Saturday, July 9, 2016

My Early Days in Cyber Warfare

I was prompted to write this blog by the release of a new movie, Zero Days, about the US cyber warfare strategy against Iran's nuclear weapons program.

In 1989, I resigned from the Air Force as a C4I officer (Command, Control, Communications, Computers and Intelligence). My specialty in the Air Force was nuclear warfare planning and execution. I was also an airborne nuclear launch control officer; one of a handful of officers selected to fly aboard the Operation Looking Glass airborne command post with the responsibility to "turn keys" and launch all 1,000 Air Force nuclear intercontinental ballistic missiles (ICBM), as well as disseminate coded Presidential orders to launch nuclear armed submarines and bombers. Little known fact: We held all the same codes that the President carries in the "football" and had the ability to issue those launch codes and orders without the approval of the President.

After the Air Force, I took a job with TRW, working for Ron Gault. Ron had a deep background in nuclear weapons surety-- the combined expertise of security and safety, as described in this Department of Defense Directive. He hired me because of my background in nuclear weapons C4I. He had deep knowledge at the engineering level of the weapons-- the warheads, propellant, rocket motors, cryptography, guidance and targeting systems, etc. I had deep knowledge at the national command and control level. Between the two of us, we knew more about the top-to-bottom operation of our US nuclear weapons than any two people in the world at the time. Ron is still in this business and is now known as "The Godfather" of nuclear surety.

We applied our knowledge of nuclear command and control in various ways, working for TRW, the Air Force, Navy, Army, and National Security Agency. In particular, we specialized in very formal and sophisticated risk and threat analysis associated with our US nuclear weapons, making sure that they could only be used as authorized and intended, protecting them from both deliberate hostilities from enemies and terrorists, as well as accidental misuse by US military and civilian personnel. We were responsible for identifying and exploiting any and all vulnerabilities in the US nuclear command and control system, from the President to the warheads. We would dream up every imaginable threat scenario, then try to model it, probabilistically. For some of the more outlandish scenarios, we would collaborate with the national labs, such as Sandia and Los Alamos, to build the technology and implement the scenario. The code words to describe the nuclear incident scenarios that we were most concerned with were Pinnacle, Bent Spear, Broken Arrow, NUCFLASH, and Empty Quiver.

Under the Nunn-Lugar Cooperative Threat Reduction Program, our US-based work eventually led to the same sort of threat analysis but this time applied to the nuclear weapons that were associated with the former Soviet Union. After the collapse of the Soviet political system, so followed the collapse of the military command and control structure of their nuclear weapons, especially those weapons that were stored outside the boundaries of Russia in what are now known as the former Soviet bloc. Virtually every US-hostile country and terrorist group in the world were highly motivated to exploit this breakdown in Soviet nuclear weapons' control. Those hostile forces were literally racing the US to get their hands on those weapons and technology before we did. Under Project Sapphire and other related operations, we won the race.

Those enemies of the US have never stopped their attempts at acquiring a nuclear weapon. Sooner or later, those enemies, particularly terrorists, will likely succeed, but not by stealing a weapon or building one. I believe they will acquire a nuclear capability through a state-sponsored third party such as North Korea, Iran, or possibly Pakistan. In this scenario, a terrorist organization will negotiate with one of these nation states that possess a nuclear weapon who is also hostile to the US, or western society in general. Neither North Korea nor Iran will ever use a nuclear weapon directly against the US or a US ally because they know that it would mean the end of their country. They will collude with a terrorist organization that has no nation state, and cannot be directly targeted for retribution by the US.

In the mid-1990s, our threat analyses identified numerous opportunities for hostile nations and ideologies to utilize commercial-off-the-shelf (COTS) software and hardware as a medium for attacking our nuclear command and control system. Commercial software-- such as Windows, Unix, and DOS-- and commercial CPU chips and memory were making their way into the periphery of US weapons systems, including our nuclear command and control. Many of those chips were being manufactured overseas where enemy states and actors could easily insert malicious code into the firmware. We proposed to TRW that we initiate a formal research and development (R&D) program into this growing threat, and it was approved and funded.

Fast forward to 2010 and the Stuxnet virus that targeted Iran's nuclear centrifuges by inserting malware in commercial-off-the-shelf industrial control systems, which was a component of a larger cyber warfare strategy against Iran known as Operation Olympic Games, as portrayed in the documentary, Zero Days.

Ron and I, and our team, were the first on the scene of cyber warfare that exploited COTS software and hardware. It was easy to see then, that this would become a new battleground-- why drop bombs or take more overt measures when you can do much more damage through commercial software to an enemy state, with no attribution to your forces?

As a career, healthcare has been rewarding, but not nearly as interesting or rewarding as working with Ron during this time. I often find myself wanting to return to this line of work, but, of course, it has its downsides and dangers. My 2-year old daughter, Anna, and 6-month old son, Luke, keep me grounded in reality. They more than fill the gap of reward and fulfillment.

1 comment:

Paveway Mk IV said...

I was searching for "EMPTY QUIVER" on Google and found a link to your blog. I was interested because of the recent events at Incirlik - not an Empty Quiver event, but it does bring up the (remotest) possibility. That is, if we have any vaulted there - I see the U.S. still does not say either way, which is probably a good thing. I'm sure I'm on some list now for Googling that term. Oh well...

Interesting blog!

The Death of Risk, Adventure, and Accountability in Our Lives

This article , entitled, "23 Dangerous Things You Should Let Your Kids Do", prompted me to pause and think. Here are the 23 things...