19 December 2009

The Phantom Menace: Attack of the Drone Watchers

Many milbloggers have been as shocked as I have been regarding the revelation that insurgent groups in Iraq and Afghanistan have the ability to view the live video footage from Unmanned Aerial Vehicles (UAVs) which patrol the skies of Iraq, Afghanistan, and hot spots all over the world.

(Editor's Note: Many use the word "Predator" and "Predator drone" to refer to virtually any model of Unmanned Aerial Vehicle. It's unknown whether or not the video feed from other UAV models, such as Hunters, Global Hawks, Ravens, etc. can also be received by insurgent groups)

Update: 12/21/09--Apparently, there are some limitations in the ability to intercept these feeds, the New York Times reports. Much of the data compromised occurred when troops with older-model computers attempted to view the video feeds directly. Newer laptops seem to make up for this. Additionally, the article reports that insurgents are only able to get video feeds from UAVs which are within a relatively close range--not from all over the theater, as I initially feared. Nevertheless, check the CBS news video (later in the post) regarding the British engineer who viewed footage all the way from Kosovo.

Most of that data is highly encrypted, and it has been critical to guiding attacks on the insurgents, often with missiles fired from the drones themselves or from helicopters...They said the vulnerable transmissions occurred when troops with older laptops or handheld controllers sought a direct feed from Predators and smaller surveillance drones, as well as from some conventionally piloted aircraft equipped for surveillance.

Direct video feeds to the troops have proliferated as the military tries to rush the latest intelligence to even the smallest units in the field, and they are expected to play an important role in Afghanistan.

But military officials added that the insurgents would need to be positioned close to the American troops to intercept the feeds.

They said the newest laptops received encrypted signals, just like all the major command centers that receive the main feeds from the largest drones. They said those transmissions had not been compromised.

The officials said they had also been adding encryption, which scrambles the video signal, and taking other steps to reduce the vulnerability of some of the older systems. “But that is a major undertaking, considering that we have hundreds of U.A.V.’s and hundreds more ground stations,” one official said.

Back to the original post:

A few points regarding this issue, and some great links and quotes from around the blogosphere and the mainstream media.

The first comes from Shaun Baker, an instructor at the US Naval Academy, who runs the blog Themistocles' Shade (with the URL "SonofNeocles.blogspot.com"--excellent). Shaun agrees with my not-so-creative title from a few days ago ("This is not Good"), but suggests that this issue may have a bit of a silver lining. Shaun proposes a few ingenious solutions including a modern-day version of Operation Fortitude, the grand deception plan launched by the US, Britain and Canada prior to the invasion of Normandy.

Build into the drones one or more bogus video streams, that creates some combination of unencrypted or encrypted data streams, all of which are available to the enemy, some showing terrain that the drone is not flying over, others being bona-fide video of terrain being traversed. The enemy becomes confused, the information useless.

This is a pretty interesting idea for areas like Iraq and Afghanistan, where insurgents are already well aware that American UAVs are overhead. Indeed, it would be interesting to see what sort of a deception campaign we could wage with false video footage.

On the other hand, one of the reasons that UAVs have become so popular (or unpopular if your name is Kilcullen or Exum) is because they can be easily launched in secret over countries in which we have little military presence at all, due to the fact that there's little liability in the event of a crash. Indeed, armed UAVs have killed al Qaeda operatives in Yemen in 2002. To have the people of Yemen, Somalia or any other potential hot spot pick up video from a UAV means that they then know for certain that the US is watching.

On to another great milblog, Building Peace. BP is written by a C-17 pilot and Olmsted Scholar studying in Amman, Jordan (who just recently had a new daughter). The author of Building Peace goes by the handle of "Reach 364". Reach writes:

This is what modern war is becoming. Just like in the business world (as I discussed in my review of Cory Doctorow's "Makes" this morning), the winners will be those who can innovate faster than their rivals.

How should we respond when the bad guys get inside our networks? I don't know anything about UAV data transmissions, but I think we should pay attention to the battles over hardware and Digital Rights Management (DRM) that some corporations are waging with their customers.

The WRONG answer is to spend millions of dollars and years of time creating a platform that is supposedly uncrackable, then sit back and congratulate ourselves. In a few weeks or months,
some 17 year old kid in his garage will crack it... just as they've cracked iPhones, Playstations, X-Boxes, cell phones, and now Nooks. We also don't want to lock down data so tight that it hurts our "customers": the people who use the technology. The music industry just about destroyed itself by suing, alienating, and enraging its customers instead of adapting to a totally new kind of market. Electronic Arts created a DRM system for its game "Spore" that was so invasive, customers savaged the game in reviews and ran it into the ground. And oh, by the way, the pirates still cracked the DRM in a few days.

