The computer network on the U.S. Navy’s Littoral Combat Ship is vulnerable to hacking, according to findings by Navy cybersecurity specialists.
A “red team” assigned to test weaknesses in computer systems found major deficiencies last year on Lockheed Martin Corp.’s USS Freedom, said a government official familiar with the findings who asked not to be identified because the Navy report hasn’t been made public. The Freedom, the first of the new ships to be deployed, sailed to Singapore last month for eight months of testing of its manning and logistics operations.
The concern about cybersecurity adds to previous questions about the $37 billion program to build ships intended to perform missions in littoral waters, those close to shore. The estimated price to build each vessel has doubled to $440 million, and its ability to survive to fight after an attack has been questioned.
Michael Gilmore, the Pentagon’s director of weapons testing “provided Navy leadership an assessment of information assurance vulnerabilities testing revealed in LCS” and “recommended those vulnerabilities be remediated without delay,” Defense Department spokeswoman Jennifer Elzea said in an e-mailed statement.
The Navy hasn’t yet responded to the testing office’s concerns, according to Elzea, who said Gilmore’s assessment was classified. She said he also will include his concerns in a classified LCS Early Fielding Report next month.
The Littoral Combat Ship depends for its combat capability on communicating with better-armed vessels through its “Total Ship Computing Environment,” a maritime battle network linked by computers and sensors. The Navy and the Pentagon’s weapons testing office declined to say whether the vulnerabilities would affect operations of the ship or coordination with other vessels.
The threat of cyberattacks has become an even greater concern than terrorism, James Clapper, the top U.S. intelligence official, told the House Intelligence Committee during an April 11 hearing. The Chinese army may be behind the hacking of at least 141 companies worldwide since 2006, according to a Feb. 19 report from Alexandria, Virginia-based Mandiant Corp. Chinese officials have rejected that finding.
Defense Security Chuck Hagel told a House panel last week that the potential for “silent and destructive” cyberattacks is “the greatest threat to our security.”
The Navy’s Littoral Combat Ship program office said in a statement that the vulnerability assessment of the Freedom has been reviewed with Bethesda, Maryland-based Lockheed Martin, the world’s largest defense contractor.
“The LCS program has worked with the Navy and industry subject-matter experts to implement mitigation plans,” the office said. “As information assurance threats continue to evolve, so too will the LCS’s ability to counter them.”
Asked why the Navy didn’t delay the Freedom’s Singapore deployment, the program office said it determined the vessel “was capable of fulfilling the assigned mission.”
“As with every other ship assessment, findings are provided to program management for awareness and action where required,”Lieutenant Rick Chernitzer, a spokesman for the Navy’s Pacific surface forces, said in a second e-mailed statement.
The Navy’s Operational Test and Evaluation Force conducted the vulnerability assessment, he said.
The Navy is requesting $1.9 billion to buy four additional Littoral Combat Ships for the fiscal year beginning Oct. 1, the same number purchased this year.
The program may face added scrutiny this year, starting tomorrow with a hearing on Navy ship programs convened by the House Armed Services Committee’s seapower panel. The U.S. Government Accountability Office also is working on a review that may be published in June.
The vessel “has lots of possibilities but also has a number of challenges,” Representative Randy Forbes, a Virginia Republican who heads the seapower panel, said in a phone interview today.
“I do think it is something we are going to continue to monitor, look at very carefully, but we are going to give the Navy a little bit of flexibility” to use the Singapore deployment to put the Freedom through its paces, he said.
“I would not put me down as a skeptic,” he said. “I’ve got a lot of questions.”
The LCS depends on mission modules that are supposed to be swapped out depending on the duty at hand. The GAO said last month that the Navy plans to purchase 30 of a planned 52 vessels by 2018, before the first fully combat-capable modules for surface warfare, counter-mine operations and anti-submarine patrols are ready.
The modules the Navy has accepted so far “do not yet meet requirements,” GAO said.
Two versions of the Littoral Combat Ship are being built simultaneously. A steel-hulled vessel is being made in Marinette, Wisconsin, by a team led by Lockheed, and an aluminum trimaran is being built in Mobile, Alabama, by a group led by Austal Ltd.
Four of the vessels have been built, and the Navy has agreed to buy 20 more through 2015.