Cyber security risks in $17bn F-35 system
Defence has acknowledged that a logistics system in the 72 Joint Strike Fighters could create a ‘risk of cyber intrusion and data loss’.
Defence has acknowledged that a logistics system in the 72 Joint Strike Fighters being purchased by Australia for $17bn could create a “risk of cyber intrusion and data loss”.
In answers to questions from Labor senator Kimberley Kitching, the department said the Autonomic Logistics Information Systems had “several developmental challenges” but the cyber risks were being managed.
The ALIS is responsible for maintenance management, fault diagnostics, supply support, mission planning and training management across the F-35 system.
Defence noted the system was connected to US commercial networks to support Lockheed Martin’s “Global Support Solution” that will help sustain the JSF aircraft. The GSS is aimed at having all international participants in the international JSF program share sustainment agreements, including information on maintenance, training, engineering and spare parts.
In its response to questions from Senator Kitching, Defence conceded the arrangement also posed risks. “ALIS’s connection to Lockheed Martin US introduces a risk of sensitive Australian information loss, such as sovereign capability information and personally identifiable information,” Defence said. “Additionally, the connection to Lockheed Martin US creates a risk of cyber intrusion and data loss to Australian ALIS and indirectly to the Single Information Environment through connectivity to ALIS.”
Defence said the risks were being addressed through development of a sovereign data management capability being co-developed with Britain that “acts as a controlled gateway between Australian ALIS and Lockheed Martin US”.
RAAF Base Williamtown is being used to test the new sovereign data capability, with the new capability to be installed on the ALIS in coming months.
Until the capability is installed, Defence said “additional controls and limitations” had been put in place to manage any cyber security and sovereign data risks.
Australia has purchased 72 F-35A Joint Strike Fighters to replace the RAAF’s ageing Hornet aircraft and strengthen air combat capability.
An Australian National Audit Office report found in December 2018 that preparations to date for the introduction and sustainment of the JSF aircraft into Australian service had been effective “with the exception of arrangements for sustainment of JSF aircraft under the GSS”.
Add your comment to this story
Nation aware of rising risk: Marles
Australians are fundamentally aware of the strategic risks the country faces as a result of rapidly changing global circumstances and the need for the government to focus on national security, Richard Marles said.
Defence bases ‘vulnerable’ to drone attack
Australia’s warships and fighters jets would be helpless if an enemy smuggled armed drones into Australia to conduct a Ukraine style drone attack on Australian military bases, experts say.
To join the conversation, please log in. Don't have an account? Register
Join the conversation, you are commenting as Logout