Pages

28 August 2017

Cyberwar Risk – Was U.S. Navy Victim Of Hacking?


– U.S. Navy collisions: More than a coincidence?
– Latest U.S. Navy collision is fourth involving a Seventh Fleet warship this year
– Have US Navy vessels become victims of hacking asks Rickards
– Chief of Naval Operations, Adm. John Richardson, has not ruled out cyber intrusion
– “Once is happenstance. Twice is coincidence. The third time it’s enemy action…” – Ian Fleming
– Cyber security cause for concern in autonomous vehicles, aeroplanes and now ships
– Serves as reminder that a connected world can expose and create vulnerabilities
– Cyber security a major threat to banking and financial industry
– Investors should hold physical gold as insurance against hacking, cyber attacks

The tragic U.S. Navy incident of the USS John McCain earlier in the week has raised several questions about the cause. Many are wondering if it was more than human error given this is not an isolated incident.

In the last year there have been four collisions in the area, including the latest one. So far in 2017, 17 US sailors have died in the Pacific southeast in events which have been attributed to accidental collisions with civilian vessels.

In January the USS Antietam ran aground near Yosuka, Japan.

In May the USS Champlain collided with a South Korean fishing vessel.

On June 17th seven US sailors died when the USS Fitzgerald — operating near Yokuska — collided with a container ship from the Philippines. It was determined that “the bridge team lost situational awareness.”

Pentagon and intelligence insider Jim Rickards points out “when the same basic incident happens twice, you have to raise your eyebrows. When you have a low-probability event that happens twice, in other words, the likelihood of coincidence becomes infinitesimal.”

Rickards and others are wondering if the Navy’s decades-old reliance on old electronic guidance systems has become the victim of multiple cyberattacks.

There are two main ways a hacker can interfere with a warship: by attacking its GPS or a malware attack on its computer network.

Rickards isn’t the only one asking questions. Experts at cybersecurity firms have also been voicing their concerns, as reported by Tim Johnson in McClatchyDC:

“When you are going through the Strait of Malacca, you can’t tell me that a Navy destroyer doesn’t have a full navigation team going with full lookouts on every wing and extra people on radar,” said Jeff Stutzman, chief intelligence officer at Wapack Labs, a New Boston, New Hampshire, cyber intelligence service.

“There’s something more than just human error going on because there would have been a lot of humans to be checks and balances,” said Stutzman, a former information warfare specialist in the Navy.

Todd E. Humphreys, a professor at the University of Texas and expert in satellite navigation systems, echoed a similar concern: “Statistically, it looks very suspicious, doesn’t it?”

Understandably the U.S. Navy are trying to keep a lid on any theories of cyber attack. However, in a tweet on Monday Chief of Naval Operations, Adm. John Richardson, did not rule out a cyber attack as a potential cause of the fatal collision:
“No indications right now … but review will consider all possibilities…”

Rickards: Is Someone Attacking the U.S. Navy?

Rickards is always worth reading and he wrote this in the Daily Reckoning:


Some recent tragic incidents involving the US Navy have captured my attention.

There have been two deadly incidents within the past two months, in which Navy warships have collided with merchant vessels.

In the first incident, seven sailors were killed in June when the destroyer USS Fitzgerald collided with a cargo ship near Yokosuka, Japan.

Then this month the USS John McCain, a ship just like the Fitzgerald, collided with an oil tanker near the Strait of Malacca, close to Singapore. Sadly, 10 sailors are lost.

What’s going on here?

Is the Navy losing situational awareness? Are the crews not properly trained? Are they not keeping watch?

We don’t know at this point. It’s all under investigation.

But there’s one possibility I want to raise, and I want to be very clear about this:

I’m raising the possibility for public debate. It’s speculation on my part; I do not have any hard evidence. So I want to be clear that this is not something based on any actual intelligence I have.

But if there were just one incident, if one civilian vessel had collided with one destroyer, the assumption would be that it was just an accident. Maybe there was some equipment failure or the crew on watch failed to detect the ship for whatever reason.

But when the same basic incident happens twice, you have to raise your eyebrows. When you have a low-probability event that happens twice, in other words, the likelihood of coincidence becomes infinitesimal.

You have to basically multiply one low probability by another low probability, and what you end up with is an extremely remote chance that both events are purely accidental.

Is it possible that our adversaries, whether North Korea or Russia or perhaps even China — who are extremely good at hacking — have hacked into the navigation systems of these civilian vessels?

