Thursday, October 23, 2014

US Navy Submarine Control Systems are Vulnerable to Cyber Attack

The head of Naval Sea Systems Command (NAVSEA) warned that the U.S. Navy will have to ramp up its cyber-security efforts to secure the controls systems of its submarines.

“It is the threat to our control systems,” Vice Adm. William Hilarides, commander of NAVSEA, told an audience at the Naval Submarine League Symposium in Falls Church, Va. on Wednesday.

“We’re just now starting to hear the inklings of it.”


There are little noticed cyber vulnerabilities on nuclear attack submarines like the Virginia-class boats that are slowly becoming the mainstay of the Navy’s undersea fleet, Hilarides said. One example of that is the Virginia-class boat’s backup Caterpillar-built diesel engine, he said.

Specifically, the problem is a computer chip that helps control that engine—a chip that runs on Microsoft Windows XP, Hilarides said.

That chip is connected into the rest of the vessel so that the data can be displayed in other parts of the submarine, he said. That means that chip is connected to the submarines machinery control system.

But it goes beyond that, Hilarides said, the data from the chip sent off board the submarine to maintenance crews at a warfare center. The problem is that the data is automatically shared via an unclassified network, Hilarides said, which renders that chip on the diesel engine as a point of vulnerability for the multi-billion dollar warship. A hacker could attack that network and gain access to the submarine’s systems and cause chaos.

link.

No comments: