Asia Pacific | ANALYSIS

Series of U.S. warship collisions raise fears of cyberattacks on military

Some experts doubt human error four times in a row; others call GPS hack unlikely

AFP-JIJI

A spate of incidents involving U.S. warships in Asia, including a deadly collision early Monday off Singapore, has forced the U.S. Navy to consider whether cyberattackers might be to blame.

While some experts believe that being able to engineer such a collision would be unlikely, given the security systems of the U.S. Navy and the logistics of having two ships converge, others say that putting the recent incidents down to human error and coincidence is an equally unsatisfactory explanation.

The USS John S. McCain collided with a tanker as the warship was on its way for a routine stop in the city-state, tearing a huge hole in the hull and leaving 10 sailors missing and five injured.

The chief of U.S. naval operations, Adm. John Richardson, said on Monday he could not rule out some kind of outside interference or a cyberattack being behind the latest collision, but said he did not want to prejudge the inquiry. His broader remarks suggested a focus on “how we do business on the bridge.”

In June, the USS Fitzgerald and a Philippine-flagged cargo ship smashed into each other off the Izu Peninsula, south of Tokyo, leaving seven sailors dead and leading to several officers being disciplined.

There were also two more, lesser-known incidents this year. In January, the USS Antietam ran aground near its base in Japan, and in May, the USS Lake Champlain collided with a South Korean fishing vessel. Neither caused any injury.

Adm. Scott Swift, commander of the U.S. Pacific Fleet, has refused to rule out sabotage in Monday’s incident, saying all possibilities are being examined.

Analysts are divided on the issue, with some believing U.S. crews may simply be overstretched in tackling the myriad threats in the region. They point to the difficulties of sailing through waterways crowded with merchant shipping.

But others believe something more sinister may be going on.

Itar Glick, head of the Israel-based international cybersecurity firm Votiro, said the spate of incidents suggested that U.S. Navy ships’ GPS systems could have been tampered with by hackers, causing them to miscalculate their positions.

“I think that hackers could try to do this, and if they are state-sponsored they might have the right resources to facilitate this kind of attack,” he said.

Glick, who says he used to work on cybersecurity for Israeli intelligence, said that China and North Korea would be the most likely culprits.

Tensions are running high between North Korea and Washington as Pyongyang makes strides in its weapons program, conducting two successful intercontinental ballistic missile test-launches in July.

Pyongyang has also been blamed for recent cyberattacks, including the 2014 hack of Sony Pictures and the theft of millions of dollars from Bangladesh’s central bank.

The U.S. has repeatedly accused China of carrying out cyberattacks on American companies, particularly to steal intellectual property.

Beijing denies this and says it is also the victim of such attacks.

Glick pointed to a recent incident in June of apparent large-scale GPS interference in the Black Sea to illustrate that such disruptions are possible.

The interference — known as “spoofing,” which disrupts GPS signals so ships’ instruments show inaccurate locations — caused some 20 vessels to have their signals disrupted, according to reports.

Jeffery Stutzman, chief of intelligence operations for the U.S.-based cybersecurity firm Wapack Labs, said he thought the possibility of a cyberattack being behind the latest incident was “entirely possible.”

“I would be very doubtful that it was human error four times in a row,” he said, referring to the four recent incidents.

Still, other observers believe such a scenario to be unlikely.

Zachary Fryer-Biggs, from the defense consultancy Jane’s by IHS Markit, said that even if something went wrong with the GPS system of a ship, other safety mechanisms should stop it from crashing, such as having people on watch.

“The collision only occurs if several other safety mechanisms fail,” he said.

Daniel Paul Goetz, from the U.S.-headquartered cybersecurity firm Lantium, added that causing a collision would be complicated, as it would involve knowing the exact location, speed and bearing of both ships involved.

Goetz, whose background is in U.S. military intelligence, also pointed to the level of technology used to protect the navy from such threats.

“The U.S. military uses a GPS system that is highly secured, highly encrypted — the chances that somebody could take over a U.S. military ship is very close to zero,” he said.