U.S. Army officials are worried that sophisticated hackers and other cybercriminals, including military adversaries, may soon have the ability to hack their way into and take control of major military weapon systems such as tanks and ships.
Speaking this month at the annual Army Directors of Information Management Conference in Houston, Army Maj. Sheryl French, a program manager responsible for the Army's Information Assurance Architecture for the Digitized Force, said the potential exists for hackers to infiltrate the computer systems used in tanks and other armored vehicles. Unlike in the past, today's modern tanks and ships are almost entirely dependent on computers, software and data communications links for functions such as navigation, targeting and command and control.
Although the Pentagon has always had computer security issues to deal with, "we've never had computers" in tanks and armored personnel carriers before, said French, pointing to a picture of an M-1 Abrams Main Battle Tank.
In fact, the U.S. Department of Defense has already tested and proven that hackers have the ability to infiltrate the command and control systems of major weapons, including Navy warships. According to a training CD-ROM on information assurance, published by the Defense Information Systems Agency, an Air Force officer sitting in a hotel room in Boston used a laptop computer to hack into a Navy ship at sea and implant false navigation data into the ship's steering system.
"Yes, this actually happened," the CD-ROM instructs military personnel taking the course. "Fortunately, this was only a controlled test to see what could be done. In reality, the type of crime and its objective is limited only by people's imagination and ability."
John Pike, a defense and intelligence analyst with the Federation of American Scientists, said that although there are well-known security gaps in the commercial systems that the Army plans to use on the battlefield, hacking into tanks and other weapons may prove to be too difficult for an enemy engaged in battle.
"The problem for the enemy is that computer security vulnerabilities will almost certainly prove fleeting and unpredictable," said Pike, adding that such tactics would be nearly impossible to employ beyond the random harassment level.