How to Hack and Not Hack a Missile
With a shortage of good options on the table for dealing with North Korea’s strategic weapons, there is an understandable temptation to look for unconventional alternatives. So-called “cyberwarfare” is definitely unconventional and the appeal is obvious. Whether one wants to meddle in an election, stop an offensive movie release or derail a weapons program, cyberattacks involve no politically embarrassing dead bodies on either side, carry little risk and are eminently deniable. But cyberwarfare is a long game, and a secret one. Victories will not take the form of spectacular explosions on the launch pad, and we will need to look for more subtle indications of success.
Victory may not be possible at all. Cyberwarfare is only effective against cybernetic targets; North Korea makes only limited and selective use of computers, and when they do, they use custom operating systems designed with a paranoid concern for security. The North maintains a cadre of extremely skilled cyberwarriors, most of whom are likely playing defense. The exploits that enable skilled adversaries to readily subvert the relatively open networks of the Western democracies will be of little use north of the DMZ. Finding the narrow vulnerabilities that may exist in North Korea’s systems, developing the tools to exploit them, and infiltrating Northern networks while remaining concealed from Pyongyang’s security services, is going to be an exceedingly tedious process. Undoubtedly, the NSA, CIA and others have been working on this for many years, but it will take them longer to tap Kim Jong Un’s phone than it did for Angela Merkel’s, and some targets will remain forever beyond reach.
Ballistic missiles may be among them. A ballistic missile is literally and figuratively airgapped to an extreme degree—that is, thoroughly insulated from any attacker. The only connection to the outside world is a hardwired connection to a secure launch control center; however, once a launch is initiated, even that narrow path is severed. Even within the missile, and particularly the 1960s-style ballistic missiles favored by North Korea, there will be very little in the way of digital electronics with programmable software. Engines, warheads and the like will probably use hardwired, analog controllers. The guidance system might also be hardwired except for the details of the trajectory to be flown. One potential vulnerability, though, is North Korea’s known use of foreign commercial electronics components in the guidance control systems of their space launch vehicles, and presumably its more advanced missiles as well. Commercial generally means insecure when it comes to electronics, so it may be possible to find or create vulnerabilities in these components, effectively hacking the missile before it is even built. That is, if we can determine exactly which components are being used, and how, and find a path to them through North Korea’s sparse and secure networks. And that’s just too many “ifs” to be at all confident of success.
A successful attack, then, will likely be aimed at something other than the missile itself. Note that the highly-publicized “Stuxnet” attack did not target Iran’s (probably nonexistent) nuclear weapons, but the uranium enrichment facility that would be used to manufacture them. North Korea positively brags about its computer-controlled milling machines; these can, in principle, be hacked to produce parts that aren’t exactly what the designer intended. Ovens used to temper and anneal alloys might also be computer-controlled, and subtle changes to the temperature profile can lead to parts that are visually perfect but will fail under load. There are numerous possibilities, and while most will not be practical to exploit, perhaps some will be vulnerable. North Korea’s factories might, perhaps, be “hacked” to produce defective missiles.
Another possibility would be to attack the test program. Missile trajectories can be planned by pencil-and-paper calculation, but this is sufficiently tedious and imprecise that North Korea’s engineers are almost certainly allowed foreign-built computers for this purpose. Deciphering telemetry and analyzing the results of a test is also best done by a programmable computer. If every successful test is misinterpreted as a failure, if every test that results in excessive vibration or impacts twenty miles off course is falsely reported as a success, North Korea’s engineers may be induced to develop a missile precisely calibrated to deliver damaged warheads far from their targets.
There is evidence that US military and intelligence agencies are hard at work trying to exploit possibilities like these; possibly South Korea and Japan have similar programs. What we do not know is how much they have accomplished. Even if they have not yet succeeded, they may well do so in the future. What might that look like?
An attack on the manufacturing process will most likely result in defective components that fail even in ground testing. We would likely never know about this, except to wonder why the ground test phase is taking so long. Interestingly, North Korea’s KN-08 ICBM was first seen in mock-up form in 2012, but there was not a single successful ground test until last year. That may not be the result of a cyberattack, but it is at least what a cyberattack would look like. It would be preferable if the failures occurred in flight, and ideally late in flight, leaving the defective hardware out of reach of North Korean investigators. But this cannot be accomplished reliably—defects subtle enough to survive ground testing would cause some missiles to fail but leave others to complete their mission successfully. And, with properly realistic testing, some failures will still occur on the ground, leaving the North Korean engineers to connect the failed parts with the machines that built them. Such an attack can delay North Korea’s acquisition of advanced ballistic missiles, but will not prevent it in the long run.
Attacks on the test process might be more subtle. At the gross level, it might be possible to induce test launches to veer off course and maybe break up in flight. But the ideal outcome, as alluded to earlier, would be for North Korea to believe that its missiles have passed all tests when they instead harbor some defect that will prove crippling in operation. Such a deception cannot be maintained forever; the North will eventually reach the point of highly realistic operational tests. But, while it lasts, the results will necessarily appear to us as they are made to appear to Pyongyang, as a successful test series.
What we would not expect to see, from any plausible cyberattack, would be missiles exploding on the launch pad. The parts of the missile with the potential to explode, are most likely not controlled by software. And if we could somehow tailor built-in defects in the hardware that precisely, we wouldn’t want to. If the missile explodes within sight of North Korean engineers and cameras, they’ll have too many clues as to what went wrong. Similarly, while there are plausible attacks that could result in a defective guidance system or an improperly-calculated trajectory, anyone delivering such an attack would prefer the error be small enough that the missile is well out of sight before it goes visibly off course.
If we are seeing North Korean missiles fail very early in flight, as has been the case in two recent incidents, we should probably be looking for something other than a cyberattack. And we don’t have to look far. Consider the Vanguard rocket, intended to be America’s first satellite launch vehicle, which on its first flight ascended four feet, fell back to the launch pad and exploded—and then exploded six more times in seven launches over the course of a year. The first Atlas ICBM reached 10,000 feet before tumbling and exploding in mid-air. The next six flights suffered four more failures, though at least some of those flew far enough that the explosions weren’t visible to the crowds of spectators. The Titan ICBM, intended as a counter to Atlas’s unreliability, destroyed the launch pad on its first two tests, succeeded on the third, and then went on to a string of downrange failures.
This is literally rocket science. It is the epitome of a hard problem. And it becomes even harder when political pressure demands more than the hardware can yet deliver, then tries to wash away the embarrassment of failure by demanding an immediate retest without allowing time to investigate the original failure. We didn’t need cyberattacks to cause North Korea’s Musudan missile to fail in seven out of eight tests last year, and we don’t need cyberattacks for two conspicuous failures this year. Kim Jong Un will happily deliver those failures for us, just like we did for ourselves with Vanguard and Atlas and Titan, by imagining successful rocket tests can be conjured out of political dictates rather than tedious engineering. The young Kim’s father was generally more patient about this sort of thing.
But eventually, North Korean engineers probably will get this right no matter who is calling the shots. Cyberwarfare might slow that process down and it may already be slowing that process down, without our knowing about it. If so, we shouldn’t expect it to buy us more than a few years. And any cyberwarriors responsible should expect to wait decades before receiving their deserved acclaim. That’s the price for playing the long game and playing to win.