The Stuxnet warning

January 2011


In his opening remarks at West2011, VADM Richard W. Hunt brought a topic that’s needs a lot more attention. His comments aren’t directly related to Stuxnet, but when you back away a bit, the connection is clear.

When he was outlining the challenges we are facing – one warning stuck out the most for me, let me paraphrase.

… How will we operate if we lose access to GPS and our satellite systems? If we lose use of our computer systems, we lose our ability to operate today. Space & comm systems include very vulnerable nodes including systems ashore. We should revisit how we are protecting all our C4I beyond cyber…


Let’s take that thought and expand it a bit.

A lot of the discussion about Stuxnet worm and its impact on the Iranian nuclear program has been about the cloak & dagger whodunit and how much, how far, and how long lasting of a delay it caused. Frankly, none of these things interest me as much as what this exceptionally impressive cyber attack is trying to tell us.

No one can see the future, but often times the future gives you little hints of the direction it is going if you are willing to listen. Like Mark Twain said;

History doesn’t repeat itself, but it does rhyme.

Some times people hear what history is saying, sometimes they don’t.

What is Stuxnet telling us? Step back and ask yourself – what is the most fragile requirement that we need to conduct war at sea? What are we designing our weapon systems, tactics and operational plans around?

It is easy to figure it out, we advertise it – “net.” When we say “net” we are talking about satellite based voice and data communications. Not only is the hardware delicate in the extreme except for very specific, very few systems with little bandwidth – much of it non-mil with the software commercial and accessilble. It relies on a dispersed and unsecured ground infrastructure. It also rides on the electromagnetic spectrum – one that no one owns.

This important foundation stone that we are putting so much on – is it robust? Have we designed the structure properly for anything north of a permissive environment? Are we mitigating risk – or are we taking the savings now and just going on hope? Do we have sufficient back-ups in place? Have we properly managed risk, or have we become complacent towards our own mastery of technology and potential adversaries’ ability?

VADM Hunts comments should given us pause. Listen to him, listen to Stuxnet. Ask the Iranian nuclear scientists what they think, if you can.

Posted by CDRSalamander in Cyber
Tags: , ,

You can leave a response, or trackback from your own site.

  • RedneckJamesinTN

    If there isnt already i think there needs to be a computer warfare specialist in every battlegroup if not on every ship.

  • Derrick

    Not sure if a computer warfare specialist is required to be deployed at sea…it takes a long time to scan, isolate and destroy these worms/viruses/trojans/etc and the specialist may need days to isolate the attackers in the ships’ information systems. If a virus/worm is detected on a ship’s systems, it should be isolated and analyzed…if in battle, the ship should withdraw from combat too. But in the event that the military or naval information networks may become compromised by computer trojans, worms or viruses, there should be a way to “un-plug” the ships/planes/etc from the network to stop the spread of the viruses and I guess information will have to be communicated over secure radio verbally.

  • Mike M.

    More to the point, we need to start compartmenting the networks. Physical separation stops cyberwarfare cold.

  • Grandpa Bluewater

    Makes dropping teaching the fundamentals; and going to all electronic navigation seem a little dicey, mmmm, grasshopper? No need to walk the spaces and take readings on a clipboard, the computer is faster and more accurate. Waste of time….why is the digital clock reading 58:40 o’clock? Why is the thrust bearing glowing pink?

    “The state of the art is, for all practical purposes, without error.
    Nothing can go wrong, go rong, goo rang, do lang, due lang, due lang, due lang….ohhhh, yeahhhhhhhh!”(piano riff).

    Snort! Somebody from outside may be trying to destroy the Navy. Do tell. That’s what they call…another day on the job.

  • Redeye80

    Maybe we should practice more without all the high speed toys. Maps, charts, compass, basic seamanship are NOT out of style. Lost comm should be no big deal.

    Our reliance to technology is our greatest strength and our Achilles’ heel.

    Maybe there is something to that Commander’s intent thingy bobber!

