• ExotiqueMatter@lemmygrad.ml
    link
    fedilink
    arrow-up
    8
    ·
    edit-2
    2 days ago

    Chinese state-sponsored hackers have exploited vulnerabilities in Microsoft software to breach sensitive systems around the world, including those of the U.S. government agency that oversees nuclear weapons

    I’m picturing some American general about to order a nuke strike when just as he reaches for the controls his WindowsTM control panel choose that moment to auto-update and reboot.

  • barrbaric [he/him]@hexbear.net
    link
    fedilink
    English
    arrow-up
    48
    ·
    3 days ago

    All the control systems that actually launch the nukes are air-gapped and cannot be hacked by typical methods. They only stopped using floppy disks in 2019. This is just saying that some DoE offices got hacked, which really means nothing.

    You’d need something like a stuxnet-level worm, and even then, I can guarantee you that those consoles are secure enough that nobody is going to plug a random USB stick they found in a parking lot into them. Further, nobody would reveal that news, either China or the US, because you wouldn’t tell your enemy that either you broke their MAD abilities or that they broke your MAD abilities.

    • Xavienth@lemmygrad.ml
      link
      fedilink
      arrow-up
      15
      ·
      3 days ago

      Doesn’t the UK have submarines that literally are supposed to fire nukes if they can’t contact home base when they surface (which can be months between surfacing)?

      I wonder if the US has the same. If so, yeah you can’t kneecap that with hackers.

      • Horse {they/them}@lemmygrad.ml
        link
        fedilink
        English
        arrow-up
        6
        ·
        2 days ago

        Doesn’t the UK have submarines that literally are supposed to fire nukes if they can’t contact home base when they surface (which can be months between surfacing)?

        when a new prime minister comes in, they write a letter that contains their orders for if this happens, there were(?) three options:

        • Launch your nukes
        • Sail to the nearest allied nation and place yourself at their disposal (usa or australia)
        • Use your own discretion (“you’re on your own lmao”)

        the letter is then sealed and placed in the sub commanders safe, to be opened only when it happens

      • barrbaric [he/him]@hexbear.net
        link
        fedilink
        English
        arrow-up
        14
        ·
        edit-2
        3 days ago

        Yep, they’re part of the nuclear triad, which consists of land-based ICBMs, submarine-based missiles, and aircraft carrying nuclear bombs.

    • Maeve@lemmygrad.ml
      link
      fedilink
      arrow-up
      11
      ·
      3 days ago

      It seems a while back I read something about POC about exploitation of airgapped systems without physical access, but can’t remember how.

      • barrbaric [he/him]@hexbear.net
        link
        fedilink
        English
        arrow-up
        19
        ·
        3 days ago

        I feel like it’s certainly possible, you do occasionally hear stories of outlandish hacks. That said, I’d say it’s not very likely, and for it to actually matter they’d have to simultaneously hit not only every US missile launch site, but also every nuclear sub and bomber.

  • IHave69XiBucks@lemmygrad.ml
    link
    fedilink
    arrow-up
    35
    ·
    3 days ago

    For over a decade, Microsoft had been funneling work through American “digital escorts” — low-pay workers with security clearances but often possessing limited technical expertise — who input commands from more skilled China-based engineers into U.S. Department of Defense networks, a recent ProPublica investigation found. Microsoft announced on July 18 that it would halt the practice after national security and cybersecurity experts raised concerns that these engineers could gain access to sensitive government data.

    This is fucking pathetic. Americans are so dumb they have to sit there and ask Chinese engineers to guide them step by step in how to do their jobs every day.