Earlier this week, a troubling German media report surfaced stating that German Patriot air and missile defense systems carried out “unexplained” commands allegedly issued by unknown hackers. The report, which has been rebutted by the government, claims hackers may have compromised the U.S.-owned missile silos, which are stationed at German Bundeswehr armed forces at the Turkish border with Syria.
According to computer hacker Robert Jonathan Schifreen,
“These systems are not linked to public networks, they require special codes to fire the missile, which only a certain number of people have, and you generally need the code from two or three people to fire it, or to do anything that is of significance…..I don’t think it’s actually happened, which is not to say that some of these systems are not hackable in some way. It is possible in some way perhaps to detect the presence of it, but anything more than that is going to take some serious skills.”
According to a different report, these skills may have been utilized after all. German site thelocal.de confirmed that the incident exposed two weak spots in military systems: Sensor-Shooter-Interoperability (SSI)—the interface between the missile launcher and its control system—and a computer chip responsible for guiding the missile.
While the German government jumped out in front of the report, calling the hacker claim “extremely unlikely,” they stopped short of denying it altogether. While the missiles are not connected to online networks, it is possible to imagine modifying the system for a backdoor software upgrade, making it a “smart weapon [that] can transmit data to and from other places,” according to security researcher Billy Rios.
Computerworld.com discussed the increasing likelihood of remotely hackable systems and how this could extend to missile systems:
“As uncomfortable as it is to think about missiles being hijacked and rained down on an attacker’s target of choice, it is possible to remotely take control of drones and then supposedly use the hijacked drones as missiles, GPS can be spoofed to steer an $80 million yacht off course, ship tracking systems can be attacked and hijacked, airline ground computer systems can be hacked,“ghost” planes can be injected into radar, an airplane can be hacked to cause it to climb and planes can supposedly be remotely attacked and hijacked by using an Android phone. So why not missile batteries too?”
Even if hackers did momentarily seize the German Patriot missile system—or tried and failed—it is unlikely the public would be informed of it. While the U.S. government has disclosed China’s cyberespionage efforts in recent years, governments are typically unwilling to admit that their weapons systems are vulnerable to hackers.