A hacker explains why US nukes controlled by ancient computers is actually a good thing

Advertisement

A new government report on Wednesday revealed that America's nukes are still being controlled by antique computers with 8-inch floppy disks, but a former white hat hacker says that's not necessarily a bad thing.

Advertisement

"The biggest security issue here isn't that the computer is 40 years old, but rather the quality of the lock on the door where the computer is housed," Cris Thomas, a strategist for Tenable Network Security, said in a statement.

Thomas, known in hacker circles by his pseudonym Space Rogue, was one of the founding members of the legendary hacker collective L0pht. The group famously testified to the US Senate in 1998 that it could take down the Internet in 30 minutes.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

Interestingly, the nuclear arsenal running on decades-old computers with floppy disks makes it incredibly difficult to hack, a fact that some in the Air Force actually used as an example of why upgrading isn't really necessary.

Thomas said that the IBM Series/1 computer the Pentagon is using to control nukes is most likely air-gapped - meaning it's not connected to the Internet or a network that would give remote access - so a hacker would need to be sitting at the terminal to actually do any damage.

Advertisement

He also said the machines are "notoriously reliable" and he wasn't surprised they was still being used.

"As long as they can make regular copies of the software on the 8 inch floppy's so that they don't degrade, and they have a ready supply of spare parts and new floppies, there's no reason why the system wouldn't last another 40 years," he said.

There is a caveat: While an outdated machine would make it hard for hackers, it also makes it hard to fix things if something goes wrong, since the coding languages it uses are aging as well. Less programmers are around that even know COBOL or FORTRAN, he explained.

Regardless, the report noted that the DoD plans to update "data storage solutions, port expansion processors, portable terminals, and desktop terminals by the end of fiscal year 2017."

NOW WATCH: A hacker reveals the easiest way to come up with a strong password that's easy to remember

Next Story27 things you didn't know your iPhone could do