Category Archives: Information Security

Can The U.S. Actively Disrupt North Korean Missile Tests?

North Korean Missile Test Failure Raises Theories, But Expert Disagrees.

The recent failure of the Sunday, April 17 North Korean submarine launched ballistic missile test raises an interesting question: Could the United States be responsible for the failure of North Korean missile tests? While the theory is alluring and some political sources are quoted as it being possible, one noted expert says he has seen nothing to suggest the U.S. intervened in the North Korean test failure.

Reports from the US Pacific Command at Camp H.M. Smith in Aiea, Hawaii under Chief of Staff Major General Kevin B. Schneider, USAF, say the U.S. detected a North Korean missile launch at 5:21 p.m. Eastern U.S. time zone on Saturday. The launches were seen at 11:21 AM Hawaiian time (21:21 GMT) said US Navy Commander Dave Benham, spokesman for United States Pacific Command.

Surveillance indicated the missile failed almost immediately.

A similar North Korean missile test was conducted earlier on April 5, 2017 and also failed along with another Mar. 5 North Korean missile test failure. All of the missiles encountered terminal problems in flight. These conspicuous failures follow a powerful U.S. initiative to develop clandestine anti-missile capabilities under the Obama administration beginning in 2014.

While there is no published evidence to support the theory that the United States directly interfered with the North Korean missile test, network media including CNN and the BBC have published speculative reports about whether the capability to remotely interdict a missile launch exists and was used.

“There is a very strong belief that the US, through cyber methods, has been successful on several occasions in interrupting these sorts of tests and making them fail,” former British Foreign Secretary Malcolm Rifkind told the BBC World News.

The Aviationist.com spoke to Dr. Bruce Emerson Bechtol Jr., Professor at the Department of Security Studies at Angelo State University, San Angelo, Texas in the United States.

In addition to his Ph.D. in National Security Studies from The Union Institute in Cincinnati, Ohio Dr. Bechtol was the Distinguished Graduate of the U.S. Marine Corps Command and Staff College where he earned his pre-doctorate Masters Degree in Military Studies in 2001. Bechtol also owns a Master of Arts in International Affairs from Catholic University in Washington D.C. He is a noted authority on North Korean military capabilities. We asked Dr. Bechtol about the possibilities that the U.S. could have actively disrupted North Korean missile tests.

“There is nothing to support that.” Dr. Bechtol told us when we asked him about the plausibility of direct U.S. interdiction of the North Korean missile test. “I mean, it is certainly possible, but I have seen nothing to support that. All I have heard is conjecture. The media likes to talk about that.”

Noted expert on North Korean defense technology and doctrine Dr. Bruce E. Bechtol Jr. (credit: Committee for Human Rights in North Korea)

Dr. Bechtel told us that ballistic missile programs are inherently dependent on numbers. “It’s like the SCUD missile. Typically, of 600 of those fired, you get 150-200 duds. That’s normal, but the intention is to shower a target with missiles. And remember, if you are attacking Hawaii with a nuclear warhead, you don’t have to be that accurate, you just have to get one through.”

Another change in newer North Korean missiles noted by Dr. Bechtel was newer guidance fins. When asked what the guidance capabilities of the North Korean’s ballistic missiles are, Bechtel told us, “Well, I wish we knew. But one thing is for sure; the North Koreans are not noted for accuracy in their ballistic missiles. They don’t have to be.”

The failure may also have been a part of a historically difficult development program for North Korea’s missiles. But just as North Korea has had somewhat sporadic successes in their missile launch tests, the U.S. has also had at least sporadic success in testing systems to actively counter ballistic missiles. Even with Dr. Bechtel’s pragmatism there remains a remote chance that Sunday’s failure could have been a fortunate intersection of capabilities for the U.S. It also may have been continued North Korean bad luck. Among U.S. defense officials, the silence is deafening.

While Dr. Bechtel’s remarks suggest otherwise, a North Korean submarine launched missile test could theoretically be disrupted several ways. “I guess, you mean, something like Stuxnet is theoretically possible, but I haven’t seen any proof.” Stuxnet was a 2010 computer worm that disrupted Iran’s nuclear program. It is attributed to American-Israeli origin.

