Bugged by Nukes, Nuked by Bugs?
Special to washingtonpost.com
Monday, Dec. 21, 1998
Nuclear war and Y2K. For the apocalyptic set, the marriage is so compelling, distraught citizens are starting to dig bunkers and stockpile food.
The panic would be just another American UFO oddity were it not for the view of the national security leadership.
CIA director George Tenet warned recently that the Year 2000 rollover "provides all kinds of opportunities" for attacks on the United States. Deputy Secretary of Defense John Hamre has discussed the possibility of the need for martial law.
Air Force Lt. Gen. Kenneth Minihan, director of the National Security Agency, told a Senate panel this summer that Y2K is part of an information war the Pentagon is already fighting: "Peace, as we've traditionally thought of it in the industrial era, really doesn't exist," he said. "Like our body's immune system... we're just constantly under attack" from those seeking to exploit computer vulnerabilities.
No wonder the news media have taken to reporting that the millennium bug is sure to trigger a nuclear attack because malfunctioning computers and panicked Russian officers will suspect an American first strike.
No one really does know what will happen after the clock strikes midnight on December 31, 1999. Computer programmers for decades have saved memory by using only the last two digits of years: thus 1998 is written "98." Because of this widespread practice, difficulties are expected to arise in the year 2000, when the year represented as "00" may prove indistinguishable to the computer from the year 1900. An associated calendar anomaly is the fact that 2000 is also a leap year, unlike other century dates.
Some predict that failures in operations of computer-dependent networks, such as electric power grids or air traffic control systems, will surely follow the rollover. More likely will be an accumulation of insidious errors relating to computer arithmetic, comparisons, database sorting, password systems, audit trails, and input/output to files and messages.
With the largest number of government computer systems, the Pentagon has been in the lead on Y2K. This is not just looking over its shoulder to prepare for attacks and system failures that most certainly will occur outside of the controlled U.S. orbit. The Pentagon is also scrambling to meet the no-kidding deadline of fixing its own systems.
The Defense Department has more than 25,000 such systems and networks. Of that number, some 3,700 are deemed "mission critical." "If they do not function," says Hamre, "there will be a serious loss of capability."
The Deputy Secretary calls Y2K the El Nino of cyberspace.
Defining the scope and threat of the Year 2000 problem is proving quite difficult. Hamre's own Inspector General questions the definitions and numbers of mission critical systems. More than half of these, according to a February IG report, belong to the intelligence agencies. The National Security Agency and Defense Intelligence Agency together report 1,682 mission critical systems (45 percent of the Pentagon total). The number includes everything they own. The Army by contrast labels 367 of its 13,687 systems mission critical.
If NSA's monitoring of the airwaves goes down for a few hours or days, it is unlikely to be the end of the world. It is the "warfighting" capabilities of the Joint Chiefs of Staff (JCS) and the unified commands, specifically those command and control systems that direct and regulate U.S. military forces, that are truly mission critical.
The JCS closely monitors the status of these operational systems through its Year 2000 Challenge data file, a Microsoft Excel spreadsheet that tracks the status and progress of fixing Y2K difficulties. This data file includes 205 systems, half of which belong to U.S. Strategic Command (STRATCOM), which is responsible for nuclear forces. Similar to NSA and DIA, STRATCOM applies the kitchen sink selection approach to defining mission critical.
Take two systems: the Emergency Action Message Generator (EAMGEN) and the Census Bureau/Urban Polygons (CBURP) database. EAMGEN is a DOS-based Ada program used in command centers to decode Presidential authorization to fire nuclear weapons. CBURP is a program that provides the capability to merge Census Bureau data on Russian demographics with intelligence data on urban concentrations, called polygons, to allow estimates of civilian casualties in a nuclear war. Lose one and admittedly it's digital doomsday, lose the other and who cares.
Hamre and STRATCOM officials maintain that all systems required for nuclear command and control are Y2K compliant. Still there have been numerous reports in recent weeks that Pentagon progress towards resolution of Year 2000 problems has been exaggerated. The House Government Reform and Oversight Committee gave the Department a D-minus grade last month.
With the criticism has come a growing bunker mentality to classify more information about the status of the military's programs. The new secrecy not only hides the true status of the fixes and problems, but also adds to public apprehension and alarm.
William M. Arkin, author of "The U.S. Military Online," is a leading expert on national security and the Internet. He lectures and writes on nuclear weapons, military matters and information warfare. An Army intelligence analyst from 1974-1978, Arkin currently consults for Washingtonpost.Newsweek Interactive, MSNBC and the Natural Resources Defense Council.
© Copyright 1998 The Washington Post Company