[Infowarrior] - Old Trick Threatens the Newest Weapons

Richard Forno rforno at infowarrior.org
Tue Oct 27 02:04:12 UTC 2009 

October 27, 2009
Cyberwar
Old Trick Threatens the Newest Weapons
By JOHN MARKOFF
http://www.nytimes.com/2009/10/27/science/27trojan.html?hpw=&pagewanted=print

Despite a six-year effort to build trusted computer chips for military  
systems, the Pentagon now manufactures in secure facilities run by  
American companies only about 2 percent of the more than $3.5 billion  
of integrated circuits bought annually for use in military gear.

That shortfall is viewed with concern by current and former United  
States military and intelligence agency executives who argue that the  
menace of so-called Trojan horses hidden in equipment circuitry is  
among the most severe threats the nation faces in the event of a war  
in which communications and weaponry rely on computer technology.

As advanced systems like aircraft, missiles and radars have become  
dependent on their computing capabilities, the specter of subversion  
causing weapons to fail in times of crisis, or secretly corrupting  
crucial data, has come to haunt military planners. The problem has  
grown more severe as most American semiconductor manufacturing plants  
have moved offshore.

Only one-fifth of all computer chips are now made in the United  
States, and just one-quarter of the chips based on the most advanced  
technologies are built here, I.B.M. executives say. That has led the  
Pentagon and the National Security Agency to expand significantly the  
number of American plants authorized to manufacture chips for the  
Pentagon’s Trusted Foundry program.

Despite the increases, semiconductor industry executives and Pentagon  
officials say, the United States lacks the ability to fulfill the  
capacity requirements needed to manufacture computer chips for  
classified systems.

“The department is aware that there are risks to using commercial  
technology in general and that there are greater risks to using  
globally sourced technology,” said Robert Lentz, who before his  
retirement last month was in charge of the Trusted Foundry program as  
the deputy assistant defense secretary for cyber, identity and  
information assurance.

Counterfeit computer hardware, largely manufactured in Asian  
factories, is viewed as a significant problem by private corporations  
and military planners. A recent White House review noted that there  
had been several “unambiguous, deliberate subversions” of computer  
hardware.

“These are not hypothetical threats,” the report’s author, Melissa  
Hathaway, said in an e-mail message. “We have witnessed countless  
intrusions that have allowed criminals to steal hundreds of millions  
of dollars and allowed nation-states and others to steal intellectual  
property and sensitive military information.”

Ms. Hathaway declined to offer specifics.

Cyberwarfare analysts argue that while most computer security efforts  
have until now been focused on software, tampering with hardware  
circuitry may ultimately be an equally dangerous threat. That is  
because modern computer chips routinely comprise hundreds of millions,  
or even billions, of transistors. The increasing complexity means that  
subtle modifications in manufacturing or in the design of chips will  
be virtually impossible to detect.

“Compromised hardware is, almost literally, a time bomb, because the  
corruption occurs well before the attack,” Wesley K. Clark, a retired  
Army general, wrote in an article in Foreign Affairs magazine that  
warns of the risks the nation faces from insecure computer hardware.

“Maliciously tampered integrated circuits cannot be patched,” General  
Clark wrote. “They are the ultimate sleeper cell.”

Indeed, in cyberwarfare, the most ancient strategy is also the most  
modern.

Internet software programs known as Trojan horses have become a tool  
of choice for computer criminals who sneak malicious software into  
computers by putting it in seemingly innocuous programs. They then  
pilfer information and transform Internet-connected PCs into slave  
machines. With hardware, the strategy is an even more subtle form of  
sabotage, building a chip with a hidden flaw or a means for  
adversaries to make it crash when wanted.

Pentagon executives defend the manufacturing strategy, which is  
largely based on a 10-year contract with a secure I.B.M. chipmaking  
plant in Burlington, Vt., reported to be valued as high as $600  
million, and a certification process that has been extended to 28  
American chipmakers and related technology firms.

“The department has a comprehensive risk-management strategy that  
addresses a variety of risks in different ways,” said Mitchell  
Komaroff, the director of a Pentagon program intended to develop a  
strategy to minimize national security risks in the face of the  
computer industry’s globalization.

Mr. Komaroff pointed to advanced chip technologies that made it  
possible to buy standard hardware components that could be securely  
programmed after they were acquired.

But as military planners have come to view cyberspace as an impending  
battlefield, American intelligence agency experts said, all sides are  
arming themselves with the ability to create hardware Trojan horses  
and to hide them deep inside the circuitry of computer hardware and  
electronic devices to facilitate military attacks.

In the future, and possibly already hidden in existing weapons,  
clandestine additions to electronic circuitry could open secret back  
doors that would let the makers in when the users were depending on  
the technology to function. Hidden kill switches could be included to  
make it possible to disable computer-controlled military equipment  
from a distance. Such switches could be used by an adversary or as a  
safeguard if the technology fell into enemy hands.

A Trojan horse kill switch may already have been used. A 2007 Israeli  
Air Force attack on a suspected partly constructed Syrian nuclear  
reactor led to speculation about why the Syrian air defense system did  
not respond to the Israeli aircraft. Accounts of the event initially  
indicated that sophisticated jamming technology was used to blind the  
radars. Last December, however, a report in an American technical  
publication, IEEE Spectrum, cited a European industry source in  
raising the possibility that the Israelis might have used a built-in  
kill switch to shut down the radars.

Separately, an American semiconductor industry executive said in an  
interview that he had direct knowledge of the operation and that the  
technology for disabling the radars was supplied by Americans to the  
Israeli electronic intelligence agency, Unit 8200.

The disabling technology was given informally but with the knowledge  
of the American government, said the executive, who spoke on the  
condition of anonymity. His claim could not be independently verified,  
and American military, intelligence and contractors with classified  
clearance declined to discuss the attack.

The United States has used a variety of Trojan horses, according to  
various sources.

In 2004, Thomas C. Reed, an Air Force secretary in the Reagan  
administration, wrote that the United States had successfully inserted  
a software Trojan horse into computing equipment that the Soviet Union  
had bought from Canadian suppliers. Used to control a Trans-Siberian  
gas pipeline, the doctored software failed, leading to a spectacular  
explosion in 1982.

Crypto AG, a Swiss maker of cryptographic equipment, was the subject  
of intense international speculation during the 1980s when, after the  
Reagan administration took diplomatic actions in Iran and Libya, it  
was widely reported in the European press that the National Security  
Agency had access to a hardware back door in the company’s encryption  
machines that made it possible to read electronic messages transmitted  
by many governments.

According to a former federal prosecutor, who declined to be  
identified because of his involvement in the operation, during the  
early ’80s the Justice Department, with the assistance of an American  
intelligence agency, also modified the hardware of a Digital Equipment  
Corporation computer to ensure that the machine — being shipped  
through Canada to Russia — would work erratically and could be  
disabled remotely.

The American government began making a concerted effort to protect  
against hardware tampering in 2003, when Deputy Defense Secretary Paul  
D. Wolfowitz circulated a memorandum calling on the military to ensure  
the economic viability of domestic chipmakers.

In 2005, the Defense Science Advisory Board issued a report warning of  
the risks of foreign-made computer chips and calling on the Defense  
Department to create a policy intended to stem the erosion of American  
semiconductor manufacturing capacity.

Former Pentagon officials said the United States had not yet  
adequately addressed the problem.

“The more we looked at this problem the more concerned we were,” said  
Linton Wells II, formerly the principal deputy assistant defense  
secretary for networks and information integration. “Frankly, we have  
no systematic process for addressing these problems.”

More information about the Infowarrior mailing list