The least exotic method of passive missile interdiction is sabotage. This could occur at the missile assembly site or during transport of the missile or its components. Since North Korean missile programs are dependent on foreign technology they are highly vulnerable to sabotage throughout their development.

Current North Korean missile technology is derived from a combination of Chinese, Russian and Iranian technologies. Each of these foreign technology origins is “porous” to foreign espionage not only from the United States but also from Israel and the United Kingdom. It took China about 15 years to achieve its current level of development in ballistic missiles. North Korea has achieved a similar level of technology in only 123 days of advanced development, reinforcing the theory that most of the technology is imported, not indigenous. Given a seemingly new era of détente between the U.S. and China, including recent meetings between U.S. President Donald Trump and Chinese President Xi Jinping, it is possible that a two-way sharing of technology between the U.S. and China has been brokered. This may further facilitate U.S. efforts to sabotage North Korean missile capabilities.

Interestingly, an Iranian ballistic missile test on Jan. 25, 2017 also failed shortly after launch. According to a US official speaking on condition of anonymity, the Iranian medium-range ballistic missile exploded in flight. But Dr. Bechtel continued to temper speculation with fact, “There were four SCUDs recently tested by North Korea that were successful. These recent failures don’t’ lesson the threat.”

The failed North Korean missile test on Sunday was possibly a version of the Pukguksong-1 submarine launched ballistic missile (SLBM). This missile is boosted to the ocean surface from a submerged launch platform using either compressed air or a booster motor. Once it clears the surface the missile’s solid fuel motor ignites and it begins its flight.

North Korea has launched SLBM’s from both submerged test barges and from submarines. Part of the reason some tests were conducted from submerged barges is that launching missiles from a submerged vehicle is inherently dangerous. Reports indicate at least one North Korean submarine was seriously damaged during a missile launch test, suggesting a reason for why early tests were launched from a submerged barge instead of a submarine.

North Korea displayed new versions of the Pukguksong-2 submarine launched ballistic missiles this week but their most recent test launched failed. (credit: Official North Korean News Agency)

A more exotic theory about how the U.S. could disrupt a North Korean ballistic missile in flight is some type of active intervention during the test, as opposed to sabotage prior to the test.

Active interdiction of missile tests may include somewhat plausible methods such as electronic disruption of the missile’s guidance systems causing it to fly out of control and disintegrate, or more exotically, some type of focused energy weapon. Both of these technologies have been tested to greater and lesser degrees of published success. A key thing to consider when evaluating any of these theories is that advanced active jamming and destructive methods remain most effective when they are still secret. As long as these technologies remain covert it is more difficult- or impossible- for North Korea to engineer around them.

Some media outlets have suggested that North Korean systems are vulnerable to “hacking” or a cyber attack. While possible, cyber attacks depend on a “delivery vehicle” to implant malicious programming code into microchips or insertion via a virus. The Stuxnet weaponized code was inserted via a USB flashdrive.

China has devoted significant military and intelligence resources to cyber warfare but has little motive to employ those resources against neighboring North Korea- except to build leverage with the United States.

The U.S. also has highly developed cyber combat resources in addition to the early Stuxnet. These may include what is referred to as “left of launch” attacks. Some of these may even be interdiction of a ballistic missile while it is still underwater. One published technical report about electromagnetic propagation mentions the “Wireless, through-hull transfer of power and data”. This transfer is “highly focused” and ranges in excess of 1 km are discussed in unclassified reports dating as long ago as 2008 from submarine industry news source Hydro International. It is reasonable to suggest significant advances have been made in all of these technologies during the past 9 years, especially given the focus during the previous U.S. President’s adminstration.

Regardless of theories about possible test interdiction from the U.S., the North Korean weapons tests and their accelerated preparation have become increasingly ominous. Both media and political rhetoric has shifted from “if” there will be a military confrontation with North Korea, to “when” it will actually begin.

