THE PENTAGON – A Navy investigation has turned up little evidence supporting the idea that USS John S. McCain (DDG-56) was a victim of a cyber attack, making it more likely that mechanical failure or crew error is to blame for the Aug. 21 collision between the destroyer and a chemical tanker.
Operation Orion Hammer, the Navy tasking to investigate potential cyber interference in the operation of the guided-missile destroyer, has not uncovered any indications that a cyber attack affected the ship’s control systems just prior to the crash, three Navy officials confirmed to USNI News on Thursday. McCain reportedly lost control of its steering just moments before the collision with tanker Alnic MC in a busy shipping channel.
While the possibility of a cyber attack was considered unlikely in the case of McCain, the Navy set out to investigate the possibility of an attack to rule it out as part of the investigation.
On Monday, Chief of Naval Operations Adm. John Richardson told reporters a cyber attack is “certainly something we are giving full consideration to, but we have no indication that that’s the case yet. But we’re — we’re looking at every possibility, so we’re not leaving anything to chance there.”
On Tuesday, U.S. Pacific Fleet commander Adm. Scott Swift told reporters in Singapore, “we are not taking any consideration off the table and every scenario will be reviewed and investigated in detail.”
The service would not elaborate on the cyber investigation beyond the comments from Swift and Richardson when asked by USNI News.
The aft steering mechanism of an Arleigh Burke-class guided-missile destroyer is built around a pair of motors that each can control the ship’s rudders, in case one motor goes down. The decades-old design of the motors’ controls are largely analog, with redundant electrical systems that would be practically impossible to disable by cyber means, several former sailors told USNI News.
Other ship’s systems have been hardened to prevent cyber intrusion, and if even one particular system was compromised there would be several other backups.
For years, Naval Sea Systems Command has stressed so-called cyber hygiene in its control systems and has been meticulous in rooting out ways mechanical control systems could be compromised by malicious software. In 2014 Naval Sea Systems Command released a set of standards that would make it harder to compromise a ship’s systems through cyber intrusion.
What might be the most tantalizing point behind the cyber attack theory is that it’s technically possible, Bryan Clark, a naval analyst at the Center for Strategic and Budgetary Assessments and former aide to former Chief of Naval Operations Adm. Jonathan Greenert, told USNI News on Thursday.
“There could have been some sort of cyber disruption, but it seems unlikely that a single cyber event could have caused the accident, given the multiple sensors and combat systems available to the crew,” Clark said.
“Also, the accident occurred near dawn, so the crew could have visually tracked the surrounding ships and their movements even if a cyber attack was underway.”
There have also been theories the merchant ships that collided with McCain and USS Fitzgerald (DDG-62) could have been compromised via a cyber attack.
In June, more than 20 merchant ships in the Black Sea reported their GPS had placed them more than 25 miles inland in what is widely believed to be a test of a Russian electronic warfare system that would make a commercial GPS signal unreliable. Additionally, both Iran and North Korea have had long histories of tampering with GPS signals.
Again, while possible, the chain of events of compromising a merchant ship’s navigation – either by hacking or spoofing its GPS auto-guidance system – locating a U.S. warship and then having the crew allow the ship to be hit would be difficult to accomplish, several naval analysts told USNI News.
