Cyber Vulnerabilities Found In Navy's Newest Warship

← Back to Stories (view on slashdot.org)

Cyber Vulnerabilities Found In Navy's Newest Warship

Posted by samzenpus on Sunday April 28, 2013 @04:55AM from the scuttle-the-ship's-computer dept.

An anonymous reader writes with some potentially troubling news about some security issues with the Navy's newest class of coastal warships."A Navy team of computer hacking experts found some deficiencies when assigned to try to penetrate the network of the USS Freedom, the lead vessel in the $37 billion Littoral Combat Ship program, said the official, who spoke on condition of anonymity. The Freedom arrived in Singapore last week for an eight-month stay, which its builder, Lockheed Martin Corp., hopes will stimulate Asian demand for the fast, agile and stealthy ships. 'We do these types of inspections across the fleet to find individual vulnerabilities, as well as fleet-wide trends,' said the official."

32 of 162 comments (clear)

Min score:

Reason:

Sort:

Some Things Never Change by Jah-Wren+Ryel · 2013-04-28 05:05 · Score: 5, Informative

USS Yorktown circa 1997

--
When information is power, privacy is freedom.
1. Re:Some Things Never Change by Anonymous Coward · 2013-04-28 05:53 · Score: 3, Insightful
  
  Fixed? You call running your propulsion control and maneuvering systems on windows nt fixed? This is simply laughable.
  Such systems should only be run on a completely independent tactical network and run only on bulletproof RTOS's.
2. Re:Some Things Never Change by maxwell+demon · 2013-04-28 06:25 · Score: 5, Interesting
  
  USS Yorktown circa 1997
  Interesting quote from there:
  “Because of politics, some things are being forced on us that without political pressure we might not do, like Windows NT. If it were up to me I probably would not have used Windows NT in this particular application ... Refining that is an ongoing process ... Unix is a better system for control of equipment and machinery, whereas NT is a better system for the transfer of information and data. NT has never been fully refined and there are times when we have had shutdowns that resulted from NT.”
  —Ron Redman
  
  --
  The Tao of math: The numbers you can count are not the real numbers.
3. Re:Some Things Never Change by PPH · 2013-04-28 06:51 · Score: 3, Interesting
  
  Client software shouldn't be able to bring down an O/S. Never mind an entire network.
  
  --
  Have gnu, will travel.
4. Re:Some Things Never Change by PPH · 2013-04-28 06:55 · Score: 3, Funny
  
  Its been a few decades since we lost any military assets to a zero.
  
  --
  Have gnu, will travel.
5. Re:Some Things Never Change by CanEHdian · 2013-04-28 08:55 · Score: 3, Informative
  
  Such systems should only be run on a completely independent tactical network and run only on bulletproof RTOS's.
  Plus you need an emergency backup that is independent of the network so you can run everything "locally" and have commands transferred from the bridge the old way.
  
  --
  When the copyright term is "forever minus a day", live every day like it's the last.
I can't imagine... by The+Real+Dr+John · 2013-04-28 05:23 · Score: 4, Informative

I can't imagine spending $37 billion dollars of taxpayers money on anything better for the the taxpayers than some more naval vessels. Why waste it on schools, or roads or infrastructure, when you can have... um, well, some nice new ships for the Navy to sail around in?

--
A brain is a terrible thing to waste... Mind? That's debatable.
1. Re:I can't imagine... by Solandri · 2013-04-28 06:25 · Score: 3, Informative
  
  U.S. spending per student on education is among the highest in the world. Of all the problems which plague our education system, funding is definitely not one of them.
  
  One can argue defense spending needs to be reduced. But proposing it should be spent on schools instead is just shifting money from one bloated program to another.
2. Re:I can't imagine... by Sulphur · 2013-04-28 06:43 · Score: 2
  
  Or, you know, give the money back to the tax-payers and stop fucking spending it - period. Still, I'd rather you pay for your children's education. That's not something that requires the collective effort of the entire nation to accomplish. Defense, however, is. So if it came between subsidizing the education/daycare of your snot-nosed rug-rats versus a navy ship, I'll take the ship.
  However, I'd rather they just but that $37b, period.
  It takes a village to train a village idiot.
3. Re:I can't imagine... by tehcyder · 2013-04-28 21:56 · Score: 2
  
  I find it bizarre that the US spends a higher percentage of GDP on "healthcare" than Britain, even though we have a National Health Service. Clearly, someone is making a lot of money out of health in America. But the fact that you let insurance companies make money out of providing a natural right means that you are in effect creating insurance jobs rather than looking after people's actual health.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
Windows for Warships 2012 now with more touch cont by Joe_Dragon · 2013-04-28 05:33 · Score: 5, Funny

Windows for Warships 2012 now with more touch controls.
To fire swipe the screen.
SITTING DUCK by Jeremiah+Cornelius · 2013-04-28 05:34 · Score: 5, Interesting

