Are cyber-attacks become more efficient that kinetic ones?

by Julien Chesaux, Cyber Security Consultant, Kudelski Security

Introduction

Cyber-attacks have become a conventional component of warfare domains, joining the traditional ones (sea, land, air, and space) as NATO announces in July 2016.[1] The complexity of developing armaments and components provides opportunities for hackers who can infiltrate defense contractors during the weapon development process. For the military world, the principal threat comes from other states’ cyber operations or patriotic freelance hackers who perform extensive and highly sophisticated intelligence activities.

The more sophisticated, the more Vulnerable

Weapons are evolving. They are becoming more sophisticated and more lethal. Their development is long, complex, costly, and increasingly integrates electronic and cyber elements. The integration of Artificial Intelligence (AI) elements and lethal semi-autonomous and autonomous decision-making devices increases the cyber vulnerability of these armaments. An opponent, through a cyber-attack, could eliminate the threat of a machine or a weapon (e.g. an aircraft or missile), by turning it off without using any kinetic action or, worse, by taking its control. Similarly, there is a debate about the control of the technology of armaments by a country in the arms industry. Worth noting is that China unveiled a national plan to develop AI and expects to reach the same level as the U.S. by 2020 and to “become the world’s premier artificial intelligence innovation center” by 2030.[2] Russia also wants to play its part of this digital AI chessboard as President Vladimir Putin stated in September 2017 that “whoever becomes the leader in this sphere will become the ruler of the world”.[3]

The last U.S. military aircraft, the Lockheed Martin F-35 Lightning II, the costliest U.S. weapons program (development and production costs estimated around USD 406 billion)[4], exemplifies these issues and the complexity of the geopolitics of armament. The F-35, which comes in three versions, is a complex plane that integrates a lot of electronic components, enabling it to be both a performance aircraft and a device that gathers and shares plenty of data. For example, the aircraft maintenance system called ALIS (Autonomic Logistics Information System) is centralized in the U.S. for all users of the F-35, American or foreigners. Currently, more than ten countries have bought or will acquire it (the United Kingdom, Italy, Netherlands, Australia, Canada, Denmark, Norway, Turkey, Israel, Japan, and South Korea).

This gives hackers the opportunity to perform a man-in-the-middle attack that provides access to the management of the aircraft maintenance, the missions system and the cryptographic keys used in every aircraft in service.[5] In addition, the U.S. will be in control of the maintenance management of the aircraft, which means that they can avoid supplying pieces to repair or update them. This risk forced Israel to create a complete maintenance system with firewalls to ensure that no data will be sent to the U.S. This, with a stock of spare parts, will increase the independence in case of a conflict.[6] Some analysts claim that thanks to this share of data between the plane and the U.S. centers, the Department of Defense can switch off the aircraft, even when flying, in case of necessity.

The Masters of APTs and Reverse Engineering

China and North Korea have been for a long time accused of cyber intrusions to spy and steal data of Western and East Asia states’ aerospace and defense industries. Two major Chinese Advanced Persistent Threat (APT) campaigns dubbed “Titan Rain” and “Byzantine Hades” enabled massive exfiltration of classified information. One of the latest cyber-attack happened in 2017 when North Korea probably stole warship blueprints from South Korean Daewoo.[7]

U.S. military aircraft are a special focus of the Chinese government. In January 2015, Edward Snowden revealed that China stole designs of the F-35.[8] Indeed, in March 2016, Chinese hackers pleaded guilty on charges of hacking U.S. defense contractors, such as Boeing, to steal blueprints and intellectual property for the F-35, the Lockheed Martin F-22 Raptor and the C-17 transport aircraft. One of the hackers was then sentenced to nearly four years in a U.S. prison.[9] During 2017, 30 GB of sensitive data regarding Australia’s F-35 and P-8 surveillance aircraft programs was stolen from an Australian government defense subcontractor.[10]

Thanks to reverse engineering, joint projects, and technology transfers, China can produce the majority of its military’s indigenous armament systems. Therefore, spying and data stealing of blueprints or technical information are part of the Chinese strategy to catch up with the most advanced military technologies. An example of reverse engineering is their second aircraft carrier, based on the first one, which is a refurbished second-hand vessel from the ’80s bought from Ukraine in 1998 uncompleted. Based on it, the Chinese Navy is planning to launch in 2020 its first home-built aircraft carrier with top-notch technologies.

