The Washington Post reports:
In January 1982, President Ronald Reagan approved a CIA plan to sabotage the economy of the Soviet Union through covert transfers of technology that contained hidden malfunctions, including software that later triggered a huge explosion in a Siberian natural gas pipeline, according to a new memoir by a Reagan White House official.
Thomas C. Reed, a former Air Force secretary who was serving in the National Security Council at the time, describes the episode in “At the Abyss: An Insider’s History of the Cold War,” to be published next month by Ballantine Books. Reed writes that the pipeline explosion was just one example of “cold-eyed economic warfare” against the Soviet Union that the CIA carried out under Director William J. Casey during the final years of the Cold War.
At the time, the United States was attempting to block Western Europe from importing Soviet natural gas. There were also signs that the Soviets were trying to steal a wide variety of Western technology. Then, a KGB insider revealed the specific shopping list and the CIA slipped the flawed software to the Soviets in a way they would not detect it.
“In order to disrupt the Soviet gas supply, its hard currency earnings from the West, and the internal Russian economy, the pipeline software that was to run the pumps, turbines, and valves was programmed to go haywire, after a decent interval, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to pipeline joints and welds,” Reed writes. . . .
“While there were no physical casualties from the pipeline explosion, there was significant damage to the Soviet economy,” he writes. “Its ultimate bankruptcy, not a bloody battle or nuclear exchange, is what brought the Cold War to an end. In time the Soviets came to understand that they had been stealing bogus technology, but now what were they to do? By implication, every cell of the Soviet leviathan might be infected. They had no way of knowing which equipment was sound, which was bogus. All was suspect, which was the intended endgame for the entire operation.”
Reed said he obtained CIA approval to publish details about the operation. . . .
That should be a reminder, I think, that someone might well be doing something similar to us, though we buy software rather than copying it. It could be someone in the U.S. or outside it, someone employed by U.S. companies (here or abroad) or someone employed by foreign companies who are selling software to us. I don’t know what the solution would be: intensive source code review within U.S. companies, a shift to open source (I’m skeptical of the ultimate economic viability of open source, but lower exposure to such hidden bombs is one of open source’s likely pluses), refusal on the part of the U.S. govenrment and many U.S. businesses to buy software unless the source code is disclosed and thoroughly vetted (something that would be tremendously expensive), or something else. But this definitely does seem like a potentially serious security problem.
Thanks to Mitch Sklar for the pointer.
Comments are closed.