Can the F-35 -- the US Military's New Jet Fighter -- Be Hacked?
June 3, 2014
David Martin / Sixty Minutes & Sydney J. Freedberg Jr. / Breaking Defense
A computer named ALIS is the brain of the US military's controversial new F-35 jet fighter. Is she vulnerable to cyber attack? The F-35 is the Pentagon's newest warplane and its most expensive weapons system ever. The helmet of the F-35 is part of a complex, computer-driven system that will give US fighter pilots a whole new level of capabilities when the plane enters the American fleet in the coming years. But ALIS has a potential problem -- security.
Watch the above video feature to learn more about ALIS from correspondent David Martin and his sources in the US military.
Can the US Military's New Jet Fighter Be Hacked?
David Martin: Sixty Minutes / CBS
(June 1, 2014) -- A computer named ALIS is the brain of the US military's controversial new F-35 jet fighter. Is she vulnerable to cyber attack?
This week on 60 Minutes, correspondent David Martin tried on the $500,000 helmet designed for the new and controversial F-35 jet fighter.
The F-35 is the Pentagon's newest warplane and its most expensive weapons system ever. The helmet of the F-35 is what this this plane is all about, says Martin. It's part of a complex, computer-driven system that will give US fighter pilots a whole new level of capabilities when the plane enters the American fleet in the coming years.
Lt. General Chris Bogden, the man in charge of the new F-35 Joint Strike Fighter, describes the helmet as "what you see in a 'Star Wars' movie."
As David Martin reports in the above video, the F-35 and her sophisticated helmet is run by a computer named "ALIS."
"She looks basically like a laptop computer, and the pilot carries it out to the plane and sticks it in a slot right next to him in the cockpit. That contains all the information about the mission he's gonna fly," says Martin. "The servers which run all of this software take up a room about the size of a shipping container."
Alan Norman, the chief F-35 test pilot for Lockheed Martin compared ALIS to R2-D2, the droid that helped Luke Skywalker fly the X-wing fighter in "Star Wars": "Right now, to me, this is the ultimate in human-machine interaction," Norman said.
But ALIS has some problems, such as her resistance to human overrides (think Hal from "2001: A Space Odyssey"). The other potential problem is security.
"This is a juicy, juicy target for a hacker," says Martin. "If your adversary can hack into all that software that's running [the mission], then they've essentially defeated the plane." All without firing a bullet.
Top Official Admits F-35 Stealth Fighter Secrets Stolen
Sydney J. Freedberg Jr. / Breaking Defense
(June 20, 2013) -- Yesterday, at a subcommittee hearing attended by just half a dozen Senators, the Pentagon's top weapons buyer made a blunt admission: The military's most expensive program, the stealthy F-35 Joint Strike Fighter, has been hacked and the stolen data used by America's adversaries.
Under Secretary Frank Kendall didn't say by whom, but the answer is almost certainly China, a cyber superpower whose People's Liberation Army Air Force has recently rolled out some suspiciously sophisticated stealth fighter prototypes of its own. The Russians also have skilled hackers and "5th Generation" stealth jet programs, but they're not suspected of such direct copying, at least not yet.
"I'm confident the classified material is well protected, but I'm not at all confident that our unclassified information is as well-protected," said Kendall, the Under Secretary for Acquisition, Technology, and Logistics. "It's a major problem for us . . . What it does is reduce the costs and lead time of our adversaries to doing their own designs, so it gives away a substantial advantage."
The bad news isn't new news: That someone had hacked F-35 subcontractor BAE Systems was first reported six years ago, and just this February Washington Post reporter Ellen Nakashima obtained leaked information naming the Chinese as having compromised not just the F-35 but two dozen other weapons program. Administration officials have been publicly pressuring China to rein in its hacking. But it's still remarkable that such a senior official would so bluntly admit that US interests have been so directly harmed.
So what does this mean for a future conflict? The nightmare -- raised by a recent Defense Science Board report – is what you might call the Battlestar Galactica scenario: Our fighters close in on the enemy, the bad guys push a button, and all our systems shut down, crippled by cyber-attacks via "back doors" previous hacks created in the security software.
In this case, thankfully, that seems unlikely. Kendall made clear that classified data has remained secure (so far, we think): It's unclassified data in contractors' computers that has been stolen, not the military's secret codes.
Nor do we have a Death Star scenario, where the enemy has stolen the "secret plans" that show them how to blow up our weapons with a single well-placed shot. (Note that in this scenario Luke Skywalker is Chinese.
Certainly many Chinese see themselves as the plucky farm boys, trained in mystic martial arts, up against a technologically superior empire). No one has stolen the complete blueprints to the F-35, which are in fact servers full of digital design data you could never fit into a single blue-and-white droid.
That said, the information that China and maybe Russia have stolen will make it easier to design counter-measures to our weapons, improving their chances to hack, jam, or just plain shoot down American aircraft. Even if we don't expect to fight the Chinese or the Russians -- we certainly hope we won't, not least because they have nuclear weapons -- they have a nasty habit of selling advanced weapons to people we are likely to fight, like Iran.
And in some ways what they've stolen is worse than stealing "secret plans": They've stolen data on how US and allied arms manufacturers make advanced weapons systems. So instead of having to just copy our stuff, they have a leg up on learning how to design equivalent systems on their own.
This industrial espionage problem goes far beyond armsmakers. Indeed, the value of what's been stolen from the defense industry is just a tiny fraction of the intellectual property stolen from commercial business in what the man who heads both National Security Agency and US Cyber Command, Gen. Keith Alexander, has called "the greatest transfer of wealth in history."
In the commercial sector, however, at least the Chinese have to break into a lot of different baskets before they steal all our eggs: There are countless companies, each with its own innovations and jealously (if not effectively) guarded intellectual property. Not so in the defense sector.
As defense budgets have shrunk since the end of the Cold War while defense programs became ever more bank-breakingly expensive, the industry responded by merging many competing companies into a handful, and the Pentagon responded by cancelling or consolidating competing programs.
The great example of this all-eggs-in-one-basket approach was the F-35. Of the three companies that originally competed for the Joint Strike Fighter program, one, McDonnell Douglas, went out of business after it lost, while the other losing bidder, Boeing, has basically stopped working on new fighters. (Boeing, of course, remains a big player in both commercial airliners and military transports, and it still builds many fighter of older designs).
The very name of the Joint Srike Fighter refers to how it consolidated separate Air Force, Navy, and Marine Corps development programs into a single "joint" mega-project.
Building one plane to meet the needs of three armed services turned out to be much harder than the Pentagon had hoped. In the past, by contrast, each service largely developed its own equipment and, while often inefficient, it was at least possible for a service whose programs were struggling or inferior to (grudgingly) buy a better weapon originally built for another, as when the Air Force bought the Navy F-4 Phantom fighter for Vietnam.
But having gotten rid of all the alternatives in the name of efficiency and cost savings, we have no choice but stick with the F-35, despite its inefficiencies and cost overruns -- what Under Secretary Kendall has called "acquisition malpractice" -- if we want to stay in the stealth fighter business.
And with all our eggs in one basket, an enemy who hacks into a single weapons program will have dangerous insights into the majority of our future fighter fleet.
Posted in accordance with Title 17, Section 107, US Code, for noncommercial, educational purposes.