Sunday, February 5, 2012

AV Week--F-35 compromised to cyber attacks

Various sources in an Aviation Week article indicate that the F-35 and some other programs have been a victim of cyber-espionage.

Before the intrusions were discovered nearly three years ago, Chinese hackers actually sat in on what were supposed to have been secure, online program-progress conferences, the officials say.

...and...

“You are on to something,” says a veteran combat pilot with insight into both the F-35 and the intelligence communities “There are both operational and schedule problems with the program related to the cyber data thefts. In addition, there are the costs of redressing weaknesses in the original system design and lots of software fixes.”

It is doubtful that there is that much that isn't known about the F-35 when certain forces of interest do threat planning.

The F-35 program may have been vulnerable because of its lengthy development. Defense analysts note that the JSF’s information system was not designed with cyberespionage, now called advanced persistent threat, in mind. Lockheed Martin officials now admit that subcontractors (6-8 in 2009 alone, according to company officials) were hacked and “totally compromised.” In fact, the stealth fighter program probably has the biggest “attack surface” or points that can be attacked owing to the vast number of international subcontractors.

There also is the issue of unintended consequences. The 2009 hacking was apparently not aimed at the F-35 but rather at a classified program. However, those accidental results were spectacular. Not only could intruders extract data, but they became invisible witnesses to online meetings and technical discussions, say veteran U.S. aerospace industry analysts. After the break-in was discovered, the classified program was halted and not restarted until a completely new, costly and cumbersome security system was in place.

As an aside, too bad that senate staffers don't have much of a clue how air power works:

“I think the biggest issue facing the JSF is that there has been a profound shift in the military’s perception of the value of manned aircraft compared to unmanned aircraft,” he says. “I’ve had long conversations with a Marine Corps forward air controller who has just returned from Afghanistan. He pointed out that an F/A-18 can be kept on call for 15 minutes, but an unmanned Reaper is there for eight hours. The day of the fighter pilot is over. There has been a seismic shift in the military’s value judgment of manned and unmanned aircraft.”

Now try that magic trick in a non-permissive air environment. It seems others are confused too:

The JSF and its mission of penetrating integrated air defense systems will not be threatened by unmanned aircraft despite cost issues, says a retired aerospace official who has been involved with the F-35 throughout its life.

Since the F-35 won't cut it against modern anti-access threats, the statement above doesn't mean much.

2 comments:

Mike M. said...

Oh my. My jaw just hit the ground. This is VERY bad.

WRT unmanned aviation, long endurance is one of the real advantages. The problem with non-permissive environments is specific to the lower=performing UAVs, not the basic technology. For the "bombs in the rafters" missions, they aren't bad.

Distiller said...

In a - still more or less - open society secrecy will never be air tight. I would have hoped they accounted for that from the beginning.
I'm asking myself for a long time already if there are elements in the Anglo establishment who prop up China, just to create a new enemy worth that label.
But in the end it's the people, not the machines ...

Re unmanned: I don't want to hear anything about robotic warfare as long as (i) they don't allow onboard AI to call the shots, (ii) there is no robust orbital data relay infrastructure in place.