The software and network vulnerability issues are the least of the problems for this Water Turkey.
The LCS is not expected to be survivable in a hostile combat environment
From the Congressional Research Service: "The LCS is not expected to be survivable in a hostile combat environment as evidenced by the limited shock hardened design and results of full scale testing of representative hull structures completed in December 2006."
"So, we have a warship design that is not expected to fight and survive in the very environment in which it was produced to do so. Poorly-armed, poorly-protected, with an over-abundance of speed that will eat through a fuel supply in half a day."
This New $350 Million Combat Ship Has Nearly Two Equipment Failures For Every Million Bucks
"The Project on Government Oversight (POGO) researches Pentagon weapons procurement and has published its April 23 letter to members of the House Armed Services Committee, who have themselves 'repeatedly questioned the utility and effectiveness of the Littoral Combat Ship program' in the past.... From the time the Navy accepted LCS-1 from Lockheed Martin on September 18, 2008, until the ship went into dry dock in the summer of 2011 - not even 1,000 days later - there were 640 chargeable equipment failures on the ship. On average then, something on the ship failed on two out of every three days."
Hello US Navy! Thanks for accelerating climate-change, while subverting your mission and betraying the tax payer. I guess your next job, at Lockheed or General Dynamics will be worth all the criminal fraud and needless deaths.

--
"Flyin' in just a sweet place,
Never been known to fail..."
1. Re:SITTING DUCK by teslabox · 2013-04-28 05:56 · Score: 3, Interesting
  
  Hello US Navy! Thanks for accelerating climate-change, while subverting your mission and betraying the tax payer. I guess your next job, at Lockheed or General Dynamics will be worth all the criminal fraud and needless deaths.
  It seems to me that the U.S. military is 30% vocational-training program for people who are failed by k-12 education, 30% make-work (manning missile silos in Montana and maintaining the nuclear arsenal, for example) to sop up human capital that was freed up by the industrialization of agriculture, and 30% wealth-transfer program. I'll give "defense" 10%.
  Realignment of the U.S. military's budget should consider what's important (vocational training, tech R&D), and what's not.
2. Re:SITTING DUCK by ColdWetDog · 2013-04-28 06:16 · Score: 4, Interesting
  
  While the articles are pretty inflammatory and don't really have any details (including the issue with cracks - that's not unexpected in prototypes of high performance watercraft, they can usually be fixed), the core issue is this:
  
  This harsh analysis comes just days after the U.S. Government Accountability Office released a report concluding the Defense Department has a problem with committing to expensive new weapons systems before development is complete.
  This makes no sense whatsoever except as a lucrative cash cow (even a spherical one) for the contractors.
  If you want cutting edge, create a skunk works (maybe the marine equivalent would be slime eel works?). Let them work out the bugs. Your PRODUCTION ships are well defined technology, as kept as simple as possible. Designed for real mission work - not fantasy battles with aliens. Less sizzle, more steak.
  
  --
  Faster! Faster! Faster would be better!
3. Re:SITTING DUCK by maxwell+demon · 2013-04-28 06:19 · Score: 5, Insightful
  
  And those walls have to be guarded by men with guns.
  Wouldn't you then prefer that the guns actually work?
  
  --
  The Tao of math: The numbers you can count are not the real numbers.
4. Re:SITTING DUCK by Jeremiah+Cornelius · 2013-04-28 06:29 · Score: 4, Insightful
  
  Why don't we save the country...
  By slashing Military spending to just double the closest US rival - from 500%?
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
5. Re:SITTING DUCK by quonsar · 2013-04-28 06:39 · Score: 3, Insightful
  
  "So, we have a warship design that is not expected to fight and survive in the very environment in which it was produced to do so. Poorly-armed, poorly-protected, with an over-abundance of speed that will eat through a fuel supply in half a day."
  Clearly, it was designed to turn tail and run. And by God, it performs that mission to perfection.
  
  --
  
  Sacred cows make the best burgers.
6. Re:SITTING DUCK by Anonymous Coward · 2013-04-28 06:53 · Score: 4, Informative
  
  Dumbass, that was a scene from "A Few Good Men", released in 1992.
7. Re:SITTING DUCK by CrimsonAvenger · 2013-04-28 08:32 · Score: 5, Insightful
  
  WAR!
  What is is good for?
  Ask that of the survivors of Auschwitz, Dachau, Treblinka, among others.
  We might also mention the American Civil War and the American Revolution.
  Taking down Napoleon might count too.
  
  --
  
  "I do not agree with what you say, but I will defend to the death your right to say it"
8. Re:SITTING DUCK by the_other_chewey · 2013-04-28 09:33 · Score: 3, Informative
  
  You must have seen another movie than the rest of us.
  
