Report: Hackers could access US weapons systems through vulnerable chip
A pair of cybersecurity researchers say an encrypted chip used by the military and nuclear power plants has a secret 'backdoor' that can be hacked. It could be a wakeup call for the industry.
A secret nanoscale "backdoor" etched into the silicon of a supposedly secure programmable chip could give cyberattackers access to classified US weapons systems, including guidance, flight control, networking, and communications systems, according to a new report by cybersecurity researchers in Britain.Skip to next paragraph
Subscribe Today to the Monitor
The Cambridge University study is apparently the first public documentation that such a serious vulnerability has been deliberately built into a class of microchips used across the military and in key industrial applications such as power grids, the researchers say.
The discovery underscores the Pentagon's growing concerns over the vulnerability of the "supply chain" for computer chips it relies on. The new research illustrates how spying or even destructive functions, such as a "kill switch" that could make a plane fall out of the sky like a brick, could be added unnoticed to microchips while they are being designed and manufactured either at home or overseas, hardware-security experts say.
The chip in question – one of the ProASIC3 (PA3) line – is designed by a California company but manufactured in China. It is not know how or why the backdoor was installed on the chip, but experts say it is highly unlikely that it was inserted nefariously during the manufacturing process in China. More likely, it might be merely an overlooked feature left over from a period of early development, some say.
Yet how the backdoor got there is, in many ways, less important than the fact that it is there at all, the experts add. It suggests that even the PA3 chip, purchased by a variety of critical industries and touted as having "one of the highest levels of design security in the industry," could have exploitable vulnerabilities that users don't even know about.
"The major concern here is: If there are backdoors built into other chips, how easy will it be to find them?" says Sergei Skorobogatov, the researcher who led the Cambridge University study, in an interview. "It doesn't really matter much if it's a backdoor or a special test function embedded by the original chip designer. All a hacker wants is access to the chip.... If the attacker can find it and use it, he gets what he wants."
What the chip does
The PA3 A3P250 chip is a field programmable gate array, meaning it is basically a blank slate ready to be programmed to perform myriad functions. Experts agree that the chips are used widely by the US military in various settings, some likely to be critical, others likely to be much less so.
Strong encryption protects the chip from further changes. But the Cambridge report, titled "Breakthrough silicon scanning discovers backdoor in military chip," claims to have found an internal passcode and other vital keys needed to make big changes can be filched through the hidden backdoor.