Top image: (computer generated) image of a North Korean SLBM (Rodong Sinmun via NK News)

 

Up close and personal with NASA’s Global Hawk drones at Edwards Air Force Base

NASA operates the giant Northrop Grumman Global Hawk drone to collect weather data.

On Feb. 5, NASA showed off its newest and smartest unmanned Global Hawk aircraft to reporters at NASA’s Armstrong Flight Research Center located on Edwards AFB, CA.

Shorealone Films photographer Matt Hartman went there to report about the NASA’s Global Hawk fleet.

NASA GH 1

These aircraft have been helping NOAA scientists, researchers and forecasters with gathering weather information from altitudes and conditions not suitable for humans.

NASA GH 2

The missions tasked by these aircraft can last almost 24hours without refueling.

The Sensing Hazards with Operational Unmanned Technology (SHOUT) project led by the NOAA Unmanned Aircraft System (UAS) Program, will deploy the NASA Global Hawks carrying a suite of meteorological sensors and deploying dropsondes during four research flights in February.

NASA GH 3

According to the NASA website, the agency acquired its three drones from the U.S. Air Force. These are among the very first UAS (unmanned Aerial Systems) built under the original Global Hawk Advanced Concept Technology Demonstrator development program sponsored by DARPA (Defense Advanced Research Projects Agency).

The Global Hawk is a gigantic drone: 44 feet in length it has a wingspan of more than 116 feet, a height of 15 feet, and a gross takeoff weight of 26,750 pounds, including a 1,500-pound payload capability. It is powered by a single Rolls-Royce AE3007H turbofan engine and features a distinctive V-tail.

NASA GH 4

The engine cover, aft fuselage and wings are constructed primarily of graphite composite materials; the center fuselage is made of aluminum, whereas various fairings and radomes feature fiberglass composite construction.

NASA’s Global Hawks made the headlines last week, after a hacker under the name of @CthulhuSec and the hacking group AnonSec started posting massive data belonging to NASA on Pastebin: such leaked data included around 150 GB of drone logs as well as 631 aircraft and radar videos along with 2,143 email address of NASA employees.

NASA GH 7

Interestingly, not only did the hacking group exfiltrate data from NASA’s network, but they also claim to have achieved “semi-partial control” of one of the agency’s Global Hawk drones by replacing the original .gpx file (containing the aircraft’s pre-planned route) with one crafted to direct it along a different route; a claim that has been denied by NASA.

NASA GH 8

This is not the first time civil or military drones are hacked.

The Intercept has recently reported that GCHQ and NSA compromised video feeds from Israeli drones from a base in Cyprus.

Previously, Iran claimed to have captured a CIA’s RQ-170 Sentinel drone by hijacking it.

U.S. Air Force Predator drones were reportedly infected by a malware that captured all the operator’s keystrokes in 2011.

NASA GH 10

All images: Matt Hartman

While its aircraft can be tracked online, the U.S. Air Force only worries about Tweets….

Bad OPSEC (Operations Security) exposed by Air War on ISIS?

“Loose Tweets Destroy Fleets” is the slogan (based on the U.S. Navy’s WWII slogan “Loose Lips Sink Ships”) that the U.S. Air Force Central Command used a couple of weeks ago for an article aimed at raising airmen awareness about the risk of sharing sensitive information on social media.

Indeed, the AFCENT article speaks directly to the threat posed by Islamic State supporters who, according to Stripes, on at least two occasions have acquired and posted online personal data of military personnel, urging sympathizers, “lone wolves,” to attack Americans in the States and overseas in retaliation for the air strikes.

The article highlights the importance of proper OPSEC to keep sensitive information away from the enemy and to prevent leakage of information that could put missions, resources and members at risk,  “and be detrimental to national strategic and foreign policies.”

Interestingly, the article only focuses on the smart use of social media. Ok, however, there are other possible OPSEC violations that the U.S. Air Force (as well as many other air arms currently supporting Operation Inherent Resolve, in Iraq and Syria, or Enduring Freedom, in Afghanistan) should be concerned of.