  In our version, the guy giving the "you can't handle the truth"
  speech is not one of the good guys...
9. Re:SITTING DUCK by Anonymous Coward · 2013-04-28 11:23 · Score: 2, Insightful
  
  All the "grand causes" you cite as fixed by wars, were casused by wars.
10. Re:SITTING DUCK by LordLimecat · 2013-04-28 12:42 · Score: 3, Informative
  
  Hes actually court marshalled, and the guys "just following orders" get dishonorably discharged for "conduct unbecoming a US marine".
11. Re:SITTING DUCK by Anonymous Coward · 2013-04-28 18:17 · Score: 2, Interesting
  
  There are actually two LCS classes in service: the Independence class and the Freedom class. The non-survivable LCS is the Freedom class, which is overweight, under-prepared to withstand hostile fire without external buoyancy aids, sucks at shooting anything due to poor weaps design, and its helicopter can't do minesweeping because it's too weak. The Independence class has some corrosion problems, but seems to be a better and more stable design overall.
  They've both had serious operational problems; USS Coronado (LCS4, Independence Class) just made the news with a very minor fire breaking out on board due to some insulation burning, while USS Freedom (LCS1) has had flooding in 2012 and lost its engines in 2013, leaving it adrift at sea.
  Neither LCS is the kind of ship you expect from the world's naval superpower, even as a workhorse non-combat ship. It's a bastard offspring of the Zumwalt class destroyer, which is retooling of the failed DDG1000. All over cost projections, all underwhelming. Too many people trying to get one ship (in each case) to do too many things at the bleeding edge, while we keep WW2-era battleships in museums in good condition with an eye to calling them back into service when we need naval firepower. It's quite a disappointment that the world's naval superpower has such Little Crappy Ships under development, when the Dutch can field the Holland class and other nations are developing small, fast, useful ships.
12. Re:SITTING DUCK by tehcyder · 2013-04-28 21:31 · Score: 2
  
  I really like Team America: World Police too. Oh, wait...
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
13. Re:SITTING DUCK by Bacon+Bits · 2013-04-29 05:15 · Score: 2
  
  I always thought it was telling that we remember this speech, but not what happens next.
  Col. Jessup confesses to ordering the murder of one of his subordinates. He is then immediately told he need say nothing more and that "the witness has rights". He is arrested, and removed from his "post" at the "wall". This is because we should and do question the manner in which we are provided security. In a country where the rule of law is used to provide protection of rights against those who would abuse or usurp them, honor, code, and loyalty are subordinate to rights, duty, and law.
  If Col. Jessup's speech was right, he would've gotten away with his action. Instead, he was removed and court martialed. Col. Jessup put himself, his command, and the Marine Corp ahead of his country, his people, and his men. LCpl Dawson understood this after being dishonorably discharged when he said, "We were supposed to fight for people who couldn't fight for themselves. We were supposed to fight for Willie."
  At least, that's the ideal. I'm sure cynics and pessimists eat that for breakfast. Idealism is fairly anachronistic these days.
  
  --
  The road to tyranny has always been paved with claims of necessity.
Designed by by GeneralTurgidson · 2013-04-28 05:53 · Score: 3

Dr. Gaius Baltar
1. Re:Designed by by Seumas · 2013-04-28 05:59 · Score: 2
  
  That was my thought, exactly. "Didn't we already learn not to network our ships in BSG?"
What a name. by Stormwatch · 2013-04-28 06:25 · Score: 5, Insightful

USS Freedom.
What a name, just like something out of a satirical comic book. Seriously, you 'murricans seem to have a fetish for the word, but the more you use it, the more you seem to forget its actual meaning.

--
Circumcision is child abuse.
1. Re:What a name. by TerranFury · 2013-04-28 08:13 · Score: 2
  Agreed.
  Good Ship Names:
  
  U.S.S. Dauntless
  U.S.S. Enterprise
  H.M.S. Indefatigable
  H.M.S. Indomitable
  H.M.S. Implacable
  U.S.S. Intrepid
  Bad Ship Names:
  
  U.S.S. Freedom
  U.S.S. George H. W. Bush
  H.M.S. Unicorn
  Ship Names Too Excellent to Use:
  
  G.S.V. Eschatologist
2. Re:What a name. by MiniMike · 2013-04-28 13:29 · Score: 2
  
  I noticed on that list the H.M.S. Flambeau. Isn't that just asking for trouble? Hope it had a good fire suppression system...
  There was also a U.S.S. Flambeau
Re:It's an.... by nametaken · 2013-04-28 07:45 · Score: 3, Informative

That is like an official coming out and saying that some new Drone over in Iraq that can be taking control over by yelling your name and location into radio ch-4.
No. We have no reason to think it's anything like that.
The important takeaway is that the Navy is actually checking their shit. The deficiencies in network security were found by Navy pen testers, determined to be "not severe enough to prevent the deployment", the results are classified, and they're working on improving them.
That's how things get done. Test and improve, all the time, because no part of any complex system is, or ever will be, perfect.
Re:Windows for Warships 2012 now with more touch c by Beardo+the+Bearded · 2013-04-28 08:58 · Score: 4, Funny

It looks like you're trying to return fire. Would you like help with this?
0 find hostile ships in the area using cloud services (recommended)
0 check online help for rules of engagement.
0 I don't need help. I can return fire by myself.

--

---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.