As the Independence class Littoral Combat Ship USS Manchester plied the waters of the West Pacific in 2023, it had a totally unauthorized Starlink satellite internet antenna secretly installed on top of the ship by its gold crew’s chiefs. That antenna and associated WiFi network were set up without the knowledge of the ship’s captain, according to a fantastic Navy Times story about this absolutely bizarre scheme. It presented such a huge security risk, violating the basic tenets of operational security and cyber hygiene, that it is hard to believe.
It was all so that the chiefs on the ship’s ‘gold crew’ (the LCS alternates between two crews) could check sports scores, text home, and stream movies, investigators learned, according to Navy Times. However, that required a conspiracy involving gathering funds, purchasing the service, and installing the antenna on the 0-5 weatherdeck where it couldn’t easily be seen.
The chief who set up the WiFi network, dubbed “STINKY,” definitely knew better. Then-Command Senior Chief Grisel Marrero’s “background is in Navy intelligence, and she earned a master’s degree in business administration with a concentration in information security and digital management, according to her biography,” Navy Times noted. She was later convicted at court-martial earlier this year on charges related to the scheme.
“The installation and usage of Starlink, without the approval of higher headquarters, poses a serious risk to mission, operational security, and information security,” according to a scathing Navy investigation into the matter obtained by Navy Times. “The danger such systems pose to the crew, the ship, and the Navy cannot be understated.”
The Manchester chiefs’ Starlink network was “a direct violation of emissions control regulations on board a ship,” Jerry Hendrix, a retired Navy captain and Senior Fellow at the Sagamore Institute explained to The War Zone. “As such you could present a critical vulnerability in that it would make the ship more detectable by offboard sensors.”
Having a clandestine communications system onboard could have served as a beacon for adversary signals intelligence collectors, potentially allowing them to pinpoint the Manchester’s location. It could also have served as a portal for cyber attacks and as a vacuum for unsecured data transmitted over the network. Even seemingly mundane personal information about military service members unrelated to their work can be of great interest to foreign intelligence services for various malign purposes. For instance, in 2017, reports emerged that U.S. military personnel had seen their personal cell phones hacked into as part of an apparent Russian campaign to not only surveil their activities, but also just harass them and their families.
Beyond that, the surreptitious internet network caused “a problem with morale in that the chiefs created a special privilege for themselves, which undermines good order and discipline,” the Sagamore Institute’s Hendrix added.
The revelations about USS Manchester’s unauthorized Starlink setup comes as the Navy continues to grapple with the challenge of providing persistent, but secure high-speed internet capabilities that serve both mission and morale-boosting purposes. Those are critical functions for ships deployed over vast distances often for long periods.
As The War Zone just reported last month, Starlink and other commercial satellite internet networks, supported by approved backend systems, are increasingly in use within the U.S. Navy after years of relying heavily on ad-hoc networks to provide added connectivity at sea.
One specific architecture, called Sailor Edge Afloat and Ashore (SEA2), which originally began as an ad-hoc effort aboard the Nimitz class aircraft carrier USS Abraham Lincoln, has now become a model for expanding this capability across the Navy’s fleets. SEA2 “is on the cusp of being available on every Navy ship and more shore sites,” according to a recent news item from the Naval Information Warfare Systems Command (NAVWAR), which was interestingly after we published our initial story.
SEA2 was seen as a way to improve on the Navy’s 30-year reliance on the Defense Department’s satellites for communications. The resulting lack of coverage, as opposed to constellations like those belonging to Starklink, proved problematic.
“These six satellites were roughly 22,300 miles away in geostationary orbit and provided a footprint on Earth the size of a hemisphere, resulting in slow data rates as the signal traveled up to the satellite and back down to its final destination,” the NAVWAR item pointed out.
As noted, Navy ships have also relied on a patchwork of commercial internet links, sometimes using local networks during port visits. However, the service’s top information warfare command says these “previous internet solutions had no full authority to operate and were only tolerated.”
“The need for increased connectivity was exacerbated by the COVID-19 pandemic shutdown in March 2020 when ships were unable to perform port calls due to country restrictions, thus severing their connection to the rest of the world,” the now-deleted Navy item stated. “Better and more reliable Internet access would mitigate the issues that arise from less frequent interactions with external sources.”
The Navy’s SEA2 program is a step in that direction. It provides internet services transferring several terabytes of data that helped the Lincoln order spare parts and manage maintenance. It also allowed sailors to watch the Super Bowl via live stream. It is important to note that satellite television, including sportscasts, which are a major morale boost, has been available on Navy ships for decades now, but continues to offer a very limited selection of programming at any one time.
A U.S. military-specific Starlink offering is also in increasing use across America’s armed forces, including for potential tactical applications. Other navies elsewhere around the world are also looking to add increased internet connectivity to their ships, especially for morale-related purposes. SpaceX’s satellite internet service has already come to dominate the market in the commercial maritime domain.
In The War Zone‘s previous reporting on SEA2 and related developments, we noted that even approved commercial internet links wouldn’t used under stringent emissions control conditions or when heightened cyber-hardening is required, and highlighted other potential operational and cyber security concerns. As of June, the Navy had not authorized SEA2 for use with classified data, according to the Federal News Network. The service has since said that it has received a first-of-its-kind cybersecurity certification for the architecture, but it is unclear if this means it can now be used to send and receive classified information.
By turning their quarters into de facto internet cafes, Marrero and other chiefs aboard the Manchester ignored those concerns entirely. The actual damage of their actions is unclear. We’ve reached out to the Navy to find out more.
Regardless, that a ship’s leaders – especially one trained in information security and digital management – would set up a system that could put their vessel and crewmates at risk is almost beyond belief.
Contact the author: howard@thewarzone.com