  • Mittleschmerz

    The “net” is a problem for tactical commanders – loss of the “net” is a problem for operational commanders.

    Think about that one for a minute.

    The loss of the “net” means in most cases the loss of the three-thousand mile screwdriver.

    Were leaders to give clear commander’s intent, followed by the ability to stick with the plan outline, and allow on scene commanders the ability to command within the commander’s intent then loss of the “net” would be no problem at all.

  • Solon

    Part of the embedded problem is that net-centric talk over the previous 10-15 years has meant different things to different folks. Mil planners, seeking seamless and real-time info exchange (regardless of size of data chunks), have perhaps inferred that Net = Mesh, with implied redundancies, access, and assurance.

    For the IT world, including those that have to find room for antenna mounts on already-crowded ship superstructures (even tougher on low-obs designs), Net = Pipe…as in “(a few) conduits through which the information plumbing can occur”.

    Pipes can be plugged, though, and VADM Hunt (along with GEN Mattis, et al) are beginning to feel the tiny hairs on their collective neck standing at attention.

  • Surfcaster

    “Were leaders to give clear commander’s intent, followed by the ability to stick with the plan outline, and allow on scene commanders the ability to command within the commander’s intent then loss of the “net” would be no problem at all.”

    Except for weapons targeting, logistics, recon, weapons targeting, intel, blue on blue, weapons targeting, orders, patches, weapons targeting. A Global Force for Induced BSOD.

    The rest of the military best know, learn, practice, and love, how to flip over to no-net and act like autonomous submarines at a moments notice.

    Best to channel your inner Adama before its too late.

  • Tailspin

    The net may be important. but it (they) won’t work without electricity. And just because a generator is on a ship doesn’t mean it’s not vulnerable. Stuxnet was first released by dropping infected thumbdrives in a few parking lots. Even PowerPoint presentations and JPEGs can carry malware.

  • YN2(SW) H. Lucien Gauthier III

    What’s all this talk about malware? I don’t have such issues with my mac… 😉

    Give me a rate full of ITs who can program in C++, know SQL like the back of their hand, and a Navy that runs on Ubuntu or some modification of Linux.

    These things should not just be the domain of the N-branchers.

  • Surfcaster

    YN2 – You would have more issues with your MAC if the black hats targeted it more because there were more MACs (interchangeable with Linux) out there. That said, MACs (interchangeable with Linux) are more secure than Windows based systems. Skip over Ubuntu (its great) but how about a Secure Linux version? The one NSA works with?

    Systems become more vulnerable as soon as they are plugged into a second system. Go and put your transmission medium out where everyone can tough it (wireless, light, sat) or your node (tower, ship, sat) and you are more vulnerable. Sure, maybe they can’t beat your 256bit YAEP (Yet Another Encryption Protocol) and read your mail in the next 100 years but they can deny you your mail. When that happens you best know how to roll the clock back to 1983.

    What is our weak link(node)? Is that link(node) accessible? What happens when it is denied from you? Your GPS enabled, Satellite directed, controlled from Nevada, just went J-DUMB.

    I just do this stuff in regular world for small businesses and when Sally can’t get her TPS report cover sheet, people usually don’t die.

    I know (I PRAY!) you all are doing this right in the first place to reduce the likelihood and if/when it does happen, you ‘all know what to do.

  • Sacto43

    Didnt anybody learn anything from Battlestar Galactica? Hello?

    “However, the computer systems were neither networked nor integrated during these refits due to the fears of its commander William Adama.

    Due to this lack of network integration at the time of the Cylon attack, Galactica was unaffected by the infiltration program used by the Cylons to disable Colonial vessels and defense systems, using the Command Navigation Program (CNP), developed by Dr. Gaius Baltar and subverted by Cylon operative Number Six as a back door into such systems.”

  • Sacto43

    SPAWAR = Cylon infiltration

  • Grandpa Bluewater

    The Cylons live at the CIA. This week.