Thus, China is stealing confidential files of military aircraft to be able to replicate the design and technologies, such as radar, engines or software. The latest Chinese military aircraft, the Chengdu J-20 integrates elements that were apparently stolen from the U.S. F-22, the first fifth-generation fighter aircraft of the world, and the Russian MiG 1.44, a project that never ended in a produced aircraft. Although physical likenesses can be highlighted, like with the Chinese prototype Shenyang J-31, which closely resembles the F-35, it is hard to evaluate the components and internal elements of these aircraft to establish whether or not they were genuinely reverse engineered.

Why Military Aircrafts?

Having performance military aircraft is important, as air supremacy is still a vital element on the battlefield as evidenced by, for example, 1991 the Gulf War aka Operation Desert Storm and the 2003 Iraq War aka Operation Iraqi Freedom. During these wars, the coalitions led by the U.S. had total domination in the sky thanks to their technologically advanced military aircraft. The coalition’s network-centric military approach, which used the collection of data and the share of information to achieve a competitive advantage on the battlefield, had the most rapid and appropriate decision-making process of integrated and synchronized teams and services (Army, Air Force, Navy, etc.).

Now, military experts talk about fifth-generation jet fighters encompassing the most advanced features available, such as stealth signature, high maneuverability, advanced avionics (electronic systems), network data fusion (create data through sensors and share it) and multirole capability (able to perform different missions).[11] Therefore, developing advanced aircraft and drones will provide air supremacy for years to come, especially in the next hotspots of the world. All these efforts are supporting elements of power projection in the implementation of an Anti-Access/Area Denial tactic [A2/AD] in the South China Sea (aka the Nine-Dash Line) regarding China and the Yellow and Japan Seas for North Korea. Hence, these armament hacks.

Dynamic Cyber Defense through Espionage

Combined with traditional electronic warfare, which is the use of electromagnetic systems to disturb and gain an advantage over a foe, hackers can support military operations. There are already questions regarding the possibility of hacking a commercial airplane while flying. [12] Thus, states launch intrusion campaigns to collect information that might be leveraged, sooner or later, to defend themselves. They want to get valuable or “actionable intelligence” by collecting, processing and stocking data. The NSA talks about “foreign intelligence in support of dynamic defense”.[13] Thereby, they can collect operations or armament plans to increase their defense and mitigation in case of an attack while also enabling cyber-attacks options (such as hacking the planes so that they are “switched off” instead of using missiles to shut them down).

One of the issues is that these APTs create a cybersecurity dilemma in a way that, when discovered, these cyber-attacks increase tensions instead of reducing one’s vulnerabilities. Some academic cyber experts argue that these “defensive-minded network intrusions…are not invasions, but intelligence efforts”.[14] Therefore, intelligence is part of international politics whether through traditional espionage or through hacking. In the end, “all nations spy and all nations know this”.[15] The real question to answer is at what point these efforts pose a vital threat that requires a kinetic response.

The Future of War Battlefields

Terminator-like machines are not marching across the battlefield yet. But, it is a reality that autonomous weapons that can decide who and when to kill without direct human interaction in the decision-making process hold the potential to dramatically change the way we fight wars. Multiple weapons systems can coordinate with each other through interlinked computer networks much faster than the human brain can.[16] Think about the developing of military swarming drone attacks. The best and easiest solution, in the end, will be to hack a weapon instead of fighting it directly. Governments need to invest in operation security (OpSec) capacities to identify critical information to avoid its diffusion and reduce exploitation of it.

