Friday, January 19, 2018

Are Hawaii and Japan's Missile Warnings Cyber Attacks?

Hawaii seems to be off the hook; they seem to have isolated it to one state employee doing something stupid, in a system that's very stupidly designed.  I mean if I accidentally hit delete on a file, Windows or iOS are setup to make sure you really meant to delete it.  If you go to wipe your iPhone, you have to go through that several times - someone's way of saying, "are you paying attention here, Skippy?"  In a way, though, hackers are less upsetting than incompetence.  To quote Jim Geraghty from National Review:
“This guy feels bad, right. He’s not doing this on purpose. It was a mistake on his part and he feels terrible about it,” explained Hawaii EMA administrator Vern Miyagi, a former Army major general. But Miyagi declined to say that the staffer would face any disciplinary actions. Richard Rapoza, the official spokesman for EMA, declined to identify the errant employee and added, “At this point, our major concern is to make sure we do what we need to do to reassure the public. This is not a time for pointing fingers.”

Actually, it is. In the Air Force my father served in for some 20 years, anyone who committed such a blunder would have been demoted or cashiered — along with any superior officer, such as Miyagi, who had failed to put in place redundancies to prevent such a fiasco. That kind of accountability strikes me as a pretty good way to start to “reassure the public.” It’s not as if EMA didn’t have any clues something was potentially wrong. The Honolulu Star-Advertiser reported that while 93 percent of test alerts issued last month had worked, some could hardly be heard and a dozen mistakenly played an ambulance siren.
Isn't it better to think some advanced, hacker with l33t skillz carefully broke down firewall after firewall until he could scare the bejeezus out of everyone in the state than it is to realize the truth of what happened?  A common story after the incident was that a portion of the population ignored the warning because they know the state is so incompetent they couldn't have gotten it right. 

Japan, though, is a bit more unsettling.  There have been no equivalent stories from the Japanese government that I can find.  Was Japan's alert a cyber attack?

Cold War 2.0 seems to be a three way frenemy game between us the Chinese, the Norks and the Russians.  Of the three, the Norks are just a minor player that serves the aims of both the Russians and the Chinese.  The big two seem to be battling each other, but anything that keeps us distracted is good for them. So the Chinese will do something to sanction or pinch L'il Kim and the Russians will go around them. And vice versa.

At least from what I hear.

So I'd assume the Russians and the Chinese might have an interest in setting the west on edge and sowing chaos.  Anything that gets us "off our game" is something China is good with.  Putin is longing for the glory days of the old Soviet Union - he wants to Make Russia Great Again.  Of the three of them, he's the most transparent of them all.  Putin wants - ruthlessly demands - raw power.  Anything that diminishes any other power in the world is good from his perspective.  The Norks are just about as transparent.  I think the best insights you'll get on North Korea are coming from LL at Virtual Mirage.  Kim Jong Un thinks he's going to reunite the Korean peninsula and be master of them all.  In Kim's mind he sees a confrontation with us as "you have 4000 nuclear warheads and I have two, so we're tied". 
So from an overview, I think any of the three of them could have done it.  But the incompetence is still more frightening than the hackers


  1. Thank you for the plug. I guess that I have to get cracking with more analysis of Nork warnings and intentions.

    In the inbred world of retarded stepchildren getting government jobs in Hawaii (the state that brought you Barack), the system will self perpetuate no matter how many software protections that you build in. The passwords will be post-it note stuck to the monitors and it will be like Homer Simpson wolfing down doughnuts in the control room at the nuclear power plant pushing buttons. Most of those jobs are show-up jobs but there are also a lot of no-show jobs. All you need do is buy somebody who is dialed into Hawaii politics a few Mai Tai's and they'll spill their guts. It's nepotism gone rampant.

    If they can't have the password on a post-it, they will just sit around eating and will ignore the computer...if they make it to work at all. That is the reality.

    Hawaii is a third world country with a big brother that pumps military money in. Aircraft land all day bringing in belching tourists with their wallets stuffed with cash. That's the only way that they can survive. Hawaii reminds me a lot of Mexico -- only the politics is dirtier in Hawaii.

  2. Which is more worrisome, evil or stupid? Stupid. "There are only so many black-hatted villains in the world and they only get up to mischief now and then. Stupid is there every day all day long." (Not sure I remember that quote just right.)

