The Army Times reports that Iraqi insurgent militias supported by Iran seemed to have early warning of U.S. actions, apparently because of their ability to hack U.S. drones.
“We noticed a trend when going after these guys; that sometimes they seemed to have better early warning” of U.S. actions, said the officer briefed on the raid. “We went and did a raid on one of their safe houses and found all of this equipment that was highly technical, highly sophisticated. It was more sophisticated than any other equipment we’d seen Iraqi insurgents use.”
The militia, known as Kata’ib Hezbollah based out of Sadr City, Baghdad, has long been suspected of being a surrogate for Iran’s Quds Force, the wing of the Iranian Army responsible for conducting clandestine warfare outside of Iran via various insurgent groups.
“It was the technological know-how to make the antennas, computers and software go together and pick up the appropriate bands that was impressive,” the officer said.
Soon after the raid, top commanders in Iraq convened a task force to identify the extent of the threat and how best to deal with it, according to the officer. Initial findings showed the threat was isolated to Kata’ib Hezbollah.
“They knew that we were flying Predators over their heads 24/7, so it’s easy to say, ‘yeah, I know that I’m going to do a signals analysis search for [the drone] and take advantage of it,” the officer said.
The laptops loaded with the SkyGrabber software also had footage filmed by smaller Army UAVs as well as the Predators.
Meanwhile, over at Danger Zone, Nathan Hodge opines that the problem isn’t just that the signals from the drones aren’t encrypted, but that they would be decrypted the second they hit terrestrial networks like the Defense Information Systems Network.
“The disadvantage is that the encryption is stripped off at the [DISN] ground terminal,” he says. “So you get direct interception protection (which is what this exploit appears to be). But you don’t get any protection for the YouTube effect — wiretapping the terrestrial internet.”
Now, this is heading more into theoretical territory: The immediate threat is from insurgents who can use cheap, readily available tools to spy on poorly protected video feeds, not a state adversary who can tap into the military’s secure fiber optic networks. But what Buddenberg is arguing for is a more comprehensive solution: Encrypting the data “at the camera” so it is protected as it travels across the network, regardless of what datalink is used to haul bits. It’s an “end-to-end” approach, versus an approach that looks at communications security as an afterthought to aircraft design.
Still waiting for that Cyber Security Manhattan Project, guys.