About the Author

Julien Chesaux is a Cyber Security Consultant at Kudelski Security, a Swiss and American cybersecurity company. Julien mainly works on cybersecurity, information security, and geopolitics analysis in order to help clients to find solutions regarding their threats. He is also a mediator and writer for the Swiss Think Tank Foraus and the co-founder of the www.stralysis.com. He has worked in diplomacy and cyber security for seven years in Switzerland, Australia, and France. His main research interests are Global Security, Cyber Geopolitics, and International Affairs. LinkedIn profile: www.linkedin.com/in/julien-chesaux-65279456

[1] NORTH ATLANTIC TREATY ORGANIZATION (NATO), “Cyber defense”, NATO website, Jul 16, 2019

https://www.nato.int/cps/en/natohq/topics_78170.htm

[2] MOZUR Paul. “Beijing Wants A.I. to Be Made in China by 2030”, The New York Times, Jul 20, 2017

https://www.nytimes.com/2017/07/20/business/china-artificial-intelligence.html

[3] MEYER David. “Vladimir Putin Says Whoever Leads in Artificial Intelligence Will Rule the World”, Fortune, Sep 04, 2017

http://fortune.com/2017/09/04/ai-artificial-intelligence-putin-rule-world/

[4] TURNER Julian. “The $1 trillion question: is the F-35 project too big to fail”, Airforce Technology, Jul 16, 2019

https://www.airforce-technology.com/features/f-35-project/

[5] KÜMMERLING Pascal. “Le F-35, une machine à broyer la concurrence européenne”, 24 Heures Blog, Oct 05, 2017

http://psk.blog.24heures.ch/tag/f-35

[6] KÜMMERLING Pascal. “Le F-35, une machine à broyer la concurrence européenne”, 24 Heures Blog, Oct 05, 2017

http://psk.blog.24heures.ch/tag/f-35

[7] CHOI Haejin. “North Korea hacked Daewoo Shipbuilding, took warship blueprints: South Korea lawmaker”, Reuters, Oct 31, 2017

https://www.reuters.com/article/us-northkorea-missiles-cybercrime/north-korea-hacked-daewoo-shipbuilding-took-warship-blueprints-south-korea-lawmaker-idUSKBN1D00EX

[8] PAGANINI Pierluigi. “Chinese hacker admitted hacking US Defense contractors”, Security Affairs, Mar 24, 2016

http://securityaffairs.co/wordpress/45597/intelligence/china-hacked-us-defense-contractors.html

[9] WORLAND Justin. “Chinese Man Sentenced to Prison for Trying to Hack Boeing”, Time, Jul 14, 2016

http://time.com/4405934/chinese-hacking-boeing/

[10] AFP. “F-35 Stealth Fighter Data Stolen in Australia Defence Hack”, Securityweek, Oct 12, 2017

http://www.securityweek.com/f-35-stealth-fighter-data-stolen-australia-defence-hack

 

[11] DE BRIGANTI Giovanni. “F-35 Reality Check Ten Years On – Part 1: ‘Fifth-Generation’ and Other Myths”, Defense-Aerospace, May 09, 2012

http://www.defense-aerospace.com/article-view/feature/135080/f_35-reality-check-10-years-on-%28part-1%29.html

[12] WOLFF Josephine. “Hacking Airplanes”, Slate, May 03, 2016

http://www.slate.com/articles/technology/future_tense/2016/05/the_aviation_industry_is_starting_to_grapple_with_cybersecurity.html

[13] BUCHANAN Ben. “Prevalence and Dangers of Defensive Hacking”, Motherboard, Feb 20, 2017

https://motherboard.vice.com/en_us/article/4xbv7j/the-cybersecurity-dilemma-the-prevalence-and-dangers-of-defensive-hacking

[14] BUCHANAN Ben. “Prevalence and Dangers of Defensive Hacking”, Motherboard, Feb 20, 2017

https://motherboard.vice.com/en_us/article/4xbv7j/the-cybersecurity-dilemma-the-prevalence-and-dangers-of-defensive-hacking

[15] BUCHANAN Ben. “Prevalence and Dangers of Defensive Hacking”, Motherboard, Feb 20, 2017

https://motherboard.vice.com/en_us/article/4xbv7j/the-cybersecurity-dilemma-the-prevalence-and-dangers-of-defensive-hacking

 

[16] MAXEY Levi. “Can Robots Fights Wars? The Future of Lethal Autonomous Weapons Systems”, The Cipher Brief, Nov 20, 2016

https://www.thecipherbrief.com/article/tech/can-robots-fight-wars-the-future-of-lethal-autonomous-weapons-systems