I know this is dated, but I found it too funny given other recent articles like the article suggesting Israel hacked Syrian Air Defenses. I watched Wired Science’s report on the Estonia attacks this week, as well.
Command and Control systems are definitely lacking in user-friendliness, but my concern here is the unlikeliness of a more secure, robust version of Windows available for Warships. I get nervous at the thought of combat systems on destroyers and submarines running Windows and suffering from the same fate as my desktop when something goes awry.
The notion of hacking Command & Control systems gets a lot more plausible when one considers the Operating System on the other side of the radar array or sensor grid. The news story on the radar hack gets a little more plausible, when you consider an aircraft spewing electronic garbage at a radar array or sensor grid running Windows. It even makes for a great cartoon, given that Syrian air defenses are suggested to have been supplied by Russia and Russia is alleged to be awash with software piracy. It amounts to an electronic equivalent of a DOS attack or fuzzing at the least, on these nodes.
In fact, it is down right scary to think that an information attack can be more destructive than a conventional attack with no notice, little cost, and possible anonymity. Consider the Internet attacks on Estonia that practically cut off the country from the outside world: warfare in the 21st Century has evolved to include the Internet. It makes perfect sense, it can be taken right out of SunTzu’s Art of War or Clausewitz’s Principles of War.
There are similarities in the radar hacking and the attacks on Estonia. Estoniawas blanketed by a remote controlled army of PC’s set to cripple servers and services over the Internet by overwhelming Estonia’s servers and communications links. The Israeli aircraft are reported to have potentially used erroneous RF signals and commands to overwhelm the Syrian Air Defenses from the outside of their perimeter. In effect, these attacks are making use of Internet-based attack techniques from the late 1990’s and early 2000. Warships running Windows software, would make these warships vulnerable to similar threats my home PC is vulnerable to. I pray that the Windows Firewall is enabled by default!!!
Alas, these DoS-style attacks are nothing new. I’m inclined to agree with Kevin Poulsen’s blog on the Estonia attacks, these attacks are nothing like what other nations have done in the past. The Isreali aircraft story is more interesting because of the notion of specialized hardware attempting to subvert the defenses by use of hacking techniques purposely deployed on the aircraft. I imagine, if the story is true, Russia, China, or North Korea are all hardening their systems as we speak.
As for the Warships and Windows, counter-intelligence agencies can just start creating 0-Day Windows exploits and hacking warships instead of having spies conduct clandestine operations to steal technology. It could even be the makings of a new installment in the Wang/No Starch Press Steal This book series, with: Steal This Warship.