In June this year, the South Korean Aerospace Industries scrambled its intelligence upon learning that Seoul’s Defense Acquisition Programme Administration reported a cyberbreach.
It was widely reported that the South Korea’s government-owned aerospace company had requested local authorities to investigate a possible hacking incident of North Korean origin. The breach is suspected to have taken place around the same time the Korea Atomic Energy Research Institute was hacked.
The heightened concern was that it is “highly likely” that the blueprints for the country’s new KF-21 “Hawk” indigenous fighter was stolen during the cyberattack.
The breach has raised an alarm if the integrity of the avionics system of South Korea’s KF-21, the first indigenous fighter to replace aging F-4 and F-5 fighters, may have been breached, or compromised.
This immediately brings into question whether the cybersecurity breach is also linked to the Light Combat Aircraft – the FA-50 Golden Eagle – manufactured by Korea Aerospace Industries (KAI) which is making a strong bid for the supply of 18 LCAs invited by the Royal Malaysia Air Force. KAI has submitted FA-50 under the international tender to supply RMAF which invited bids for the supply of 18 units of Light Combat Aircraft.
Alarm bells should be ringing loud at the RMAF especially as sources say the evaluation of the six bids are on “Paper” only. And the Koreans scored the highest! It must be remembered that Malaysia and North Korea had a serious diplomatic row recently related to the assassination of the stepbrother of the supreme leader and extradition of a North Korean citizen to the United States. Any evaluation of purchase of a nation’s security assets must take into account the potential cyberattacks that will occur in this digital and tech-driven world.
Five other manufacturers, including Turkey Aerospace Industries with its Hürjet, China National Aero-Technology Import & Export Corp (Catic), submitting its L-15 fighter jet while Italy’s Leonardo is offering its M-346 jet and India’s Hindustan Aeronautics Ltd has offered its Tejas fighter are vying for the contract. A local company, Aerospace Technology Systems Corp Sdn Bhd has also thrown in its bid by offering Russian-made MIG35 fighters.
According to Korean Yonhap news agency, KAI suffered hacking attempts in June, and many documents are believed to have been leaked, possibly including sensitive data on major projects, sources said Wednesday.
KAI’s system appeared to have been hacked twice this year by unidentified entities, and “a large quantity of documents” seems to have been leaked, according to the sources.
The report said breached data might include sensitive information about major defense items, such as the KF-21 indigenous fighter jet, FA-50 light combat aircraft, unmanned aircraft, and radar.
Advanced avionics system integrates the OODA (Observe, Orient, Decide, Act) loop is the fundamental basis of any C4I (Command, Control, Communication, Computers, and Intelligence) making it feasible to implement AI at various points in this concept.
When such avionic system is breached, not only is the efficacy or the robustness of the hardware compromised but it throws wide open the question of agility of the aircraft which wins its battle even before it takes to the air.
A data breach or if a malicious code can alter the avionics system can lead to disruptive consequences including potentially altering the flight path of the aircraft or completely disabling the system and rendering the hardware inoperable.
Malaysia, and its defence establishment especially the RMAF, has to be careful not to discount the clear and present threat of China and North Korea’s cyberattacks to the security of the ASEAN nations.
The Burke Chair at CSIS is publishing a report by an affiliate of the organization. Dr. Zo…