Could they be using them as, in effect, battering rams or propeller torpedoes to crash into US naval vessels?

I started a discussion about this topic on Twitter. Here’s what I posted:

“Second tragic collision of U.S. warship with merchant vessel raises suspicion of nav system hacking on merchantmen. Are we already at war?”

It received a lot of comments. One was a very interesting comment from former Vermont governor and presidential candidate Howard Dean.

Dean said, “It’s a possibility. I’m not sure if maybe experts talked about this. How about putting some knowledgeable intelligence folks on it?”

I agree completely.

Again, I don’t want to jump to conclusions. But we should at least consider the possibility that someone’s combining cyberwarfare with kinetic techniques to attack American ships.

In other words, hacking into a system to turn a civilian merchant vessel into a battering ram to attack US vessels remotely.

This is something the Russians have worked on. That’s not speculation. We do have intelligence that the Russians have actually tried techniques like this on vessels in the Black Sea.

I’m not the only one asking questions about these incidents, though. Here’s what a former Navy information warfare specialist and current chief intelligence officer at a cyber intelligence service has to say about yesterday’s collision:

“When you are going through the Strait of Malacca, you can’t tell me that a Navy destroyer doesn’t have a full navigation team going with full lookouts on every wing and extra people on radar.”

He adds:

“There’s something more than just human error going on because there would have been a lot of humans to be checks and balances.”

Again, I want to make it clear: I have no proof that hackers were behind these recent incidents.

And if it’s not true, it would be a relief because the problem would be easier to fix through better training and improved protocols.

Again, it could all just be coincidence. But I don’t think we should ignore these incidents. The odds of these low-probability events taking place in such a limited amount of time at least make you scratch your head.

You can bet the US Navy will be doing everything possible to get to the bottom of this.

This isn’t just about the U.S. Navy

Sadly, possible cyberattacks on ships are not just isolated to the U.S. Navy. Civilian shipping is also thought to have fallen victim to sabotage.

On June 27th a global computer attack affected thousands of ships.

Maersk was forced to manually track cargo amid the attack. Earlier this month CEO Soren Skou announced losses of up to $300 million.

Autonomous ships are close to setting sail. This follows a similar pattern in other forms of transport including cars and aeroplanes. All will be exposed to the risks of cyber attacks.

“There is already a lot of interest in cyber protection of cars and autonomous vehicles, we can deduce from that, there might be a way to control ships and airplanes,” Itay Glick, the founder of cyber security firm Votiro, told news.com.au.

“Whenever control of the vessel is done by computer, or navigation is done by computer, there is a big risk for a cyber attack on that computer.”

Given the push for automation in our lives, this is a problem which could potentially just be getting started.
Everything is being automated

We are growing increasingly used to our day-to-day lives being automated.

I can now order washing detergent without really being aware that I need to, my phone effectively reads my mind as it prompts me (without instruction) about things I must do, I never consciously pay a bill any more, the heating in my house no longer requires my input and I don’t even need a key to enter my home.

My life is automated.

Sounds great, the problem is (aside from increasing weight gain as I don’t have to go anywhere) that it is all online. It is out there for others to see, should they want to.

This means it is highly vulnerable to cyber attack. One day I could be locked out of a boiling hot house which is overrun with washing detergent and final demands for bills I haven’t paid.

The same can be said for our investments and banking. Understandably we do it all online. We should do this because it makes life easier but we should also be aware of the risks it brings and how to protect ourselves.

By owning allocated and segregated physical gold with GoldCore you are protecting yourself against potential hackers in two ways.

First: GoldCore works extremely hard to provide the highest level of security for their clients – both online and offline.

Second: Gold is a tangible asset. This means it cannot just disappear at the touch of a few buttons, courtesy of a few hackers. Should there be a global cyberattack on the financial system, the primary wealth would no longer be primarily digital (cash, stocks and bonds etc).

Instead, tangible wealth would become more important.

Gold will not only be important because of its tangible nature but also because of its role as a safe haven in times of geopolitical risks. A cyberattack whether on the U.S. Navy, a civilian ship, an election or across the financial sphere is an attack. It is a weapon being fired by one party on another.

Whilst we do not know what or who has caused these tragic incidents which have befallen the U.S. Navy, we should learn from them.

Modern digital systems including electronic banking and financial systems have vulnerabilities. We should arm our portfolios with gold bullion, as our insurance and safe haven.

No comments:

Post a Comment