The better answer is to realize that we're in a long term competition with multiple players. Every move we make will result in a countermove. We are in a long-term competition of innovation and adaption. We should expect the cracks, adapt, and coolly play our next move.

There isn't much I can say about this except for two things. 1.) If you build it, someone will hack it, if only just for the sheer pleasure of claiming they hacked it. 2.) Reach makes the point that we need to be more innovative and quick as an organization than small networks of insurgents. If I can paraphrase this one--we need to observe, orient, decide and act faster than our enemies. (Your moment of John Boyd for the day)

Tom Ricks--you all know Tom Ricks--covered this story on Thursday and Friday. These posts are notable not only because Tom provides us with some great links to mainstream news sources, but also because he contributed to the number of people coming to this blog looking for Megan Fox pics some tenfold. (If that were possible)

Anyway, Tom provides a link to a CBS News article which is chock-full of forehead-slapping moments:

The Pentagon conceded later Thursday that militants in both Iraq and Afghanistan were known to have pirated the unprotected video feeds. Military officials insist, however, there's no indication that insurgents in either theater have ever been able to hack into the systems controlling the aircraft, or alter the video being fed.

That possibility, that a foreign entity such as China or Russia might hijack the video transmission and manipulate it to confuse American battlefield commanders, was at the heart of the 2004 discussion among officers working for the Joint Chiefs of Staff,
reports The Journal.

One American officer, who The Journal says is familiar with the talks that took place in 2004, told the paper: "The fear was a commander looking on a feed, seeing nothing, and then having an enemy tank brigade come roaring into your command post."

According to the paper's sources, senior commanders largely dismissed the concerns as they were too preoccupied with the more material threats of the day; IEDs and insurgent attacks in Iraq and Afghanistan. The enemies in those countries were not considered technically advanced enough to downlink the unencrypted video themselves.

Okay, while I admit that it's great that the video from UAVs wasn't altered in any way, nor were the vehicles themselves taken over (although, with unencrypted data-links, who is to say this isn't a distinct possibility), this is still bad. Why? Because the enemy knows what you are looking at, what you care about, and most importantly, how well you can see it. They can figure out what areas the drones fly over most often, how often they do so, and what they look at. Most importantly, though, they can figure out exactly what the UAVs can see, which is of huge value to insurgent groups. Says New York Times reporter David Rohde, who was held for seven months by the Taliban:

It was March 25, and for months the drones had been a terrifying presence. Remotely piloted, propeller-driven airplanes, they could easily be heard as they circled overhead for hours. To the naked eye, they were small dots in the sky. But their missiles had a range of several miles. We knew we could be immolated without warning.

Our guards believed the drones were targeting me. United States officials wanted to kill me, they said, because my death would eliminate the enormous leverage and credibility they believed a single American prisoner gave the Haqqanis, the Taliban faction that was holding us. Whenever a drone appeared, I was ordered to stay inside. The guards believed that its surveillance cameras could recognize my face from thousands of feet above. [emphasis added]

Wouldn't it be beneficial to confirm or deny the myth?

Next up is John Robb of Global Guerrillas, who writes:

This event isn't an aberration. It is an inevitable development, one that will only occur more and more often. Why? Military cycles of development and deployment take decades due to the dominance of a lethargic, bureaucratic, and bloated military industrial complex. Agility isn't in the DNA of the systemnor will it ever be (my recent experience with a breakthrough and inexpensive information warfare system my team built, is yet another example of how FAIL the military acquisition system is).

In contrast, vast quantities of cheap/open/easy technologies (commercial and open source) are undergoing rapid rates of improvement. Combined withtinkering networks that can repurpose them to a plethora of unintended needs (like warfare), this development path becomes an inexorable force. The delta (a deficit from the perspective of the status quo, an advantage for revisionists) between the formal and the informal will only increase as early stage networks that focus specifically on weapons/warfare quickly become larger, richer, etc. (this will happen as they are combined with the economic systems of more complex tribal/community "Darknets").

