Intercepted drone video points to importance of cyber security

Using common software, Iraqi insurgents intercepted video feeds transmitted by US drone aircraft. It's not an important security breach, officials say, but it does draw attention to the importance of cyber security in increasingly high-tech wars.

An MQ-9 Reaper unmanned aerial vehicle lands at Joint Base Balad, Iraq. Reapers are remotely piloted and can linger over battlefields, providing strike capabilities to ground force commanders. This Reaper is deployed to the 46th Expeditionary Reconnaissance and Attack Squadron from Creech Air Force Base, Nev.

U.S. Air Force photo/Tech. Sgt. Erik Gudmundson

December 18, 2009

The US military is at the beginning of the era in which the cyber security of its weapon systems will be increasingly important, and under constant threat.

That’s one of the lessons that might be drawn from revelations that Iraqi insurgents have intercepted video feeds transmitted by US drone aircraft, using software and hardware available to virtually any technically-adept teenager in the world.

Today, general military cyber war is in its infancy, noted General C. Robert Kehler, commander of US Air Force Space Command, in an address on the subject in September.

It is about where military air power was at the beginning of the last century, said Gen. Kehler – the biplane level of development.

“So we know that this will evolve,” said Kehler, referring to the offensive and defensive sides of confrontation with bits and bytes.

By itself, the breach of the drone video stream does not appear to have been particularly threatening. Insurgents merely tapped into an unencrypted data transmission that provided them with pictures of what the drone was looking at. It was not information detailed enough to provide the insurgents with tactical intelligence. It was not something that would have allowed them to take control of the aircraft, any more than intercepting a police call on a radio scanner allows the listener to drive a police car.

The transmission was open because the Pentagon in essence has not yet bothered to encrypt it.

“This is a vulnerability that they’ve known about for decades,” says John Pike, a security analyst and president of GlobalSecurity.org.

In some ways, another type of cyber attack that occurred this week might be more threatening to US national security. The Twitter outage caused by a group calling itself the “Iranian Cyber Army” may, or may not, have been directed by the Iranian government.

But whoever was behind it, is just the sort of denial of service blow that could wreak havoc with military systems, or government services, or sectors of the economy, if properly carried out.

“Dealing with a deliberate denial of service attack designed to disrupt the on-line economy – I don’t think we’re set to deal with that,” says Pike.

This is as much a concern for the Pentagon as is the operational cyber security of weapons. It is a technique adversary nations have already used against each other, said Air Force Lt. Gen. David Deptula, deputy Air Force chief of staff for intelligence, surveillance, and reconnaissance earlier this year.

“This denial of service strategy was recently applied by North Korea, and Russia used it in the cyber isolation of Georgia,” said Gen. Deptula in an address to the Air Force Association.

Meanwhile, one of the lessons of the stolen drone video feed is that different systems have different vulnerabilities, and all need to be addressed to secure US military operations, according to US officials.

“Every airman is a defender. That’s the mindset you have to have,” said Gen. Kehler in his address to AFA. “When you log onto your computer, when you pick up your handheld device, when you get on your cell phone, et cetera, you are entering a combat zone and you need to behave accordingly.”

-----

Follow us on Twitter.