Hackers get to Patriot missiles?

The foreign media got information that unnamed hackers were able to carry out a successful attack and send commands to Patriot missiles manufactured in the USA and used by the German army. Missile launchers were located on the Turkish-Syrian border.

According to German magazine Behörden Spiegel , the NATO military noticed "inexplicable" orders that were remotely transmitted to missile systems consisting of six launchers and two radars.

Despite the fact that the German government denied the incident, calling it "extremely unlikely" and citing a lack of evidence, the press reports that the attack could be carried out in two ways.

The first of these involves the use of errors in the sensor for real-time information exchange between the launcher and the control system (Sensor-Shooter-Interoperability, SSI). Another attack vector could be a control chip that controls missile guidance. Ultimately, hackers could not only gain unauthorized access to data, but also control missiles.

Interviewed media experts said that such attacks are not something fantastic. At the same time, the risk of an unauthorized launch of missiles in this case is extremely low, said in an interview with RT English security consultant Jonathan Schifreen (Jonathan Schifreen):

Such systems are not connected to public networks, and to launch a rocket, special confirmation codes are needed, which only a few people have. To launch or other serious manipulations with a rocket launcher, confirmation from two to three people is needed. I don’t think that anything like this could happen; cracking such systems is extremely difficult. On the other hand, it is possible to obtain data on the location of the rocket launcher.

[...]

Without a doubt, foreign intelligence is trying to break into such systems, and it is likely that the software used there has more than one vulnerability.

Former MI5 English agent Annie Machon told reporters that Patriot rocket software in the U.S. could contain backdoors.

Even before the incident described by the press on the Syrian border, Germany announced plans to replace the Patriot missile systems with MEADS (Medium Extended Air Defense System) systems used in Italy and the United States.

Incidents that led to the compromise of military systems have occurred before - confirmation of this is contained in documents published by Edward Snowden. In particular, they reported that the Chinese intelligence services managed to steal data on the American F-35 attack fighter.

The topic of security of critical infrastructure, including in relation to military facilities, was raised at the PHDays V forum held in May. Participants from the Advantech company (we wrote about it on Habré ) should have taken control of the industrial control system associated with the rocket launcher model, and to shoot at the "secret object".