The Lessons of the USS John S. McCain

Early Monday morning, the guided-missile destroyer, USS John S. McCain, collided with an oil tanker off the coast of Singapore. Initial reports indicate a “steering failure.” The fourth such accident involving a 7th Fleet warship this year, the collision occurred at the entrance to the Strait of Malacca — an extremely crowded 1.7-mile-wide waterway that connects the Indian Ocean and the South China Sea. Approximately 25 percent of global shipping transits the Strait annually.

Sadly, 10 American sailors are missing and presumed dead. The accident prompted the U.S. Navy to dismiss the fleet commander, Vice Adm. Joseph Aucoin, and order a rare, one-day operational pause, at the discretion of individual ship commanders, while they investigate the likely cause of the collision.

In an interview with the Navy, reporters asked if the McCain’s computer systems may have been compromised. Adm. Scott Swift, Commander of the U.S. Pacific Fleet, said that while there were "no indications of that as of yet ... we are not taking any consideration off the table and every scenario will be reviewed and investigated in detail."

Instead of GPS, the U.S. Navy uses encrypted signals for geolocation of its ships. While there has been no indication of a faulty satellite signal, one can’t help but wonder about a cyberattack. These ships are filled with sophisticated electrical components, many of them manufactured in foreign countries. Could they be vulnerable to hacking?

In a tweet, Chief of Naval Operations Adm. John Richardson, did not rule out cyber intrusion or sabotage as a cause of the fatal collision. “No indications right now ... but review will consider all possibilities.”  

It’s difficult comprehend how the McCain, a 505-feet long, 9,000-ton ship equipped with all manner of “cutting edge” detection and navigational devices was unable to avoid the merchant vessel Alnic MC, a 30,000-ton, 600-foot-long oil tanker flying a Liberian flag. Standard operating procedure when transiting a busy region like the Strait is to have a full-navigation team on duty with lookouts on every wing and extra people on radar. 

The likelihood of human error seems remote, particularly in light of what experts are referring to as the first known instance of GPS “spoofing,” or misdirection. On June 22 in the Black Sea, the shipboard navigation systems of 20 ships simultaneously reported the ship locations to be 20 miles (32 kilometers) inland. The dangerous aspect of spoofing is that a ship can be completely off-course while the navigational readout screens appear normal to anyone on duty. 

As bad as this latest collision was, it was mitigated by the quick reaction of the McCain’s crew on watch at the time. Imagine the result involving pilotless vessels. Which is an idea that shipping companies, incidentally, are working hard to implement: Beginning early next year, Norway will operate the world’s first "crewless" ship, with a carrying capacity for 100 to 150 cargo containers, along a 37-mile route with a limited crew. Their goal is to have the ship running fully autonomously by 2020.

It sounds like progress, but imagine a crewless cargo ship that could be hacked and used to ram others vessels. That's a horrifying thought. We live in the Age of Connectivity and the need for highly-skilled cyber warriors has never been more acute. Hackers are not coming after just our personnel information — they may now be coming after our lives.

About the Author — Calvin Harper is an associate editor for GoCertify and a veteran of the publishing industry. "Calvin" is not actually an automated content generator that functions beneath the surface of this writerless blog. As far as you know.