Future US Navy Accident Investigations Will Look for Cyber Attacks

By Bradley Peniston and Joseph Marks

September 14, 2017

Rampant internet speculation aside, there’s no evidence yet that any hostile electronic breach led to recent U.S. Navy mishaps, according to the admiral who leads the service’s cyber operations.

In fact, it was mostly to put such speculation to rest that Vice Adm. Jan Tighe said she dispatched a small team to join the Navy’s investigation into the Aug. 21 collision of the USS McCain with a cargo ship off Singapore. That accident followed a similar June 17 incident involving another destroyer, the USS Fitzgerald.

There was no indication in either account that cyber had anything to do with either of these, so we put the team onto McCain to go confirm that,” said Tighe, whose dual titles are deputy chief of naval operations for information warfare, and director of naval intelligence. She spoke Tuesday at the Center for Strategic and International Studies.

Tighe’s team is still sifting through cyber data they recovered. So far, they have turned up nothing suspicious aboard McCain, so she hasn’t sent a similar group to the other destroyer, Tighe said.

We have all the data from Fitzgerald. If anything is found, we can go back and take a look at that. But that’s where we are today,” she said.

Tighe said there’s no particular schedule for the team to complete its work.

Quite frankly, with respect to McCain, this is a ‘first of.’ We have a really hard time predicting a timeline,” she said. “It rather depends on what and if we find anything that looks suspicious and what and how we will go about determining whether it is, actually, suspicious or not. So, it could be weeks. It could be months. I don’t think it’s years.”

But that’s part of the point. As Tighe’s investigators sniff around for evidence of meddling, they are trying to figure out where to look, whom to talk to, what angles to consider, and more. They are, in fact, pioneering a new kind of inquiry for the Navy.

Codifying how we will do these types of mishap investigations to account for a cyber component going forward is where we will learn from the results of the McCain investigation,” she said. Eventually, the Navy will “make it part of the normal process of how we do mishap investigations.”

By Bradley Peniston and Joseph Marks // Bradley Peniston is deputy editor of Defense One. A national security journalist for two decades, he helped launch Military.com, served as managing editor of Defense News, and was editor of Armed Forces Journal. His books include No Higher Honor: Saving the USS Samuel B. Roberts in the Persian Gulf, now part of the Chief of Naval Operations' Professional Reading Program. // Joseph Marks covers cybersecurity for Nextgov. He previously covered cybersecurity for Politico, intellectual property for Bloomberg BNA and federal litigation for Law360. He covered government technology for Nextgov during an earlier stint at the publication and began his career at Midwestern newspapers covering everything under the sun. He holds a bachelor’s degree in English from the University of Wisconsin in Madison and a master’s in international affairs from Georgetown University.

September 14, 2017