Oftentimes in the military, the adage “if it ain’t broke, don’t fix it,” becomes hard to argue. And in a world where threat actors from enemy nation states probe for any and every weakness, replacing a system that has been glitch and breach free for decades is a tough ask. So it is with the U.S. military’s decision to shift its Strategic Automated Command and Control System (SACCS) from 1970s tech to something more contemporary. As reported by defense news site C4isrnet, the highly secure U.S. military messaging services has finally “dumped the floppy disk.”
The SACCS messaging system has been used with the Minuteman intercontinental ballistic missile (ICBM) system, the land-based nuclear option operated by the U.S. Air Force Global Strike Command. It is a network of hidden underground missile silos connected by endless secure cabling. All of which has been controlled by a 1970s computer system and those disks. “This is how we would conduct nuclear war,” one senior USAF operator explains, “on eight-inch floppy disks.”
It has not been an easy decision. As Lt. Col. Jason Rossi, who commands the Air Force’s 595th Strategic Communications Squadron and oversees the system explained, “you can’t hack something that doesn’t have an IP address. It’s a very unique system—it is old and it is very good.” In the era of default connectivity, you can see the point. And while the military relies on gapped networks, there is no better security than something tried and tested, that cannot be networked or electronically compromised.
There is also a fundamental difference between the mechanical tech of the 1970s and the black-boxed components of today—the entire skillset and concept of operations of the unit will change. Ageing legacy systems develop an ecosystem of mechanics and operators that maintain uptime through experience. But that’s not how modern tech works. “I have guys in here who have circuits, diodes, and resisters memorized,” Rossi explained. “These guys have been doing it for so long, when the parts come in, they can tell you what’s wrong just based on a fault code or something. That level of expertise is very hard to replace. It’s not sexy work. It’s soldering irons and micro-miniature microscopes.”
And that’s part of the problem. The new cadre of military engineers “are young and less-experienced—many come from the ‘cyber transport’ career field, meaning that they are trained to manage modern IT infrastructure, not antiquated systems like SACCS that require maintainers to learn skills like how to solder metal.” And that has meant a reliance on civilian engineers in the past, it’s an approach that’s now likely to change as a more contemporary secure messaging service in put in place.
“Unfortunately a lot of the newer electronics are plug and play,” according to one SACCS engineer cited by C4isrnet. With the legacy system everything can be repaired, engineered. A sharp contrast with newer systems, where components tend to be ripped and replaced when they go down. “The challenges get a little larger when we’re actually repairing them down to component level.”
The floppy disk system featured on an episode of 60 Minutes in 2014, during which one of the operators of the system delighted in the surprise of introducing the archaic tech: “The equipment is ancient—this is one of the computers that would receive a launch order from the president. It uses floppy disks. The really old, big ones.”
A report on the need to address legacy systems put to Congress in 2016, highlighted this system as one materially overdue an upgrade. The Strategic Automated Command and Control System, the report said, “coordinates the operational functions of U.S. nuclear forces, such as intercontinental ballistic missiles, nuclear bombers, and tanker support aircrafts. This system runs on an IBM Series/1 Computer—a 1970s computing system—and uses 8-inch floppy disks.”
The next step, the U.S. Government Accountability Office reported, was “updated data storage solutions, port expansion processors, portable terminals, and desktop terminals.” All of which was scheduled for deployment by 2017. It’s unclear whether that timeline was met, in part or in full. But clearly now the system is being replaced. C4isrnet reports that the disks were retired in June.
It has not been easy “maintaining an IT system that dates from the same era as disco,” C4isrnet says in its report. But it’s a system that has been effective. While stopping short of claiming the 1970’s system has been “hacker proof,” its operators laud the lack of modern components and networking as the reason it has been significantly hardened to attack when compared to modern-day equivalents.
As ever with such upgrade programs, there will be a focus now on ensuring any changes are phased—especially given the criticality of the environment within which they’re being deployed. With the changing shape and accelerating pace of cyber warfare, fuelled by Russia and China’s standoff with the U.S., any vulnerabilities that open up could be disastrous. There’s a reason SACCS has survived this long.