnerabilities in order to deliver a payload to the targeted system.

• Installation/Exploitation: Install persistence mechanisms to maintain access and perform post-exploitation activities (internal reconnaissance, deployment of ransomware, privilege escalation, etc).
  
  
  

Similarly to the cyber attack chain, the traditional attack chain in modern warfare is as follows:

• Identification of target: Similar to the cyber attack chain, reconnaissance and data collecting activities are performed to identify a target.

• Dispatch forces: Assets are then dispatched to engage the target

• Initiation of attack on target: Assets engage the target - execute selected strategy.

• Destruction of the target: Use assets to destroy the target in order to achieve strategic objectives
  
  

This attack chain is key to understanding where AI and LLMs will make a significant impact. The manual attack chain may take days, weeks, or months to carry out an operation and require a significant amount of defense funding. However, the use of such technologies will help automate this process in order to cut down planning and money spent by a significant margin. We will explore some examples in the next section of how this is being applied.

What is Being Done in the AI Space? How does it Automate the Attack Chain? 

As mentioned in the previous section, automation of the attack chain will require significantly less manpower, funding, and time to carry out complex operations. What used to be done by a large group of mid-level officers can now be done by a large language model in about a tenth of the time. If you haven’t already seen the showcase, let's take a look at some of these applications and practical scenarios:

Palantir’s AIP 

Palatir’s Artificial Intelligence Platform (AIP) is a state-of-the-art platform which incorporates LLMs similar to OpenAI’s GPT-4 into military decision-making processes.

The platform runs on three core principles:

• Deployment to Classified Systems: The first is to have the ability for AIP to be deployed to classified networks, which gives the capability to allow for real-time analysis of classified and nonclassified material and data.
  
  

• Control: The second principle revolves around the operator being able to maintain control of each asset and LLM deployed to each classified network. Operators will be able to set security boundaries for the aforementioned LLMs in order to create human-in-the-loop operations.
  
  

• Guardrails: Finally, the third principle fosters deploying guardrails to create trust and compliance. These guard rails allow for real-time monitoring and regulations for LLM activities to fulfill legal and data sensitivity requirements. 

As it can be seen in the image above, AIP has a very similar interface to GPT-4 where an operator can converse with the language models to make strategic decisions and explore options on the battlefield.

These models train on an immense amount of data from satellite imagery and intelligence on deployed friendly and enemy assets to quickly output options that a military unit can act upon.

Through dialogue with the ChatGPT-style digital assistant, the operator can use various techniques to conduct reconnaissance by dispatching recon drones and even jamming enemy communications. The model also has the capacity to evaluate the enemy’s strengths, weaknesses, and capabilities. On top of satellite imagery, the operator can use the Language Model to deploy reaper drones for better quality visual intelligence and in response, suggest suitable counter strategies after detecting armoured units. 

In the example below, after conducting reconnaissance, the model shares three potential options to be approved by the commanding officer (target with air asset, target with long-range artillery, and target with tactical team): 

The commander opts to approve option 3, to engage enemy assets with a tactical team in this particular example:

The operator can then begin to develop an operational plan for Team Omega with a stryker vehicle and a platoon-sized unit with the assistance of communications equipment jamming and the analysis of the munitions supplies required. To understand the best route to the target, the Language Model will analyze all geospatial intelligence and terrain for the most efficient route to engage the target:

Once the operational plan is set, the Language Models will summarize it and submit the orders to the relative parties for approval.

Big tech companies such as Microsoft, Amazon, Google, and IBM are getting involved with companies such as Palantir and C3 to integrate data analytics platforms with their cloud services. This will make the technology widely available to users, whether it be for running military operations or on a factory floor.

Is Using These Capabilities Ethical and Legal? 

To determine the ethical and legal precautions we have to explore how these decisions are being made on the battlefield. Could it get out of control if we give more information and decision-making abilities to a computer?

The lethal step of the attack chain is the key aspect to answer this question. If a commander is blindly and constantly saying yes to everything the model outputs, it's a human saying “yes” and approving orders, but it’s not really human control. This is especially the case for giving AI access to systems which control weapons of mass destruction and I cannot stress this enough.

However, if the information that’s being returned is constantly scrutinized by the commander leading the operation and his officers, then we can retain control over the technology and limit the power AI has over various assets. As can be seen from Palantir’s example, automation is good and will create more initiative for armies, but too much automation may create negative impacts. 

Looking into the future, we will see more and more of these assets such as drones, ground and sea assets and weaponry being controlled by AI in an automated fashion such as Large Optionally Crewed Surface Vessels (LOSVs) being researched and developed in collaboration between the United States and Australia. These new vessels have the ability to operate without a crew, however, at the time of writing the Royal Australian Navy has still opted to have these ships crewed. 

In another example relating to drones, a drone may be under human control but an enemy may use radar jamming signals in order to cut humans off from the drone connection. If the signals are jammed, AI can take control of the drone and use automation in order to complete the objectives. Now this does carry some risks as we know as security professionals (ie. false negatives/software bugs etc..) which we will discuss in the next section.

Concept Designs for Large Optionally Crewed Surface Vessels (LOSVs)

Pros and Cons – Is it safe? What’s Being Done to Regulate AI Technology? 

The EU has created its first set of regulations to create a framework for AI and its usage called The AI Act (Regulation (EU) 2024/1689 laying down harmonised rules on artificial intelligence). In a nutshell, this is created on a risk-based approach from “unacceptable risk”, to “high risk”, “limited risk”, and “minimal risk”.

Applications such as biometric categorisation to deduce certain protective characteristics or emotion recognition in workplaces and education institutions would fall under unacceptable risk. AI solutions used in the administration of justice in democratic processes or military operations would fall under high risk, which requires adequate risk assessment and mitigation systems (human scrutinization) or logging of activity to ensure traceable results. So, on a global level, we are taking steps to regulate the industry, which is crucial to privacy. 

AI technology has brought many advantages to how we operate. It eliminates the need for humans to communicate with each other, as seen above from the military examples and with the use of uncrewed Navy ships and ground assets, the technology can also reduce the number of human lives lost for our serving members. This can also make it easier to coordinate a logistically complicated plan of action, especially if the stakes are high. 

However, neglectful or improperly trained commanders/officers who do not scrutinise options may cause too much automation, which may result in giving too much control of a military unit to a computer. Too many operations and being too reliant on software may result in friendly fire or making critical strategic mistakes. 

Conclusion

AI will revolutionise the landscape of warfare, it’s just a matter of time. Similarly to the invention of the rifle, we are still in a testing phase at this point in time and there is still a lot of research and development required. When the rifle was first invented, there were certain situations where bows were more effective at achieving certain goals and other situations where the rifle was more effective. It’s a similar situation in the modern era with the use of Artificial Intelligence and Language Models - there will be situations where they are more suited and other situations where a more manual/analogue approach may be required. But with time, reliability will increase. And when that time comes, we must maintain oversight and control of the technology.