The Virginia-class attack submarine USS North Dakota.

The Virginia-class attack submarine USS North Dakota.

FALLS CHURCH, VA: Sure, everyone’s sick of the word “cybersecurity” and endless discussion of “attacks,” Vice Adm. William Hilarides said today, making prominent air quotes with his fingers. Navy submariners in particular, safe beneath the waves, tend to think of cyber as someone else’s problem — but “not so fast,” he told the annual Naval Submarine League conference here today.

Hackers can remotely hit the brakes on a late-model, highly computerized automobile, Hilarides said: “We’re just like that car.”

As head of Naval Sea Systems Command (NAVSEA), Hilarides has come to the unpleasant realization that seemingly mundane data-collection for maintenance purposes has created vulnerabilities that could, in theory, be used to shut down key components on a sub.

Vice Adm. William Hilarides

Vice Adm. William Hilarides

“The very nice caterpillar diesel [generator] on the Virginia class” — America’s most advanced nuclear submarine — “has a chip on it,” Hilarides said by way of example. “That chip runs Windows XP.” Because the chip records all sorts of performance measurements, he said, it’s plugged into the machinery control system that lets sailors monitor — and control — components all over the sub.

Wait, it gets worse. “We really like to have that data…so somebody off the ship can do the trend analysis, can tell you when the bearings are going bad and it needs a change of oil,” Hilarides said. “So it’s on an unclassified network at one of my warfare centers.”

That means a virus that gets onto the unclassified network could work its way into crucial systems on a submarine.

“There’re some really simple things” the Navy can do to fix some vulnerabilities in the near term, Hilarides said. One is “cyber hygiene,” he said. “If you have a USB port on your computer that’s not disabled, you can take any device” and upload malware, intentionally or otherwise: “A sailor looking for a place to plug his cellphone in and get a text from his wife is the biggest insider threat,” the admiral said.

In the longer term, “our control systems need to be built to be secure in this environment — which is the way it’s going to be for the rest of time: We’ve opened a new era of warfare and it ain’t going back in the tube,” Hilarides said. “This is going to be something that touches pretty much everybody,” he told the room full of contractors. Specifications and standards for every kind of equipment need to close potential weak points, he said, and “somebody’s got to write those specs and standards so I can give them to the vendors [and say], ‘put this in those systems right from the beginning.'”

With cybersecurity, Hilarides told me after his public remarks, “What we done in the past is bolt it on afterwards. We’ve got to build it in.”

Command & control center on a Virginia-class submarine (Navy artist's rendering).

Command & control center on a Virginia-class submarine (Navy artist’s rendering).

But you can’t make every system maximum security all the time: You need to be able to choose when it’s worth the risk of connecting and when to lock down. So, Hilarides said, sailors need to start applying the same kind of precautions — and damage control — to cybersecurity that they’ve long used to combat flooding.

“When you think you’re going to have flooding on your ship, you set [Condition] Zebra, and you shut every hatch, every bulkhead,” Hilarides said. Now we need to formulate a way, when necessary, to “set Cyber Zebra: pull the plug, disconnect yourself from everything but the ship.”