  3. There is something wrong with the entire scenario. An incoming ICBM would be picked up by NORAD. They would identify the ICBMs with 18-25 minutes until they would hit their targets. NORAD would first inform their commanders and then the president. These leaders would immediately demand reliable proof of an attack while simultaneously setting DEFCON to 1 and getting the president to a shelter. NORAD would be busting their butt to prove the attack is real and this could take 30-90 minutes. See the problem yet? Before any civilian (state or local) governments are notified NORAD must prove there is an actual attack and before this can be physically accomplished the missiles will have hit their target. In other words there will be no civil defense alert. Therefore there would not be a message ready for transmission of a missile attack. For a tsunami for sure. For a tornado or hurricane for sure. For flooding or active shooter for sure. But for an incoming missile... no way. Someone had to type that message in at the time it was released OR someone stupidly and without authorization placed the message into the queue when the system was created even though it could never be triggered.

    1. This comment has been removed by the author.

    2. You are WAY off base here. This is how it goes:
      A DSP satellite (part of the Space Based Infrared System- SBIRS) detects the launch from its infrared signature. As soon as that happens, a series of events are triggered.
      1 A flash notice is sent to NORAD, the White House situation room, The duty officer in the Pentagon, and the duty officers of each major command.
      2 Listening posts run by the NSA look for telemetry signals from the launched missile(s). If those are detected, the launch detection (not the attack) is considered "verified" and the US goes to DEFCON one or two. DEFCON 2 or higher triggers the activation of JEEP (Joint Emergency Evacuation Plan).
      3 To verify that the attack is inbound to the US, a second confirmed report is required. This would likely come from a radar system. In the case of North Korea, there are a number of radars in place that would do that job. There is a THAAD battery, a Patriot battery, and several AEGIS equipped ships in the area that would easily do that job. A ballistic missile that has been spotted would have its trajectory calculated within just a few minutes, certainly less than 30-90 minutes. The physics here are straightforward. Whether or not the powers that be decide to warn the public, NORAD knows the target within 10 minutes of launch.

      The problem here is the system design. The powers that be have designed a system where the operator can send the message within seconds, because they are laboring under the belief that saving seconds in sending a warning is more important than insuring no false alarms are sent. Any engineer will tell you that a "fail deadly" system is inherently unstable, and such a system's chances of triggering an event approach one the longer the system is in place.

      It is obvious to me that a politician, rather than a systems engineer, is the person who designed this system.

  4. False dichotomy: it's all incompetence, as hackers just highlight incompetence at a much higher level.

    The lack of fail-safe redundancies before issuing the alert point to basic institutional and bureaucratic incompetence, and hacking shows they lack any technical competence either.

    Hawaii: We're even screw-ups at screwing up.

    Sleep tight, bruddahs.

  5. Much of what you said is accurate but it all begs the question; will there be a civilian warning? There will not be a civilian warning. There is no reason for Hawaii to have that message on their system because they would not get verification of such an attack before the bright flash in the sky.

    What you got wrong is the assumption that an ICBM attack is verifiable prior to it's mission success. The various operators will believe it is true. Certain events will be triggered assuming that it is true. But it will be impossible for the president to be told that 100% it is a nuclear ICBM attack. In fact when the first nuclear device goes off the presidents advisors will still be arguing if it is an actual attack or a system failure. For better or worse the U.S. has decided to absorb the initial attack before responding because of the problem of verifying an attack in time to respond to it.

    Also with a single warhead we would know the target within ten minutes or so but with a MIRV we would not.

    1. Assuming you are the same anonymous poster I addressed earlier: It is obvious that you do not know anything about physics. Also, no one can know whether or not ANY incoming warhead is nuclear or not. What you can do is track the missile, and you would know the target area with a high degree of certainty. Even with MIRV warheads.The laws of physics: no one is immune to them.

  6. Obviously you are upset that someone has an opinion that disagrees with yours and feel the need to insult. So be it.

    Indeed! You cannot tell if a ICBM is a nuke (little sense in it not being a nuke but...) That is exactly the point I made! We see what we see and we draw conclusions but nothing is certain. And THAT is why our policy is to not respond to a massive ICBM attack. Is it the smartest or correct thing to do? Maybe, who knows, the problems is there is too great a chance that an apparent attack is a system failure or something else we are misinterpreting so we have decided for better or worse to not launch until after the ICBMs hit.

    A MIRV can "kinda" be tracked. It could hit 7 West coast cities or 3 West coast cites and 4 further east cities or it could hit one city in 7 locations or it could hit two cites 3 in one and 4 in the other... So you don't really know the target with a MIRV. You can make some educated guesses and maybe/probably be right or you could be dead wrong. Such is a MIRV; a real problem for our defenses.

    Interesting true story; my physics professor was German and got his Doctorate in Physics in 1939. Hitler forced him to be a science officer in the military and he was in the invasion into Poland. Later he was Rommel's advisor in North Africa where he was captured and spent the rest of the war as a prisoner. I took his classes in Germany in the 60's. He was a good man who was never able to get over his guilt for being involved in the war even though he never used or had a gun.