In October 2014 we highlighted the risk of Internet-based flight tracking of aircraft flying war missions after we discovered that a U.S. plane possibly supporting ground troops in Afghanistan acting as an advanced communication relay can be regularly tracked as it circles over the Ghazni Province.

The only presence of the aircraft over a sensitive target could expose an imminent air strike, jeopardizing an entire operations.

Although such risk was already exposed during opening stages of the Libya Air War, when some of the aircraft involved in the air campaign forgot/failed to switch off their mode-S or ADS-B transponder, and were clearly trackable on FR.24 or PF.net and despite pilots all around the world know the above mentioned websites very well, transponders remain turned on during real operations making the aircraft clearly visible to anyone with a browser and an Internet connection.

Magma 13

USAF C-146A Wolfhound of the 524th Special Operations Squadron

During the last few months many readers have sent us screenshots they took on FR24.com or PF.net (that only collect ADS-B broadcast by aircraft in the clear) showing military planes belonging to different air forces over Iraq or Afghanistan: mainly tankers and some special operations planes.

Hoser 15

Canadian tanker

We have informed the U.S. Air Force and other air forces that their planes could be tracked online, live, several times, but our Tweets (and those of our Tweeps who retweeted us) or emails have not had any effect as little has changed. Maybe they don’t consider their tankers’ racetrack position or the area of operations of an MC-12 ISR (Intelligence Surveillance Reconnaissance) aircraft a sensitive information…

A330 over Iraq

RAF A330 tanker over Iraq

Image credit: screenshots from Flightradar24.com

 

You can track the first helium balloons of Google Project Loon’s aerial wireless network

Helium balloons of the future network that should give Internet to everyone in the world fortunately use ADS-B.

If you point your browser to Flightradar24.com and zoom off the coast of New Zealand, you’ll see 7 slow moving aircraft: these are actually helium balloons, part of Google’s Project Loon, broadcasting their position, speed, altitude etc. via Mode-S ADS-B.

Project Loon is a research and development project whose aim is to provide Internet access to everyone, even if they live in rural and remote areas. The project features high-altitude balloons, made from sheets of polyethiylene plastic and measuring 15×12 meters,  placed in the stratosphere at an altitude of about 20 mi (32 km) with the purpose of crating an aerial wireless network with up to 3G-like speeds.

The helium balloons are all “floating” around 1,000 feet to the southeast of New Zealand, and a probably involved in a testing campaign; after the trial (kicked off in June 2013) Google hopes to launch thousands of balloons around Earth to provide global Internet access.

In the wake of Snowden scandal, someone said that the purpose of the project may not be philantropic and the task of the network of balloons would be global communications monitoring. But this is another story.

Top: Flightradar24.com screenshot

Enhanced by Zemanta

Cyber Threats debut on the flightline at Nellis Air Force Base’s Red Flag

Maintainers counter cyber threats for first time at Nellis’s Red Flag

“Train as you fight, fight as you train” has always been Red Flag‘s motto.

U.S. Air Force’s main exercise has to prepare aircrew and support personnel to fight modern war. In the air, on the ground, over the sea and in the cyberspace.

For the first time, the recent Red Flag 14-1 at Nellis Air Force Base featured a “contested, degraded or operationally limited” environment, or CDO, for maintainers, who were trained to cope with cyber vulnerabilities in the systems they use on the flightline.

Ground personnel are always using  computers and brand new technologies that may be targeted by cyber attacks launched by tech-savvy adversaries: laptop used for aircraft maintainance and diagnosis, GPS systems, communication and network equipment are all high-value targets for enemy hacking teams. That’s why Red Flag maintainers receive academics on cyber vulnerabilities, information operations and other CDO-related threats.

Hence, along with “kinetic operations” conducted by fighter jets, attack planes and strategic bombers that must dominate a contested airspace or battlefield, a simulated “non-kinetic” war is fought by Red Flag participants to defend their critical systems from attacks coming from the cyberspace; attacks that may be as devastating as those using bullets, bombs and missiles.

Image credit: U.S. Air Force

 

Enhanced by Zemanta