MIT, Gulen, and the Chinese Missile Defense Deal: Questions about Cyber Security

Burak Bekdil is reporting that some Turkish companies have grown wary about Ankara’s interest in China’s HQ-9 missile defense system. Turkey selected China Precision Machinery Import-Export Corporation (CPMIEC) for the T-LORAMIDs tender in September 2013. CPMIEC is under US sanctions, which means that any Turkish sub-contractor who works with the company on development of a “Turkish” HQ-9 runs the risk of being sanctioned. To be honest, I don’t believe that the US Treasury will sanction a Turkish company, should the deal continue. However, I do believe that US firms will simply choose to not work with Turkey’s SSM, over concerns that they could be sanctioned. 

Bekdil alludes to this in his story. He writes:

An industry source familiar with the program, dubbed T-LORAMIDS, said some of the Turkish companies that would be subcontracted for the air defense system are skeptical about potential corporate consequences because CPMIEC is on a U.S. list of companies that are sanctioned under the Iran, North Korea and Syria Nonproliferation Act. “Aselsan is especially increasingly cautious,” he said. Military electronics specialist Aselsan, Turkey’s biggest defense firm, has been designated as the program’s prime local subcontractor. The industry source also said several unexpected technical snags had emerged during contract negotiations with CPMIEC. But he did not go into the details, citing military secrecy.

I assume that the “unexpected technical snags” have to do with the fact that NATO will not allow for the system to be made interoperable with its current – and future – missile defense system. 

Turkish officials claim that it will design its own software to ensure interoperability. This explanation simply isn’t credible. If Turkey does opt to go forward with its purchase and co-production of the HQ-9, it will do so knowing that the system will not be interoperable – and by that I mean it will not be able to rely on the sensors/battle management software being deployed as part of the European Phased Adaptive Approach – with Europe’s future missile field. 

NATO officials have also expressed concerns about cyber security. And here is where I think the current Gulen tape saga directly impacts the missile defense decision, as well as broader cyber security issues in Turkey.

As part of his analysis of one of the recordings, Joshua Marpet, the Managing Principal of Guarded Risk, wrote:

The recordings have one thing in common that is interesting in this context.  The younger man on the calls is loud, clear, almost overpowering the microphone on the phone.  The older gentleman’s voice isquieter, and a bit fuzzier, or “pixilated”. While the reasons for this are not known, some can be supposed… On the other hand, if the younger gentleman’s phone was bugged, then the loudness of his voice could be explained by the physical nearness of it.  He would be speaking directly into the bug, while the older gentleman would be received through the phone circuitry, adding fuzziness and lowering the volume.  Realize that the “bug” could be a software program, a piece of malware, rather than a physical bug.

Regardless of the “how,” it is hard to believe that the Cemaat was able to tap the phone of the Prime Minister and record hours of his private telephone calls for such a long period of time. One would presume that MIT sweeps his office/electronics for bugs. If they do, then they missed the bug/malware. If they don’t, then what does that say about cyber security practices in Turkey? In both cases, the MIT’s ability to detect a potential cyber threat appears lacking.

The Cemaat has proven themselves to be – well – not really adept at fabricating digital evidence. So, I have to ask: if the Cemaat can tap the phone of the Prime Minister for years without detection, what could a serious state attacker, like China, do? 

The Christian Science Monitor, for example, reported on a new report about the US/Israeli cyber attack known as Stuxnet. According to the report:

A new thesis about that, to be outlined Tuesday at a security conference in San Francisco, points to a vulnerability in the Iranian facility’s supply chain … As early as 2004, US intelligence agencies identified an Iranian company, NEDA Industrial Group, that had oversight of the Natanz facility’s computerized industrial control systems, says the Critical Intelligence report, citing documents gleaned from federal court cases, leaked State Department cables, and nuclear proliferation reports …  Sometime around 2008, computerized industrial control system equipment bound for Iran was intercepted, and Stuxnet or other malware was installed on it before it was sent on its way, McBride posits. His thesis runs contrary to prevailing theories that a spy used a memory stick, or “thumb drive,” to introduce Stuxnet into the network. Rather, NEDA engineers unwittingly installed infected work stations or other equipment, which then proceeded to infect all of Natanz’s systems 

The theory posited sheds some interesting light on the potential vulnerability Turkey will face, should they decide to coproduce a Chinese missile defense system. Despite claims to the contrary, many components of the missile system will be produced outside of Turkey. This, in turn, points to some vulnerabilities along the supply chain. Turkey, therefore, would have to detect the intrusion once the system is assembled. I assume that this task would fall to MIT, or the contractor[s] working the project. Given what we know about the recordings, this may prove more difficult than most had originally thought. 



About aaronstein1

I am an Istanbul based PhD Candidate a King's College London.
This entry was posted in Uncategorized and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s