On March 6, 2017, the New York Times published an article arguing that the United States had deployed cyber attacks against North Korea’s missile tests. The article implied that these attacks might have succeeded in causing the failure of several North Korean missile tests, stating:

“The North’s missiles soon began to fail at a remarkable pace. Some were destroyed, no doubt, by accident as well as by design. The technology the North was pursuing, using new designs and new engines, involved multistage rockets, introducing all kinds of possibilities for catastrophic mistakes. But by most accounts, the United States program accentuated the failures.

The evidence was in the numbers. Most flight tests of an intermediate-range missile called the Musudan, the weapon that the North Koreans showed off in public just after Mrs. Clinton’s warning, ended in flames: Its overall failure rate is 88 percent.”

This article set off a buzz of commentary about the wisdom of such attacks against a nuclear-armed state.

But the assertion that cyber attacks could cause a higher rate of failure than would otherwise have occurred is, to put it mildly, a stretch, given the intervening variables and other factors that are well known to cause high failure rates early in missile testing programs. It is useful, therefore, to examine the fundamentals of how a missile could be caused to fail by a cyber-attack.

Fundamentals of Missile Guidance

In principle, interference with a missile’s guidance system may cause it to veer it off course, or even destroy it in flight. What happens when a missile continuously steers into the same direction can be seen here:

But this is not as easily done as people would imagine, or as is suggested in the New York Times article.

To mess with a guidance system by hacking into it, it has to contain a computer system that uses software. This sounds very obvious, but it is very important to be reminded of this because different rockets use very different guidance systems.

The assertion that cyber attacks could cause a higher rate of failure than would otherwise have occurred is, to put it mildly, a stretch

The Falcon 9 space launcher from SpaceX, for example, uses a guidance system with a software that is based on Linux. It should be possible to hack this software, or plant some virus in it that causes something weird to happen during launch.

To do this, the attacker must be able to meet two conditions: first, the attacker must know which software is being used, and understand how the software is working to create lines of code that actually do what you want them to do, and to plant this code into the existing software.

Second, the attacker must have access to the software, either by direct access to the guidance system you want to sabotage or by infecting the software before it is transferred into the missile’s computers. The malware should not be detected once it is planted.

Certainly, the DPRK would have established a guidance laboratory early in its missile program to develop accelerometers, gyroscopes, computers, and inertial platforms in the quest for an indigenous inertial guidance system, and developed the transformation techniques needed to convert inertial measurements into targeting information.

However, the DPRK is not yet capable of developing and producing the required sensors and computers and has had to buy many of these parts from the world market. The chances that the United States could identify and implant malware in such black market imports are low.

Moreover, it is not likely that that the DPRK would have failed to take cyber warfare defensive counter-measures to protect its guidance research and development program. Of course, all bureaucracies make mistakes, especially when operating in compartmentalized, vertical silos like those in North Korea. But it is unlikely that the DPRK military did not mount cyber defenses, given that it was forewarned by media reports in 2011 of the Stuxnet attack on Iran’s centrifuge program.

It may also have been aware of the U.S. National Security Agency’s attempts, starting in 2010, to penetrate North Korea’s cyber systems. It certainly has highly capable and world class cyber warriors to lend a hand.

Even if the DPRK missile guidance system community let down its guard, U.S. knowledge of North Korea’s missile program is limited. It is doubtful that the United States has sufficient knowledge of the DPRK’s missile guidance software code, or even which software is used. It is also highly improbable that the DPRK’s missiles have a WiFi link, or Internet access, which could be used to infect the guidance software.

Monday’s Scud-ER missile test

But even more basic is this point: some missile guidance systems cannot be hacked because they are not software-based.

The Scud B guidance system, for example, is quite close to the guidance system that the German A4/V2 used during World War 2. This system is based on mechanical inputs. You cannot hack it, just as you cannot hack old Wurlitzer jukeboxes or mechanical computers. There is no software, no line of code that can be modified.

Scuds, of course, use a Scud-type guidance system, as does the Rodong. And judging by the technology that was found inside the Unha first stage, the Unha satellite launcher also uses some kind of this guidance type, perhaps just a modified Scud guidance system. There is simply no way to infect these systems with malware.

It is not likely that that the DPRK would have failed to take cyber warfare defensive counter-measures to protect its guidance research and development program

Musudan and KN-11 Guidance Systems

The question today is whether the DPRK’s Musudan and KN-11 missiles use a similar non-cyber guidance system, or if they use some type of modern strap-down guidance system that is based on sensors and a computer and is running some software.

This question leads us straight to the old question of where these missiles come from, what technology they are based on, and at what time they were actually developed.

If the Musudan is indeed based on the R-27/SS-N-6, chances are high that the original guidance system of this missile was also used for the Musudan, which means Soviet technology from the 1960s, which would have been mechanical and therefore “hack-proof.”

Even if the DPRK uses a modern guidance system on the Musudan, it is doubtful that the United States would have had access to the guidance software and be able to plant a code in there.

Missiles do not have an USB port that you can use to infect their computer via USB stick, or just connect from a distance via Bluetooth. Such an insertion would have to be highly targeted, specific to the design and software used in the DPRK’s laboratory, and able to circumvent all the obvious countermeasures and barriers that would stand in the way of such an effort in the first place.

Such a combination strains credulity.

Conclusion

The New York Times article hearkens back to the movie “Independence Day”, where the world is saved from the Alien invasion by simply planting a computer virus into the mothership’s main computer by somehow just sending it over with a standard laptop. This might work in movies, but not in reality.

Perhaps the more interesting story is who leaked to the New York Times the claims of the efficacy of cyber attacks on North Korea’s missiles and why now? Perhaps it is part of a policy battle in the course of the Trump Administration’s North Korea policy review, possibly designed to get President Trump’s attention.

It might also be an intentional effort to conduct psychological warfare against the DPRK by creating paranoia and purges within the DPRK missile program. It might also be a way to impress on allies and third parties that the United States has been doing more behind the scenes than patiently waiting for the DPRK threat to resolve itself and imposing ineffectual sanctions. We don’t know.

This article originally appeared on the website of the Nautilus Institute. It has been republished with permission from the authors. 

Featured image: Rodong Sinmun