There has been a recent wave of high-sea collisions in the Asia-Pacific involving U.S. naval vessels – most notably the USS Fitzgerald and USS John S. McCain, which together have resulted in the loss of more U.S. military personnel then in Afghanistan so far this year. The incidents, both involving U.S. Navy destroyers within the Seventh Fleet, occurred in high traffic areas and are being investigated by the Navy.
The Cipher Brief’s Levi Maxey spoke with Admiral Jonathan Greenert, the former U.S. Navy Chief of Naval Operations who also served as Commander of the Seventh Fleet in the Asia-Pacific, about what could have caused these collisions and whether there is a possibility that the incidents could be the result of hostile action taken through cyberspace.
The Cipher Brief: How common are these collisions, and what are often the reasons behind them?
Adm. Jonathan Greenert: Collisions are rare but they do happen. What I mean by that is that some small number occur annually, though not necessarily in the western Pacific. The two areas where the Fitzgerald and McCain collisions took place are probably two of the busiest waterways that I can think of. They are right outside of Tokyo and of course right outside of the Strait of Malacca. The weather in both places can change suddenly, in particular down off of Malacca, where frequently at this time of year Indonesia is burning brush and rubber trees and getting rid of shrubs. Combine that, with low trade winds you get a real smog effect – its hazy down there at all times of day right near the equator. If you try steaming in around sunrise or sunset, it just all exacerbates. So its complicated, but that is not meant to be an excuse. What I am trying to tell you is that these things happen from time to time, and these particular areas are complicated.
Usually when you have a collision, it is a mistake, not a failure of a system. It could be someone not necessarily complying with the rules of the road and turning suddenly, not indicating or recognizing a signal, making a turn and proceeding on, and then you have essentially a traffic accident. Somebody is usually at fault, generally every time. And it is usually due to some lack of compliance.
TCB: What are some of the strategic threats that might be in those areas? Are there pirates or anyone who would wish to do harm to U.S. naval vessels without necessarily risking escalation, including nation-states?
Greenert: First, with the area of the USS John McCain collision, that is what we would call a maritime crossroad. There are about seven key maritime crossroads around the world where the vast majority of the economic production travels – known as sea lines of communication, where trillions of dollars of material pass through. They are very heavily regulated. Singapore – in cooperation with Malaysia and Indonesia – very closely monitors traffic coming in and out of there.
There was a time when piracy was a concern in that area, but generally further in the Strait of Malacca near the northwest of Singapore. But when you say strategically a nation-state interfering with traffic in and out of there, that would be rare, and there would be international reaction that would be swift and very deliberate. Any of the major nation-states of the world – and minor actually – really depend on the Strait of Malacca for energy, food, and materials for a whole host of things.
TCB: Is there a possibility that hackers are able to breach the systems of naval or commercial vessels that then lead to collisions? Where are the cyber vulnerabilities of these ships?
Greenert: Any ship, aircraft, or just about anything that receives updates using the electromagnetic spectrum, such as through WiFi, is vulnerable. If this is encrypted, then what is passed in will undergo a process and it will be protected. But that is expensive, and many companies put systems in and they say they will provide updates to the system periodically, and they will do this through electromagnetic radiation (EMR). If that is not encrypted, you are vulnerable to somebody going into that system with malware. If it is encrypted, then you aren’t.
So let’s take GPS. There is military GPS, which is encrypted, so therefore one would submit that breaches are unlikely. But then there is commercial GPS, which of course is vulnerable, and that is pretty well documented. But then there is a whole host of other things, from your air conditioning systems, breaker control, engine control, and steering control that commercial systems, if put on a military ship and left encrypted, it would be more likely vulnerable to malware that could corrupt it, though not necessarily take control of it.
Whether you can attribute that to a person, nation-state, or otherwise is uncertain. Ultimately, there are a host of things that could be vulnerable, but it is quite complicated to pull a cyber attack off. Even if you do breach a system, taking control of it is a fairly far-reaching and sophisticated move. But inserting malware to corrupt it is perhaps more feasible.
TCB: How could cyber capabilities be strategically used against naval vessels? How is this different in times of war versus peacetime?
Greenert: It could be corrupting systems like we have seen the corruption of other networks or databases, causing you to lose confidence in it. So if somehow you questioned your steering or engine control – just the mere ability to start your gas turbine engines or your electrical circuit breakers – then that adds an element of a lack of confidence. That is very disruptive if at any given time you are not sure what could happen.
The Navy has collectively spent quite a bit of time working on cyber intrusion prevention and that is appropriate. But one needs to keep in mind that anything using electromagnetic radiation, or WiFi – from garage door openers to TVs – can be remotely interrupted. All of that is feasible.
The adversary’s strategic key would be to insert a lack of confidence in our own systems, as opposed to taking control of something and flying an airplane into the ground or steering a ship into another vessel. Ships often have backup systems, so they would have to corrupt a primary system, a backup system, and maybe even a tertiary system. They would have to do all that simultaneously and for a period of time – precluding that platform allows for manual control, which most have for safety and landing. That would be a bit of a stretch in my opinion.
TCB: If the investigation comes out and shows that there was some level of intentional sabotage of the navigation systems by a foreign actor, what would the ramifications of that be?
Greenert: We ought to be clear, in the case of these accidents, they were not related, and the navigation systems would have little to nothing to do with colliding with another vessel. Where you are in the world is irrelevant to whether you crash into somebody. If you run aground because you were not where you thought you were – you were in shallow water – that could possibly be due to a navigation error, but these two incidents were not.
But, to your point, that would be a problem if someone could take control, and it could become a strategic issue. If you can attribute that, you have to think about whether this is hostile intent, a hostile action. The Russians have tried several times – with some being attributed to the Chinese – to insert doubt in certain networks, such as financial networks. Unclassified Defense Department and federal government networks have been breached, which has added some element of doubt in our ability to maintain those networks. In peacetime it is not unusual, and that was clearly done purposefully.
TCB: To clarify on the navigated point you mentioned earlier, the manipulation of electronic systems that show the speed and direction of an incoming vessel would not mislead crewmembers from avoiding a collision?
Greenert: No, it would mislead a crewmember, because they would determine, based on course and speed they see, that was your situation. But once they physically see you, then they would say that vessel should not be close to us, and would maneuver to avoid you. Once you get into visual sight and you realize that something is not right, you could take action to avoid collision. Your eyeballs are your sensors, and they don’t lie to you. At some point you take charge of the steering wheel regardless of whether you are on automated control or not.
If you are in the channel trying to compute courses and speeds of what amounts to tens and tens of vessels, it becomes unwieldy, and you get data overload. You then need to drive with your good sense and understanding of relative motion and using good seamanship.
TCB: What are some of the steps being taken to harden naval vessels from cyber intrusions?
Greenert: With the systems that we have, we encrypt traffic. We have also instituted celestial navigation as a primary discipline – all of our officers and enlisted navigation personnel will learn how to steer by the stars and planets. If we can see them, we use them, either with assistance, such as magnification, or with the naked eye. Nobody is going to be able to manipulate that. The ability to understand the typography so that we can do bottom navigation is also important. We are fine tuning those methods. We never fully moved away from them, but we are bringing those back in as a solid backup and foundation. If you think about it, it’s good sense.