For the first time Patriot missiles stationed in Germany hacked by unknown hackers

Hacked by unknown hackers, Patriot missiles carry out unexplained commands

A missile system in Germany placed on the Turkish-Syrian border was allegedly hacked by a “foreign source” and carried out “unexplained commands”.

According to German civil service magazine Behörden Spiegel, the Patriot missiles placed on the Turkish side of the border under the Nato pact, were taken over by an unidentified hacker for a short period.

The magazine does not reveal information regarding what these orders were or when they were carried out. However, it indirectly hints that hackers may have obtained access to the missile system through a computer chip which shows directions to the missiles, or through a real-time information exchange which lets the missiles to share information with their control system.

Such a hack could cause the battery to fail in interrupting incoming missiles or even shooting at an unapproved target say experts.

When German newspaper Die Welt contacted the German Federal Ministry of Defence, a spokesman has since declined the accusations stating that there is no proof of such a hack taking place.

Since 1984, Patriot missiles have been in US army service and they were first used in operation in the 1991 Gulf War.

Recently, Germany announced that it would be using several billion euros to change its Patriot system with a next-generation missile system designed by the US and Italy. The replacement is due to be finished by 2025.

The missile system has been placed on the Syrian border for two years following which Turkey requested its Nato partners for support taking into account the Syrian civil war, which is still violent on the other side of Turkey’s border.

Bundeswehr, the German army own the missiles and operate them. The battery is composed of two radars and six launchers, according to Die Welt.

A cybersecurity expert at defence think tank RUSI, Ewan Lawson says that due to security reasons, hacks of military missile systems that are more common go unreported. Only nation-states would have the power to hack such a system, he says.

“This is unlikely to have been a fortunate amateur hacker. If it has happened it would have been a focused effort on behalf of someone,” says Lawson.

He mentioned the US, China, the UK, Russia, Israel and possibly Iran as the only nations with the power to gain access to a stand-alone missile battery. However, he adds that the Patriot technology needs to be upgraded, as it is old.

The media report states two potential reasons for gaining access to the system: to steal sensitive data from the system or to operate the missiles remotely.

Caroline Baylon, a cybersecurity research associate at Chatham House, says the results of such a hack could be destructive.

“You could imagine the missile not launching in response to incoming missiles that it’s supposed to defend against, you could imagine it launching at the wrong target,” says Baylon. “Missile systems have the same vulnerabilities that exist in critical infrastructure.”

There are rare reports of cyber attacks on industrial or military. Germany last year experienced a damaging cyber attack when the control systems of a steel mill that was not named was hacked, which lead the parts of the plant to fail and the blast furnace could not be shut down correctly.

The Stuxnet worm is the most famous example of such a cyber attack, where the centrifuges in Iranian nuclear power plants were disabled and Tehran put the blame on the US and Israel.