march 1, 2015 by Dr. Andrew J. Futter - missiledefensereview.org
In the past two decades, the US ballistic missile defence programme has tackled and overcome myriad technical challenges, engineering problems and political skeptics, and the notion and role of missile defence has now become normalized, accepted and essentially entrenched within US strategic and deterrence planning. Indeed, we have come a long way since the highly charged partisan debates and technological melee that characterized the 1980s and was embodied by Ronald Reagan’s Strategic Defense Initiative (SDI). That said, the missile defence concept continues to face difficulties – most notably its impact on strategic arms control discussions – but also from the development of new cyber capabilities and particularly the growth and scale of hacking and cyber espionage. While the ability to discriminate between warheads and decoys and ensure that systems work quickly and accurately during an attack is one thing, the risk that key operational or technical secrets could have been stolen, or in a worse case scenario key systems might be in some way undermined, disrupted or disabled, is a significant problem that as yet has not been fully addressed in the debate. If a potential enemy can acquire enough information about how these systems work – let alone hack into them, “spoof” them or even cause damage – then there is a very real possibility that highly sophisticated BMD systems could be undermined or that an adversary will simply develop new ways to overwhelm them. Guarding sensitive information and highly complex BMD systems against cyber threats is therefore a fundamental challenge for those managing the US BMD programme, and arguably more important and pressing than many other “problems” that so often define the debate.
It may come as a surprise, but the “cyber” threat to US missile defence systems is far from a new phenomenon, in fact, the first known case of attempted cyber attack seeking to acquire sensitive secrets in this way can be traced back to the 1986 Cuckoo’s Egg episode when German hacker Markus Hess sought information on amongst other things the SDI for his KGB handlers. Hess successfully hacked into various classified US military and defence research computers and accessed a considerable amount of sensitive information. Likewise, in 1989, the German hacker group “Chaos Computer Club” was also revealed as seeking to steal sensitive US defence secrets for the KGB. In the early 2000s, the Titan Rain attack, very likely sponsored by China, targeted the US Strategic Command and Sandia National Laboratories, and in 2004, another virus infected the classified intranet of the US Army Space and Missile Defense Command. A few years later the Russia-backed Buckshot Yankee attack directly targeted classified US defence networks, including those containing information on ballistic missile defence programmes, and more recently, the Chinese have been accused of hacking into US defence contractors searching for information on the PAC-3, Thaad, and Aegis programmes and on US regional missile defence plans for Asia, Europe and the Persian Gulf. What is more, between 2011 and 2012, Unit 61398 – a hacker organization funded by the Chinese PLA – are believed to have stolen large quantities of data from Israeli defence contractors regarding the Iron Dome and Arrow III missile defence programmes. Given the link between them, some of this information could have a bearing on US BMD programmes.
While this growing trend is clearly of concern, the implications of these attacks for the US ballistic missile defence programme are varied and nuanced – and the cyber challenge should therefore not be seen as homogenous. First of all it is unclear what types of information have been stolen – it is most likely to be insensitive data and documents (highly sensitive material is likely to be air-gapped and better protected) – but it is perfectly possible that more important and sensitive material has or could be targeted. In fact, many cyber espionage attacks resemble a “hoovering” approach – seeking to acquire any and all types of information and data – while only a few are deliberately targeted at specific systems and data. That said, some attacks are deliberately designed to search for vulnerabilities in these systems that might be exploited in the future. Second, the intentions behind these types of attacks are mixed, and range from simple hacking in order to see what is going on (as was probably the case with KGB attacks on the SDI in the 1980s); operations designed to steal data in order to help with building indigenous systems –i.e. in order to facilitate the development of missile defence programs, or that can be used to evade these systems in the future – for example learning about the algorithms that undergird the system or acquiring data about the way the kill vehicle works; right up to cyber activities designed to enable future attacks and even lay the foundation to sabotage these systems – such as was the case in the Olympic Games and Stuxnet cyber attacks against Iran. At least some of these scenarios raise significant questions about the future efficacy of various BMD systems, and add another layer to the debate about costs and effectiveness that has always been a contentious part of the BMD story.
In March last year, Vice Admiral James Syring, head of the US Missile Defense Agency, announced that the MDA was “working diligently to enhance the cybersecurity posture of missile defense networks, and improve the protection of missile defence information” but cyber defence and security is unlikely to ever be perfect. It is almost certain that potential US foes have gleaned some information on how US (and Israeli) BMD systems work, and while this may not yet be catastrophic, the importance of protecting these systems, the processes and hardware that facilitate them and the data they rely on will be fundamental as we go forward. If this is not done, there will always be a risk that systems might be compromised, beaten or simply not work as expected.
* Dr. Futter is a Senior Lecturer in International Politics in the Department of Politics & International Relations at the University of Leicester.
 See Clifford Stoll, “The cuckoo’s egg: tracking a spy through the maze of computer espionage”, (London, Doubleday: 1989)