Next we have CourtneyMe109, or "The Great Satan's Girlfriend", who says in her post, "Hacked":

Instead of freaking out and surrendering to Taliban (since AFPAK is about to get fully crunk and see a massive rise in warrantless, attorney - client privilge free 'Drones Gone Wild!"), this may actually be an opportunity:

If "Pretty much anyone could intercept the feeds of the drones" then perhaps pretty much everyone intercepting those signals could end up on the rec'ving end of a drone's business end. Turning those searchers into targets - for surveillance, intell or righteous kills or maybe even a surprise visit from an airborne Miranda team (Why not? HUMINT needs refreshing too!)

While the last paragraph certainly sounds tempting, it's not realistic. Viewing the video from a UAV feed on SkyGrabber isn't active intelligence gathering--it's passive. If insurgents were actively hacking the signals, then there is a possibility they might be tracked through IPs and the like. However, insurgents are simply listening to the signals that UAVs are already broadcasting. The only equipment insurgents apparently need to view UAV feeds are apparently SkyGrabber (which costs $26, and can probably be pirated for free), a computer, and a satellite dish, the latter of which can be found on countless houses throughout Iraq. This equipment is normally used to download and store footage of movies and soccer matches broadcast on the airwaves throughout Iraq--the same airwaves that are apparently used for Predator feeds.

Now, granted, downloading movies and soccer matches are probably illegal activities in and of themselves, but in order to track down those who use SkyGrabber to look at Predator feeds, the US military will have to get entangled in the entire video pirating industry of Iraq. Those of you who have ever been to the "video market" on any Forward Operating Base know exactly how pervasive that particular industry is in Iraq...

But the most telling remarks came from those who felt that the hubris and ethnocentrism prevented the US military from recognizing that insurgents who lived in 3rd world countries might someday figure out how to capture unsecured video feeds from the UAVs--even though the issue was known as early as Allied Force in 1999. Moreover, a British engineer stumbled across the signals as early as 2002 while scanning satellite signals on his home computer. Although many have commented on how pervasive the problem was, a poster on Tom Ricks' blog says it best in a reply with the tagline, "Amazingly, insurgents not thought to be capable of pirating TV".

Many have compared the hubris of American planners--and their disbelief of the ingenuity of insurgents--to characters active in the Pacific Theater of WW2 circa 1941. On one hand, Tom Ricks makes the point that America's failure to modify UAVs to transmit secure messages is similar to the Japanese Navy's confidence in the security of their coding machines. Michael Collins Dunn of MEI Editor's Blog makes comparisons to the British attitudes towards the Japanese at the start of the latter's campaign in Southeast Asia. I found more similarities to the attitudes of the US Navy towards the Japanese Navy in December 1941. Indeed, so greatly did the US underestimate the capabilities of the Japanese Navy that many American sailors (according to the great book, Why Air Forces Fail) felt that, in the aftermath of Pearl Harbor, that the Germans--not the Japanese--were responsible for the attack. Yes, much like Bluto Blutarski, many Americans felt that the Germans actually did bomb Pearl Harbor...

Focus: While some are quick to dismiss the video feeds as useless, I feel that major intelligence could have been leaked to insurgents. Thoughts? I need comments and page views, so please don't hesitate to leave them...

1 comment:

Unknown said...

This reminds me of the decision made during the ‘90s not to armor humvees even though we had the experience of Desert Storm behind us and even though videos of what IEDs were doing to Russian vehicles in Chechnya were all over the internet.

I agree with Tom’s contractor: the real damage here isn’t that some target sitting out in front of his hut with a computer will see that a Hellfire missile has his name on it. The immediate damage comes from giving an opposing commander the same view of the battlefield that we have. The longer-term damage is giving opposition intelligence agencies a very good idea of how we use drones and the type of information we get from them.

It seems to me that it will be a fairly easy software or firmware fix to add encryption to the feeds from the drones Since the satellites just function as repeaters, we don’t have to do anything with them. That leaves the receiving stations, which will also have to be modified. I read a few days ago that we’re in the process of upgrading the information collection pods on our drones anyway to increase the number of feeds — first to nine and then, later on, to 65 or so feeds, so now is the time to do that particular upgrade. I’d also like to see frequency-hopping added to the entire data path from point of origin to the receiving station on the ground just to make eavesdropping more difficult.

I’ve often thought that there ought to be a “Stupid” medal (with dunce hats instead of oak leaf clusters for subsequent awards and with the ribbon’s predominant color being something like hot pink or fluorescent green and, hey, we could make it reflective too so it would really stand out) awarded to military members who do something so breathtakingly stupid that it just begs to be recognized. This would definitely be a case calling for issuance to anyone in the chain of command who had anything to do with the decision not to encrypt.