Navy ‘Orion Hammer’ Investigation into USS John McCain Collision Has Turned Up No Evidence of Cyber Attack

August 25, 2017 4:05 PM - Updated: August 25, 2017 4:38 PM
Sailors assigned to the navigation department aboard the amphibious assault ship USS America (LHA-6) look on as the ship arrives in Singapore to provide support to the Arleigh Burke-class guided-missile destroyer USS John S. McCain (DDG-56). US Navy Photo

THE PENTAGON – A Navy investigation has turned up little evidence supporting the idea that USS John S. McCain (DDG-56) was a victim of a cyber attack, making it more likely that mechanical failure or crew error is to blame for the Aug. 21 collision between the destroyer and a chemical tanker.

Operation Orion Hammer, the Navy tasking to investigate potential cyber interference in the operation of the guided-missile destroyer, has not uncovered any indications that a cyber attack affected the ship’s control systems just prior to the crash, three Navy officials confirmed to USNI News on Thursday. McCain reportedly lost control of its steering just moments before the collision with tanker Alnic MC in a busy shipping channel.

While the possibility of a cyber attack was considered unlikely in the case of McCain, the Navy set out to investigate the possibility of an attack to rule it out as part of the investigation.

On Monday, Chief of Naval Operations Adm. John Richardson told reporters a cyber attack is “certainly something we are giving full consideration to, but we have no indication that that’s the case yet. But we’re — we’re looking at every possibility, so we’re not leaving anything to chance there.”

On Tuesday, U.S. Pacific Fleet commander Adm. Scott Swift told reporters in Singapore, “we are not taking any consideration off the table and every scenario will be reviewed and investigated in detail.”

Adm. Scott Swift, commander of U.S. Pacific Fleet, conducts a media availability at Changi Naval Base on Aug. 22, 2017. US Navy Photo

The service would not elaborate on the cyber investigation beyond the comments from Swift and Richardson when asked by USNI News.

The aft steering mechanism of an Arleigh Burke-class guided-missile destroyer is built around a pair of motors that each can control the ship’s rudders, in case one motor goes down. The decades-old design of the motors’ controls are largely analog, with redundant electrical systems that would be practically impossible to disable by cyber means, several former sailors told USNI News.

Other ship’s systems have been hardened to prevent cyber intrusion, and if even one particular system was compromised there would be several other backups.

Yeoman Seaman Theresa Porcellini mans USS Laboon (DDG-58) ship’s wheel from the aft steering station on May 11, 2017. US Navy Photo

For years, Naval Sea Systems Command has stressed so-called cyber hygiene in its control systems and has been meticulous in rooting out ways mechanical control systems could be compromised by malicious software. In 2014 Naval Sea Systems Command released a set of standards that would make it harder to compromise a ship’s systems through cyber intrusion.

What might be the most tantalizing point behind the cyber attack theory is that it’s technically possible, Bryan Clark, a naval analyst at the Center for Strategic and Budgetary Assessments and former aide to former Chief of Naval Operations Adm. Jonathan Greenert, told USNI News on Thursday.

“There could have been some sort of cyber disruption, but it seems unlikely that a single cyber event could have caused the accident, given the multiple sensors and combat systems available to the crew,” Clark said.
“Also, the accident occurred near dawn, so the crew could have visually tracked the surrounding ships and their movements even if a cyber attack was underway.”

There have also been theories the merchant ships that collided with McCain and USS Fitzgerald (DDG-62) could have been compromised via a cyber attack.

Guided-missile destroyer USS John S. McCain (DDG-56) at it steers towards Changi Naval Base, Republic of Singapore following a collision with the merchant vessel Alnic MC on Aug 21, 2017. US Navy Photo

In June, more than 20 merchant ships in the Black Sea reported their GPS had placed them more than 25 miles inland in what is widely believed to be a test of a Russian electronic warfare system that would make a commercial GPS signal unreliable. Additionally, both Iran and North Korea have had long histories of tampering with GPS signals.

Again, while possible, the chain of events of compromising a merchant ship’s navigation – either by hacking or spoofing its GPS auto-guidance system – locating a U.S. warship and then having the crew allow the ship to be hit would be difficult to accomplish, several naval analysts told USNI News.

Sam LaGrone

Sam LaGrone

Sam LaGrone is the editor of USNI News. He has covered legislation, acquisition and operations for the Sea Services since 2009 and spent time underway with the U.S. Navy, U.S. Marine Corps and the Canadian Navy.
Follow @samlagrone

Get USNI News updates delivered to your inbox