ANN ARBOR – Over the
next few weeks, MITechNews.Com will be publishing excerpts from cybersecurity
expert Richard Stiennon’s latest
book, called There Will Be Cyberwar. The book makes the case that the US
military rushed to “network
everything” and,
like most organizations, neglected to secure its most critical systems, opening the door to a possible cyberattack as deadly as the Japanese attack on Pearl Harbor in 1941.
One
point he makes is that an orchestrated effort on the part of China over the
past 15 years to hack the defense industrial base networks and US military
networks, “such as
stealing designs of the advanced military systems such as the Joint Strike
Fighter, was in reality to discover weaknesses in those systems that the People’s
Liberation Army could exploit in conflict. While the knowledge that source code
and configuration data was stolen was recognized by the NSA and FBI, they never
surmised anything beyond industrial espionage.”
We
pick up the book in chapter one when Stiennon writes a fictitious REPORT ON SPECIAL INVESTIGATION INTO
THE TAIWAN STRAITS CONFLICT OF MARCH 18, 2018
Presented
to the Armed Services Sub-Committee May 12, 2018.
Since at least 2013,
the Chinese PLA had enhanced their use of encryption and embarked on a secret
mission to gain advantage over the US fighting forces. It now appears that the
entire scenario was planned for years and that, when the time was right, it was
executed. It is outside the scope of this report to address the intelligence
failure beyond these findings and to recommend a separate investigation into
the IC which has focused on data gathering and mining at the expense of long
term discovery of adversary intent.
Because of the loud
outcry from the Chinese Communist Party and expressions of discomfort from
allies in Asia, namely Japan, and Korea, the President asked the Joint Chiefs
for guidance. The Joint Chiefs recommended a show of force, which included
moving the 7th Fleet into the Taiwan Straits, as well as mobilizing the 4th
Fleet from San Diego where it had just returned from the joint US-Korea naval
exercises. Diplomatic channels were used to warn China not to move missile
barrages into place across the Straits, and apprised Chinese leaders that this
was a show of force, not an imminent military incursion. China acknowledged
this; however, through channels, added a warning that an incursion into its
territorial waters for any reason would be viewed as an act of war.
The investigators who
have assembled this report were most interested in how the 7th Fleet came to
encroach on China’s
territory although the mission plan explicitly called for that boundary to be
given a wide berth.
While the inadvertent
incursion into Chinese territory is viewed widely as the trigger of the event,
this investigation has found that it started days before and that the incursion
was manufactured by Chinese action. Every communication channel from the office
of POTUS to the Joint Chiefs to Pacific Command was compromised. Not only could
the PLA intercept and decrypt those channels, it could also inject misleading
information. Work is still under way to determine the implications of the false
weather reports that led the commander of the Fleet to understand that weather
in the target zone would be clear when in fact it was overcast with limited
visibility. Recorded data from most communications during the 72-hour period of
the engagement is, of course, missing since it was erased by the infected
payloads received.
It now appears that
the incident in northern Wisconsin involving what was thought to be a rogue
terrorist cell and the death of two DISA officers who were inspecting the ELF
array was connected to the events of March. Key management for the US ballistic
missile fleet is archaic. While Cold War era means of cycling through
encryption keys manually and only periodically sufficed in an earlier period,
they evidently should be updated. The attack and loss of the key storage unit
that was in the possession of the two officers now appears to have been timed
to give the attackers maximum benefit of the encryption keys before they were
set to expire. That expiration date, only two days after the engagement,
indicates that the PLA had orchestrated the entire set of events, perhaps even
inciting the rhetoric around the Taiwan election.
It also now appears
that some of the delays experienced by the prime contractor for the GPS III
series of satellites was also orchestrated by the PLA. Multiple cyber
incursions, which were attributed at the time to DPRK, against subcontractors
of critical components set back final delivery by 18 months after two years of
delays that can be accounted for by nominal issues with the defense procurement
process. In addition the failure of the Delta IV launch vehicle at Vandenberg
in January put that launcher on hold pending the accident investigation. In
light of the findings in this report it is recommended that the inquiry be
expanded to include foul play on the part of foreign agents.
