Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacking Nuclear Command and Control

Posted by samzenpus on from the why-haven't-you-radioed-the-plans-countermanding-the-go-code dept.

The Walking Dude writes "The International Commission on Nuclear Non-proliferation and Disarmament (ICNND) has released an unclassified report exploring the possibility of cyber terrorists launching nuclear weapons. Ominous exploits include unreliable early warning sensors, unsecure nuclear weapons storage, transportation blunders, breaches in the chain of command, and the use of Windows on nuclear submarines. A traditional large-scale terrorist attack, such as the 2008 Mumbai attacks, could be combined with computer network operations in an attempt to start a nuclear war. Amidst the confusion of the traditional attack, communications could be disrupted, false declarations of war could be issued on both sides, and early warning sensors could be spoofed. Adding to this is the short time frame in which a retaliatory nuclear response must be decided upon, in some cases as little as 15 minutes. The amount of firepower that could be unleashed in these 15 minutes would be equivalent to approximately 100,000 Hiroshima bombs."

20 of 256 comments (clear)

  1. IRL by hellfish006 · · Score: 5, Funny

    "...and the use of Windows on nuclear submarines" Talk about your Blue Screen of Death

    1. Re:IRL by AlecC · · Score: 4, Informative

      Windows is used on British Nuclear submarines - but not as part of the command and control system and certainly not the nuclear missile systems. Nuclear submarines have crews, and require stores control and admin systems for their food and other needs. These are standard Windows systems, but have nothing to do with the military side of the system.

      --
      Consciousness is an illusion caused by an excess of self consciousness.
  2. Break out the random dialer... by DaRanged · · Score: 4, Funny

    Shall we play a game?

  3. Windows on submarines? by PvtVoid · · Score: 4, Funny

    Windows on a submarine sound like a pretty bad idea to me...

    1. Re:Windows on submarines? by Cur8or · · Score: 5, Funny

      Maybe, but "The hunt for Redhat October" would be a bitching movie.

      --
      Winkey shortcut mapping for 64bit windows. WinKeyPlus
    2. Re:Windows on submarines? by nicc777 · · Score: 5, Funny

      Especially if you open one...

      --
      Need an ISP in South Africa?
    3. Re:Windows on submarines? by Anonymous Coward · · Score: 5, Interesting

      at least the submarine is generally a stand-alone network

      My next-door neighbour, a middle-ranking officer on the UK's Vanguard fleet of nuclear submarines, asked me to fix his laptop ready for the recent 3-month wargame off Florida. Naturally, the "fix" was as simple as identify trojan, format, re-install MS-Windows, install Avast, advise him not to run keygens he'd randomly downloaded off a torrent, and slip an Ubuntu live CD into the laptop bag in the hope it'd pique his interest.

      As I returned it to him, I said "I turned WiFi and Bluetooth off by default. I assume you'd get in trouble if your stealth-sub got spotted by something as simple as your opponent searching for available networks."

      Apparently he'd never thought of that. And regaled me with stories of how long undersea voyages are just one huge wireless LAN party and movie fileswap meet. And asked me to turn WiFi and BT back on.

      Nuclear subs are just one huge Faraday cage, right? Right? No really, they are... aren't they?

    4. Re:Windows on submarines? by interactive_civilian · · Score: 4, Informative

      Nuclear subs are just one huge Faraday cage, right? Right? No really, they are... aren't they?

      Radio waves don't propagate far under water, as it absorbs those frequencies. If an enemy is close enough to detect your wifi or bluetooth, they are close enough to have already found you on passive sonar.

      --
      "Empathise with stupidity, and you're halfway to thinking like an idiot." - Iain M. Banks
  4. People in the know by MichaelSmith · · Score: 4, Interesting

    Most people know a thing or two. Some people know their way around weapons systems but most people don't. Most people are sane and rational but a few people are not. The unabomber wasn't rational but fortunately he was a mathematician, not a rail signalling engineer or an air traffic controller.

    I don't believe that Al Qaida could weasel their way into the control systems for missiles, unless they come across somebody smart enough and crazy enough to be of value to them. I don't believe there is any systematic reason why this could not happen, it is just very unlikely.

    At the moment it is much easier for the terrorists to work with the tools they know.

    Researching Kaczynski for this post has got me thinking. With his background he could have gone into a field where he gained access to some critical systems. Lots of secure areas employ mathematicians. But then he might not have had the time and resources to develop his nutty ideas. He had to withdraw somewhat to do that. Was the Jack D Ripper character a realistic possibility? Or would a maniac have been unable to rise to a position of responsibility?

    --
    http://michaelsmith.id.au
    1. Re:People in the know by maxwell+demon · · Score: 5, Funny

      The unabomber wasn't rational but fortunately he was a mathematician

      An irrational matematician may sound like an oxymoron, but really, there are uncountably many of them. Rational matematicians are the exception, and even they are dense. :-)

      --
      The Tao of math: The numbers you can count are not the real numbers.
    2. Re:People in the know by Ihlosi · · Score: 4, Funny
      An irrational matematician may sound like an oxymoron,

      Hello? i has been around for quite a while now, you know.

