Over the last week, two perennial stories have again dominated the news. China continues to be able to hack us — including top DC power players — at will. And the F-35 has suffered another setback, this time a crack in an engine turbine blade (something which reportedly happened once before, in 2007).
The coincidence of these two events has got me thinking (and mind you, I’m just wondering out loud here): what if China did more than just steal data on the F-35 when it hacked various contractors, and instead sabotaged the program, inserting engineering flaws into the plane in the same way we inserted flaws in Iran’s centrifuge development via StuxNet?
We know China has hacked the F-35 program persistently. In 2008, an IG report revealed that BAE and some of the other then 1,200 (now 1,300) contractors involved weren’t meeting security requirements; last year an anonymous BAE guy admitted that the Chinese had been camped on their networks stealing data for 18 months. In April 2009, WSJ provided a more detailed report on breaches going back to 2007.
The Joint Strike Fighter, also known as the F-35 Lightning II, is the costliest and most technically challenging weapons program the Pentagon has ever attempted. The plane, led by Lockheed Martin Corp., relies on 7.5 million lines of computer code, which the Government Accountability Office said is more than triple the amount used in the current top Air Force fighter.
Six current and former officials familiar with the matter confirmed that the fighter program had been repeatedly broken into.
[snip]
Foreign allies are helping develop the aircraft, which opens up other avenues of attack for spies online. At least one breach appears to have occurred in Turkey and another country that is a U.S. ally, according to people familiar with the matter.
[snip]
Computer systems involved with the program appear to have been infiltrated at least as far back as 2007, according to people familiar with the matter. Evidence of penetrations continued to be discovered at least into 2008. The intruders appear to have been interested in data about the design of the plane, its performance statistics and its electronic systems, former officials said.
The intruders compromised the system responsible for diagnosing a plane’s maintenance problems during flight, according to officials familiar with the matter.
[snip]
The spies inserted technology that encrypts the data as it’s being stolen; as a result, investigators can’t tell exactly what data has been taken.
And we know the data theft has been ongoing. The RSA secure ID hack two years ago, for example, was used to access Lockheed’s computers (though at least in that case Lockheed discovered the breach within two weeks).
Incidentally, Pratt & Whitney — which makes the engines that are experiencing this latest problem — got a $75 million wrist slap last year for violating export controls and dealing engine control module software to China that it then used to build a military attack helicopter, though that conduct dates back to the 2002 to 2006 period.
In any case, we know the Chinese have had a great deal of access to networks involved in the development of the program. The assumption has always been — publicly at least — that China was just stealing data, both to understand how to counter the plane’s defenses but also to reverse engineer its own planes.
Yet we also know that China has dealt us hardware — “counterfeit” chips and the like — with backdoors to allow it access. That is, we know China has engaged in sabotage at a more granular level.
So why wouldn’t China try to sabotage the F-35 more systematically, especially as the example of StuxNet unfolded?
Admittedly, it may be foolish to attribute to Chinese guile what can easily be explained by American incompetence. Indeed, it’s clear mismanagement deserves a great deal of the blame for the plane’s budgetary and performance woes.
But this Bloomberg article describes part of the reason why the F-35 would make such a juicy target for China. First, the F-35 is a central part of our industrial policy, providing jobs here and (if it ever gets off the ground) exports overseas.
It counts 1,300 suppliers in 45 states supporting 133,000 jobs — and more in nine other countries, according to Lockheed.
[snip]
The F-35 will probably become the dominant export fighter for the U.S. aerospace industry, Gordon Adams, who served as the senior White House official for national security and foreign policy budgets under President Bill Clinton, said in a phone interview.
“This is the last U.S. export fighter standing, and that has saved this program,” said Adams, now a foreign-policy professor at American University in Washington. “There is a huge economic element to the F-35.”
Members of Congress are hesitant to make deep cuts to the project in part because it generates work in their states, Wheeler said. The F-35 supports 41,000 jobs in Texas alone, the most of any state, according to Lockheed’s website. The company assembles the fighter in Fort Worth.
And the multinational development of the plane was supposed to cement a new kind of alliance. As members of that partnership begin to get cold feet, it may affect our larger relationship with those countries.
Overseas, the Pentagon’s partners are balancing concerns about the F-35’s cost with the amount of work sent to their companies.
Allies have agreed to purchase 721 fighters, yet the soaring price is painful for nations with shrinking defense budgets. The estimated cost of each plane has about doubled to $137 million since 2001, according to a GAO report last year.
[snip]
Canada had dropped to 65 planes from 80. In December, it said it was reconsidering its commitment to purchase any of the jets after a consultant said the price to buy and maintain them might reach about $45 billion.
The F-35 program isn’t so easy to exit, though. A Lockheed spokesman raised the possibility that Canada would lose its F-35-related business — and jobs — if it didn’t buy planes.
[snip]
The partners’ commitments should make the U.S. wary of making deep cuts to the F-35 program, said Dov Zakheim, a former defense comptroller who served under President George W. Bush.
“This program was advertised as a major collaborative program with a lot of allies,” Zakheim said in a phone interview. “It was sold to our allies as such. What do we do now — pull the rug out from under them at the same time we’re complaining they aren’t spending enough on defense?”
This latest problem comes just as the those managing the F-35 program prepare to go to Australia to try to convince them to buy these planes rather than more existing Boeings.
Then there’s just the sheer magnitude of this program. The program is expected to account for 38% of the Pentagon’s procurement needs for 2011 programs. Its cost — $395.7 billion — already rivals a significant war, and actually running the program may cost a trillion and a half. This is where an unbelievable amount of our time and financial resources are being directed, and anything China could do to raise those costs, or perhaps even convince us to give up on the sunk costs, I’m sure, would bring it huge strategic benefits. It’s like half an Iraq War without the potentially dangerous disruptions in the Middle East, all wrapped up in a bow.
At this point, it’s not clear that the plane itself will ever represent a critical threat to China (though Japan has been one of the partners that has sustained its enthusiasm for the plane). The program is more interesting at this point for the way it causes us to blindly continue to pursue the catastrophic imperative that is our Military Industrial Complex. Which would make it the perfect opportunity for China, by sabotaging the program, to magnify and exacerbate our own stupidity.
I’d like to think such sabotage would be impossible to get past the quality control folks at Lockheed, but everything about this program suggests it might not be. The multinational development and the concurrent development schedule (a kind of testing as you go) would make it more likely such sabotage might be missed as well.
I don’t know that we would ever know if this clusterfuck was caused with the assistance of China. It’s not like Lockheed would publicize such information, just as it asked for another $100 billion. And I don’t want to underestimate the defense industry’s ability to screw up all by themselves.
All that said, Chinese sabotage would help to explain part of why this program has been such a colossal clusterfuck.