We often hear about cyberattacks, cyber operations, and malware infections that target computer systems or smartphones. Attacks against civilian infrastructure facilities such as hospitals, water sanitation systems, and the energy sector similarly get a lot of airtime. But there is another type of high stakes system that gets much less attention: weapons systems. These include guided missiles, missile, and anti-missile systems, tanks, fighter jets, and more—all of which are computerized and possibly networked. We can imagine that weapons systems contain security vulnerabilities similar to most other information systems, including serious ones.
A malicious adversary taking over the control of deadly weapons capable of kinetic destruction may sound like a political fiction plot begging to be overhyped. But today, computerized weapons systems control the defense pillars of many countries. And though information on these systems is highly secretive, there is one thing we do know: While accessing such systems is not easy, they almost certainly contain vulnerabilities. My experience indicates that there is no reason to think otherwise. And such a possibility constitutes a potential risk to the world’s security and stability.
The consequences of such hacking operations could be dire. Control over these weapons systems is an integral state prerogative, and any external interference with them could be interpreted as interference in the internal state matters, leading to retaliation. No country would simply allow adversaries to peek inside the matters restricted to state control, such as the oversight of the army. Fortunately, actually pulling this off is far from simple.
Conducting a cyberattack of this kind would require not only hostile intentions, but also the existence of security vulnerabilities in the controlling systems. In order to exploit such bugs, the attacker would also need access to that system, which is not easy to obtain. But these obstacles are not impenetrable.
We should hope that such cyber risks remain low. In order to ensure that they do, the number and severity of these vulnerabilities must be controlled. The world’s militaries and governments must create a management process for the discovery of vulnerabilities—one that encourages finding them, establishes a system for fixing them, possibly even shares the information with allies, and generally works toward attaining stability. Similarly, the opportunity to exploit any weaknesses should be tightly guarded, typically by allowing access only from the internal networks, which malicious actors would be unable to reach.
Hopefully, the world's militaries are already, in fact, looking for these vulnerabilities. But if they have found them in the past, the information about such findings has rarely been disclosed in the public. This sphere is permeated with silence. The public tidbits come from the rare reports or occasions of remarkable transparency. Such reports are a litmus test, confirming suspicions of vulnerable weapons systems. For example, the 2018 US Government Accountability Office report includes a remark about the routine identification of “mission-critical cyber vulnerabilities that adversaries could compromise,'' including the ability to take full control over the tested systems, in some cases. It goes on to explain that these vulnerabilities pose unique threats to large, interdependent systems, also because updating or replacing just one part is far from simple. According to the report, a “patch or software enhancement that causes problems in an email system is inconvenient, whereas one that affects an aircraft or missile system could be catastrophic.”
Fortunately, awareness of this issue does seem to exist in certain communities. In a 2021 declassified briefing, the US Department of Defense disclosed that cybersecurity risks had been identified in multiple systems, including a missile warning system, a tactical radio system, a guided missile, and the B-2 Spirit Bomber. While the details of the identified and fixed cybersecurity issues remain classified, we can reasonably conclude that these and other weapons systems contain serious weaknesses.
The (classified) results of the audit of a 16-year-old B-2 Spirit bomber, capable of carrying nuclear munitions, raises similar concerns. Technical details of the report are not available to the public, but what we can see allows us to reasonably conclude that serious cybersecurity vulnerabilities exist in weapons systems, including those that would let the potential adversary take control over a system. This is likely because the maintenance of such old legacy systems is always a cybersecurity challenge, whether it’s obsolete systems used in hospitals, or weapons systems used by the world’s militaries. Fortunately, in the process of updating them, some issues are detected and corrected. But the phenomenon of cybersecurity risks in existing weapons systems is real. And this is true not only of the weapons systems employed by the US, but likely also of virtually every other weapons system employed by any other country.
To avoid the risk of tampering, these sensitive systems should remain in non-public networks, isolated from public access. While air-gaps can be bypassed, it would still be challenging to maintain reliable enough access to such protected systems to prepare and execute attack plans. This point is highlighted in a report from the École Spéciale Militaire de Saint-Cyr, the special military school of the French Army, which details the insight on cyber resilience of weapons systems. The report notes that “weapons systems structures are designed to have very few points of access or openings to cyberattackers ... not only because of their limited interconnection, but also because they use atypical technologies.''
Even so, risks of supply-chain compromise remain. When malicious or fraudulent elements are inserted into the system, it may impact its operation or integrity. Such risks are not merely imaginable. Suspicions that such compromises have already happened appear in a report by the US Defense Science Board. In it, the task force mentions “instances that may have been unsuccessful attacks on critical weapons systems via malicious insertion.” While unconfirmed, the ability of external actors to tamper with off-limits systems is worrisome, especially when one imagines the consequences of losing control over weapons systems that can direct strikes.
Much like everything else, weapons systems will only become increasingly computerized. Soon, this will perhaps include space-based systems, or nuclear weapons systems as well. In order to protect these, policymakers and the military decision-makers should consider recommendations to put in place assessment frameworks to identify and manage the cybersecurity risks facing further computerization or interconnection built into weapons systems. A recent report from the US Cyberspace Solarium Commission advises designing a special process of assessing the cybersecurity of weapons systems. Preparing such assessment processes will require allocating substantial funds purely to technical defense. Fixing existing systems might not result in headline topics, but it may bring tangible defensive results.
The exploitation of vulnerabilities in weapons systems could bring high risks to the life of the humans operating these machines, the army who controls them, or even civilians. The far-fetched consequences may even include an armed conflict. The world would be better prepared for such a risk if we could avert a cyberattack-based compromise of weapons systems. We do not know if the world’s militaries are working towards attaining the capability of hacking adversary weapons systems. But having such powers would be dangerous to the world’s stability and peace.
This article first appeared as an opinion-editorial in Wired.