  5. Usual fear-mongering by cluke · · Score: 4, Insightful

    So, the "International Commission on Nuclear Non-proliferation and Disarmament" releases a report saying Nucler weapons are dangerous? Who would have thunk it?

  6. We don't live in a comic-book universe... by VShael · · Score: 4, Insightful

    Do we have ANY super-villain cyber hackers in the world who WANT to start a nuclear war and launch 100,000 hiroshima type bombs?

    Seriously?

    Who do they envision being behind this? Doctor Evil???

  7. Navy nets are segregated by BobMcD · · Score: 5, Informative

    From personal experience I can say that 'Windows on a submarine' really isn't an issue. The Navy uses at LEAST three independent networks on their ships. Two that I was told about and one that I wasn't supposed to notice on my own. These aren't connected together, and only one of them connects to the outside world. Even if they were running a completely un-patched version of Windows 3.11 on that inner-most network, they're still as secure as they need to be.

    In the case of the Navy's most important systems, they're not secured via copper but instead by steel-jacketed lead.

  8. Windows on Nuclear Submarines by Fantom42 · · Score: 4, Insightful

    The use of Windows on nuclear submarines is not a big deal without providing a lot more context. Is Windows being installed to perform a critical function? Is there an independent backup implemented in hardware? There remain a lot of questions to be answered before I care that Windows is installed on submarines, especially given the alarmist tone of the paper as a whole.

    The article (mis?)cited even talks about how the systems being used don't "usually" get autonomous control of the weapons systems. (http://www.theregister.co.uk/2008/12/16/windows_for_submarines_rollout/) That's pretty vague, but not really surprisingfor a reporter.

    So, is Windows on submarines a concern? Sure it is. Quite frankly, (get out your -1 mod points) for a high risk system, one in which failure can cause loss of life on a massive scale, using Linux, or any computer system is a concern.** Luckily, if engineers are doing their jobs correctly, they know how to design these systems to prevent a software failure from causing one of these events. This almost invariably means using custom software or (better) simple hardware to implement/interlock critical functions and use regular COTS software for the rest. And yes, false indications are an example of a critical function. If the software were to indicate a missile launch, for example, I would expect a way to verify that using hardware in the procedure before moving on to the next step.

    ** This is because any of these systems are too big to have the kinds of quality steps needed for such a system (think TRACEABLE code coverage, testing, requirements traceability, application of coding standards and other software engineering principles, all must be traceable). Maybe if Linus Torvalds and everyone who works on the Linux kernel was hired by the DOD and held to a software quality standard, like DO-178B (http://en.wikipedia.org/wiki/DO-178B)*** there would be a small chance of being able to use this software for a function that is required to prevent loss of life.

    *** Having dug through DO-178B, it is not without its issues, either. But its a good starting point at least.

  9. Could, Could, Could . . . by siloko · · Score: 4, Insightful

    Talk about your Blue Screen of Death

    Agreed, but I was wondering when the quantity of "could's" in a summary turns it from a "report" into a "work of fiction"?

  10. Auto-update by Smivs · · Score: 4, Funny

    "...and the use of Windows on nuclear submarines" Talk about your Blue Screen of Death

    It could be worse:
    Sub Commander: "Enemy vessel has locked on and fired anti-sub missile. Impact in 10 seconds. Immediate Anti-missile counter-strike authorised. Target enemy vessel with Tomahawk."
    Sub operator: "Incoming target acquired and locked on. Tomahawk ready for launch authorisation."
    Computer: "Automatic update has replaced current program with I.E 8 as default. Computer re-booting. This will take 30 seconds"
    Sub crew: "S**t!"

    --
    Smivs on the intertubes!
  11. Re:oh yes by Anonymous Coward · · Score: 4, Funny

    Why?

    Mostly because having windows on such a submarine isn't very practical.
    You cant open them to get any fresh air in, there is little to no light getting in, and the view is just terrible most of the time!

  12. You must never have been in the military. by k.a.f. · · Score: 4, Insightful

    Agreed, but I was wondering when the quantity of "could's" in a summary turns it from a "report" into a "work of fiction"?

    When assessing your adversaries, you always assess capability, not probability or even intention. "Can't possibly" is acceptable, but improvable. "Might" raises serious concern. "Could" is reason for all-out batshit-crazy paranoia.

    And I like that things are that way. At least, y'know, when dealing with unauthorized nuclear launches.

  13. This could be even Worse by koolfy · · Score: 5, Funny

    Sub Commander: "Enemy vessel has locked on and fired anti-sub missile. Impact in 10 seconds.
    Impact in 9 seconds.
    Impact in 8 seconds.
    Impact in 7 seconds.
    Impact in 12 seconds.
    Impact in 2 seconds.
    Impact in 1 seconds.
    Impact in about an hour.
    Impact in 4 minutes.

    -- BOOM

    Finished copying 2MegaTons file "Missile.snk" from "Vessel" to "Your Ass".

    Thanks for using MIcrosoft Windows Vista.

    --
    Segmentation Fault in "Life, Universe and Everything" at line 42. Don't Panic.