Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!thunder.mcrcim.mcgill.edu!snorkelwacker.mit.edu!apple!julius.cs.uiuc.edu!zaphod.mps.ohio-state.edu!ub!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: ROsman%ASS%SwRI05@D15VS178A.SPACE.SwRI.EDU Newsgroups: comp.virus Subject: Re: (No) Viruses in Irak's EXOCET? Message-ID: <0007.9101161910.AA06668@ubu.cert.sei.cmu.edu> Date: 15 Jan 91 15:06:43 GMT Sender: Virus Discussion List Lines: 133 Approved: krvw@sei.cmu.edu Klaus Brunnstein writes: > French press (La Liberation) and media reported (Jan.10) in some (stuff deleted) > reports about "viruses in Hussein's rockets". According to dpa, > (unnamed) French computer scientists said: > > - manufacturers of war material usually implant, "for mere > commercial reasons", viruses in exported war electronics to > provoke, after some time, faults and "profitable repair > work"; This is not very likely. Most modern defen(s|c)e contracts provide reliability targets which the contractor must warrant, or include maintenance to meet the goals. > - though Irakian weapon computers are "hermetically cut-off > from the outside world", computer viruses could be implanted > e.g. via "weather data"; This is entirely concievable, but fairly unlikely. The coordination required to pull this off would be immense. The more people that handle a secret, the less likely it is to remain one... > - moreover, the built-in computers contain programs which may > be triggered remotely; the control system of (French-built) > EXOCET rockets could be switched-off from French ships; the > only problem would be the mass of weapon computers to be > switched-off simultaneously. Same comment as previous paragraph. > As usual in events related to malicious code, truth is mixed up > with misunderstandings, errors and impossibilities: > > - the implementation of weapon software makes self-reproducing > programs (=viruses) impossible; moreover, it is very im- > probable, that such systems may be (re-)programmed remotely; > French "experts" with such arguments are non-trustable; Not entirely correct. Weapons software is often incredibly complex. It also often loadable. I assume that you are assuming that it is ROM'd which is not neccessarily correct in newer, more complex sys- tems. The code is usually handled by fairly physically secure means, but anything is possible. NEVER say never.... > > - on the other hand, other aspects of "malicious code" may > well be present in weapon computers; at least in the test > phase, rockets can be destroyed by triggering a self- > destruction system remotely; following the well-established > principle "never change a running program", such "backdoors" > (the proper name for this type of malicious code) could > survive the test version; The self-destruct systems are usually seperate, independent systems, developed to be reliable, and, hence, simple. They are not present in production weapons. Maintenance modes/codes might fall into this category, but almost always require a hardware action to enable them (switch closure, special connector, etc.) for this very reason. > - moreover, French system analysis might well have foreseen > scenarios in which to defend against French-made rockets > (e.g. EXOCETS); French warships might remotely influence the > EXOCET control systems if this remains unchanged by the > (Irakian) users of such technology; with equivalent probab- > ility, other Western weapon control systems could contain > similar self-protection mechanisms (e.g. US' Hawk missiles > having been captured in Kuweit) ; All within the realm of possibility, but logistically unlikely. More likely is that the French know well the weaknesses of the sensor sys- tems on their weapons, and can effectively exploit them. Ditto the British, US, and others. > - finally, it is well-published (even in non-military period- > icals) that and how electronic countermeasures (ECM) may > mislead weapon electronics. See comments from previous paragraph > Some interesting questions following from such "possibilities": > > - May Irak detect, influence or adapt such weapon software? As > software technology is not well-enough developed in Irak > (and most part of the Arab world), they probably must rely > on foreign experts (as they evidently do in other Hi-Tech > areas). Generally true, but the Ira(q|k)is are not fools. While their overall technological base is not great, they do have some extremely competent people. Given the potential for treachery of this sort, I would ex- pect that they would have considered the possibility and taken the steps that their resources and needs would support. > - If French EXOCET rockets are remotely controllable: why did > the French not warn their "friends" who suffered severe > losses through their weaponry (e.g. UK in Falkland crisis, > or US in the Iran crisis, see accident of USS STARK)? Did > they at least now warn and properly equip their allies in > the Arabian desert? I we assume (dangerous) that the premise is correct, the French could not predict the USS Stark incident (which incidentally was fired byIra(q|k) NOT Iran, but did happen during the war period, and whose ac- cident status is questioned almost as often as the USS America inci- dent is). Further there is a risk/return issue. To save British ships, the (postulated) secret would have have to spread further, AND would eliminate the weapon as an option should Britain and France go head to head. While this is unlikely, anything is possible. Conser- vative military thinkers always strive to preserve options. Paraphras- ing Sir Winston Churchill, countries have interests, not friends. > For "RISK experienced" experts, it is not surprising that Some good stuff deleted, see the original message if you haven't al- ready... > Postscriptum: computer "viruses" may nevertheless play a role in > "Operation Desert Shield". There are (yet unconfirmed) news that > several thousands PCs (5000?) have been infected by ordinary > "computer viruses". This would not be a surprising experience as > the soldiers had to "vaste" ample waiting for Jan.15; in the > absence of other possibilities for spending free time, computer > games (usually a source of "virus" infections) may have played a > major psychological role, maybe with some impact on their > "ordinary functional behaviour". Hadn't heard about this one, where did you? Oz (Rich Osman, WB0HUQ) INTERNET: Oz@SwRI.edu (512) 522-5050 (w); (512) 699-1302 (h, merciless machine) (512) 522-2572 (just the fax)