To avoid a cockpit computer hijacking, USCG should require the software be made-in-America, security experts warn.
The U.S. Coast Guard wants to buy a navigating app, similar to those already used by civilian pilots, for service members who are substituting iPads for flight bags, according to a government solicitation. But the software specifications omit certain safeguards to prevent hackers from hijacking the cockpit, some information technology specialists say.
The section of the Aug. 14 work order pertaining to security requirements states, "There are no special security requirements.”
Today, with paper-based aviation charts, it's hard, if not impossible, for bad guys to corrupt directional guides. But, as flight planning migrates to software-based resources, it is critical that agencies ensure those programs do not contain malicious code, said Bernard Skoch, a retired Air Force brigadier general and government IT consultant.
"It doesn't take much imagination to envision a horrible scenario in which a bad actor corrupts every Coast Guard cockpit with a few keystrokes," he said.
The service's purchase plans do not require that the app's code be developed in the United States or that it be subjected to penetration attempts by hired hackers. "I think that opens up a significant risk area. The software will become mission critical and should be domestically written, or as a minimum it should be provided only by programmers in countries friendly to the U.S.," Skoch said.
Coast Guard officials did not respond to a request for comment.
The app will display confidential government information, such as maps and charts collected by the National Geospatial-Intelligence Agency, but stolen secrets are not the main concern.
The sensitivity-level of that NGA data does not require special data protections, Skoch said. But that data and all the other code in a navigation app, regardless of content, should require that the software be designed stateside and undergo thorough testing and validation, he said, because digital vulnerabilities can be exploited to manipulate aircraft.
The Air Force Special Operations Command canceled an iPad procurement in February 2012, after receiving a query from Nextgov about its stated plans to use Russian-developed GoodReader software for mission security and as a document reader.
There is room to enhance the Coast Guard’s security requirements, but this expected IT buy is "a good sign" for the federal acquisition process, said Warren Suss, a government telecommunications analyst. "In recent years, the security cops have really stood in the way, by being absolute, looking for the 100 percent security."
Now, civilian agencies, and even the Pentagon, are deploying “mobile device management” systems to reduce the risk government-issued consumer electronics will compromise agency networks or leak information.
The Coast Guard is probably considering, “How likely is it that these maps either could get in the wrong hands or could be changed or compromised, and how do you weigh that against the potential benefits of giving these fliers a better solution for getting their geographic information? I believe that is a legitimate tradeoff,” Suss said.
During potentially four years of use, the app will support between 200 and 1,100 iPads, according to the contract documents.
The tool, described as "critical to USCG aviation's operation requirements," will feed the service's personnel terminal instrument approach procedures, arrival and departure instructions, and en route navigational charts, officials said. Like a consumer iPad app, it must understand finger gestures, such as pinch-to-zoom, as well as incorporate "night settings" for easy viewing during operations in the dark.