Without the
completion of the GPS III constellation the 7th fleet relied on current GPS.
The PLA used their own satellites, which had been identified as new weather and
earth resource platforms to send signals that were much stronger than the US
GPS satellites. These signals are the primary measure the PLA used to set their
plan in motion.
As the 7th fleet
approached Taiwan it launched four F-35 Lightning fighters. These fighters
failed to rendezvous with their tankers. It is evident that their GPS guidance
was compromised and they received the wrong coordinates for the rendezvous. At
the same time the tankers that had flown from Kunsan Air Base in South Korea
were also misguided. The discrepancy between courses is estimated to have been
200 nautical miles. The tankers were able to re-establish correct GPS
connections shortly after they left the engagement area. None of their
communications reached the 7th Fleet. Low on fuel and headed back to the
carrier group the F-35 squadron were intercepted by still unidentified fighter
jets. The sole survivor of the trailing F-35 reports that the sophisticated
enemy identification systems on board failed to trigger any alerts.
Investigations are ongoing but it now appears that the mission data set
uploaded to the onboard computers during the flight preparation procedure were
corrupted. The entire US Reprogramming Lab at Elgin Air Force Base, Florida, is
under investigation as the most likely source of the corrupted data sets.
The loss of
communication with the fighters and tankers led the Fleet Commander to believe
that he was engaged in an active battle situation and he took steps to arm the
Aegis missile systems. Reports from survivors indicate there were no anomalies
in the behavior of the Aegis system, all readouts were nominal.
The errant GPS
signals were also the cause for the fleet being out of position by 160 nautical
miles, putting them well inside the air defense identification zone (ADIZ),
China had declared over the East China Sea in November 2013. The overcast skies
prevented the normal navigational sightings that may have warned the officers
of a problem with the GPS navigation system. Television broadcasts from an
island north of Taiwan provided visual confirmation of the fleet being well
within China territorial waters. It now appears that the fleet was expected and
that the cameras had been positioned specifically to support China’s
claims of legal authority to strike. Satcoms and imagery did not give warning
and may have also been tampered with. The low ceiling and false weather reports
contributed to the confusion as Fleet Command tried to regain situational
awareness, as they were in a state of disarray trying to ascertain what had
happened to the fighter squadron.
When the first
Chinese J8 fighters flew a reconnaissance pass it was discovered that the
targeting radar systems would not lock on to them. When the torpedo-armed
bombers approached, the Commander ordered the launch of Aegis
surface-to-air-missiles. These missiles also failed to obtain a lock in-flight
and never corrected course. It now appears that the media reports, gathered
from the survivors recounting what they had seen, were incorrect. The Chinese
aircraft did not have a new stealth technology that made them invisible to
radar, but in fact used electronic countermeasures that triggered a previously
unknown bug in the radar control systems that caused them to disable the Aegis
guidance system.
Coincident with the
beginnings of hostilities the USS Minnesota (SSN-783)
received an unauthorized command via ELF to surface immediately for further
instructions. Its mission had been to cover the 7th Fleet and provide support
should it be needed. It surfaced well within the radius of effects caused by
the upper atmosphere EMP device detonated over the area. Those effects were the
first indication that PACCOM had that a major military engagement was under
way.
The loss of the USS Reagan aircraft carrier and the flanking destroyers was accomplished with Chinese air
launched torpedoes. Witnesses from the tenders and other locally-based boats
that eventually fled the area report that the carrier and destroyers did not
take evasive maneuvers or launch any type of defense. Most of the surface fleet
reported loss of radar, ship-to-shore comms, and that onboard systems crashed
and were re-booting even as the torpedoes struck. The EMP blast finished what
the onboard failures had started, the complete disarming of the 7th Fleet.
Excerpted from There Will Be
Cyberwar: How the Move to Network-Centric War Fighting Has Set the Stage for
Cyberwar by Richard Stiennon.Purchase it today from Amazon in print ($14.90) or Kindle ($9.99)
formats. http://www.amazon.com/There-Will-Be-Cyberwar-Network-Centric/dp/0985460784/
