Date: April 21, 2019: Recently, a complain received at a US base where an Airforce staffer detected malware on the memory load verifier on an F-16, giving an immense shock to the officials. The end users, like Pakistan, whose aerial might depends heavily on the jet, must put in efforts to ensure the safety of their fleet.
As reported by Fifth Domain, the incident sparked debate and furious discussion over the loopholes in the cybersecurity of US Airforce which might have resulted in the breach and penetration through the protective walls.
War these days has adapted cyber track in parallel to the battlefield. Failure to combat this portion may bring you a complete disaster.
New cyber teams to be formed
The incident elucidates the need for a cadre of a specialized defensive cyber team that will protect critical Airforce missions and installations. An event was arranged in this regards at Langley Airforce base, dated April 11, which announced the formation of new cyber teams, known as ‘mission defensive teams’.
“The teams will be no different than the weapon troop or avionics or crew chief.” , mentions Ted Uchida, Deputy Director of Operations at Air Combat Command at the mentioned event.
Defining the availability of the teams, Uchida states that “they have to be there on the flight team to support mission generation”.
It was of primary concern for the Airforce to investigate whether the malware has penetrated the aircraft’s primary system or not.
Therefore, the primary objective for the MDTs is set to protect the weapon systems, and, to ensure secured cyberspace for conventional Airforce missions.
Pakistan has to be proactive!
Arguably, F-16 ‘Fighting Falcon’ still serves as a flag carrier in Pakistan Airforce’s fleet. With so many JF-17s on their part, F-16’s pros dominate in many features and thus can’t be ignored in the war times.
Malware penetration, or a similar cyber peril, can’t be taken forsaken in Pakistan when the manufacturer’s country with substantially high cyber expertise has suffered the same.
Pakistan, already being devoid of the new addition of F-16 in their fleet, can’t afford such mishaps. Easily the loss can be calculated if such a threat occurs and the details of the weaponry system, for instance, is stolen up by the malware.
Jets these days fly with highly sophisticated features, and with the advent of BVR (Beyond Visual Range) missiles, the once nose to nose aerial dog fights have been revolutionized into a far distant missile shooting contest, having their targets locked at a distance of some 50 to 70 km, enabling the pilot to hit the enemy far beyond their eyesight.
All is now the quest of advanced weaponry system, high tech visibility, supersonic pace, high maneuverability and wider ranged radar system. With this hypersensitivity, if the data related to any of such technical specification fells prey to malware, you can consider your entire tactic to be exposed, which will favor your enemy to strike accordingly, and your jet fighter may end up a flying coffin.
F-16 ‘Fighting Falcon’ still rules!
Across the globe in fact, not only in Pakistan, the 45 years old jet fighter plane with its numerous variants bears unusual superiorities, and is still in service with 26 countries, including the USA.
Though with the advent of stealth technology, the first choice for 1st world countries got shifted to modern fighter jets, notably F-35 and F-22; F-16 being half in cost (27 million USD in 2017) and extremely agile still carries a favorable slot.
F-16 has its common name as ‘Fighting Falcon’, but the pilots used to call it ‘the viper’. Being light in weight and offering substantially fast speed at high altitudes (almost twice the speed of sound), the ‘Falcon’ is capable of firing a huge variety of missiles in all the 3 categories: air to air, air to surface and anti-ship missiles.
Along with various convincing merits, the jet fighter does hold some shortcomings, most notable among them is its limited combat radius of 340 miles on internal stores.
The threat and the preventive measures
As described by a technical expert, the above kind of malware attack may not access the weaponry of the aircraft, but, can thrush the software, and the threat intensifies to maximum if software crashes during the flight. This will be perilous for any type of aircraft, and the aircraft can possibly meet the worst end.
Sharing below few recommendations prescribed by the same expert to counter the possible threat:
> Keep the aircraft and its associated accessories isolated from the internet to impede any possible attempt.
> Update the software only if deemed mandatory. Avoid unnecessary updates. This will limit the interaction of the aircraft’s software with an external resource, and thus the chances of possible malware are contained.
> Software updates shall be followed by a detailed verification/ tests and shall initially be done on a single aircraft before the serial upgrade is approached. This will let you observe any possible hostility in that particular unit, while the rest of the fleet remains unharmed.
> The updated aircraft to be kept under intense observation for any unusual occurrence.
Protecting/maintaining the existing F-16 lot shall be the utmost preference of Pakistan. This shall involve the whole spectrum, including cyber and avionics to counter the fifth domain warfare.
Existing skill set needs to be evaluated per the latest challenges, and if needed, an overhaul shall be done to counter the modern threats.
Written by Engr. Muhammad Masood Riaz