Why cyberattacks on missile systems are such a dangerous game of cat and mouse

This article is part of the World Economic Forum's Geostrategy platform

After President Trump decided to halt a missile attack on Iran in response to the downing of a U.S. drone, it was revealed that the U.S. had conducted cyberattacks on Iranian weapons systems to prevent Iran launching missiles against U.S. assets in the region.

This ‘left-of-launch’ strategy – the pre-emptive action to prevent an adversary launching missiles – has been part of the U.S. missile defence strategy for some time now.

President George W Bush asked the U.S. military and intelligence community to infiltrate the supply chain of North Korean missiles. It was claimed that the US hacked the North Korean ballistic missile programme, causing a failed ballistic missile test, in 2012.

It was not clear then – or now – whether these ‘left-of-launch’ cyberattacks aimed at North Korea were successful as described or whether they were primarily a bluff. But that is somewhat irrelevant; the belief in the possibility and the understanding of the potential impact of such cyber capabilities undermines North Korean or Iranian confidence in their abilities to launch their missiles.

In other words, the adversary may be left with no option but to take the chance to use these missiles or to lose them in a conflict setting.

‘Left of launch’ is a dangerous game. If it is based on a bluff, it could be called upon and lead to deterrence failure. If it is based on real action, then it could create an asymmetrical power struggle. If the attacker establishes false confidence in the power of a cyber weapon, then it might lead to false signalling and messaging.

This is the new normal. The cat-and-mouse game has to be taken seriously, not least because missile systems are so vulnerable.

There are several ways an offensive cyber operation against missile systems might work. These include exploiting missile designs, altering software or hardware, or creating clandestine pathways to the missile command and control systems.

They can also be attacked in space, targeting space assets and their link to strategic systems.

Most missile systems rely, at least in part, on digital information that comes from or via space-based or space-dependent assets such as: communication satellites; satellites that provide position, navigation and timing (PNT) information (for example GPS or Galileo); weather satellites to help predict flight paths, accurate targeting and launch conditions; and remote imagery satellites to assist with information and intelligence for the planning and targeting.

Missile launches themselves depend on:

All these aspects rely on space technology.

In addition, the ground stations that transmit and receive data to and from satellites are also vulnerable to cyberattack – either through their known and unknown internet connectivity or through malicious use of flash drives that contain a deliberate cyber infection.

Non-space-based communications systems that use cable and ground-to-air-to-ground masts are likewise under threat from cyberattacks that find their way in via internet connectivity, proximity interference or memory sticks.

Human error in introducing connectivity via phones, laptops and external drives, and in clicking on malicious links in sophisticated phishing lures, is common in facilitating inadvertent connectivity and malware infection.

All of these can create a military capacity able to interfere with missile launches. Malware might have been sitting on the missile command and control system for months or even years, remaining inactivated until a chosen time or by a trigger that sets in motion a disruption either to the launch or to the flight path of the missile.

The country that launches the missile that either fails to launch or fails to reach the target may never know if this was the result of a design flaw, a common malfunction or a deliberate cyberattack.

States with these capabilities must exercise caution: cyber offence manoeuvre may prevent the launch of missile attacks against U.S. assets in the Middle East or in the Pacific regions, but they may also interfere with U.S. missile launches in the future.

Even, as has recently been revealed, U.S. cyber weapons targeting an adversary may blow back and inadvertently infect U.S. systems.

Nobody is invulnerable.

The Destabilizing Danger of Cyberattacks on Missile Systems, Patricia Lewis, Beyza Unal, Chatham House