Friday, December 18, 2009

The Predator Channel

There's something troubling about yesterday's Wall Street Journal report on insurgents accessing video feeds from U.S. drones operating over Iraq and Afghanistan.

It's bad enough that terrorists can watch the same live, unencrypted video as our troops on the ground, using inexpensive antennas and computer software that costs as little as $26.

But it's even more disturbing that the Pentagon has known about the problem for more than a decade, and is only now making a serious effort to secure line-of-sight video signals. With a little luck (and sufficient funding) those feeds should be fully encrypted by 2014. Until then, intelligence analysts, special forces operators and other military personnel can only hope their terrorist targets aren't watching the same pictures from Predators, Reapers and other battlefield UAVs.

According to the Journal, commanders in Iraq discovered earlier this year that insurgents were, in fact, monitoring--and recording--video streams from our drones:

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes' systems. Shiite fighters in Iraq used software programs such as SkyGrabber -- available for as little as $25.95 on the Internet -- to regularly capture drone video feeds, according to a person familiar with reports on the matter.

With terrorists able to access UAV video signals, U.S. forces lose the critical element of surprise on the battlefield. By watching the video feeds, insurgents gain critical information about targets (and groups) under surveillance, helping them avoid planned raids by special forces teams and other units.

While most reports of intercepted feeds have come from Iraq, there is also evidence that terrorists in Afghanistan have employed the same tactic. And, with the simple technology required to pirate the video feeds, there's no reason that insurgents in places like Somalia and Yemen couldn't mointor the signals as well.

The discovery of UAV video on insurgent laptops in Iraq confirmed a known vulnerability in our drone network. While unmanned surveillance aircraft have been a part of military operations for more than a decade, the Pentagon elected to leave the video down link unencrypted, believing that adversaries in regions like the Balkans and the Middle East would be unable to exploit the video feeds. Leaving the signal unencrypted also allowed easier access by ground forces, which rely heavily on UAV surveillance in conducting raids on enemy strongholds.

But evidence of signal vulnerability began surfacing as the drones entered combat. During Operation Allied Force (1999), there were numerous reports of Kosovo residents with satellite TV using their dishes to monitor video feeds from first-generation Predator drones. Defense analyst Pete Singer told Air Force Times that the locals joked it was "harder to get the Disney Channel than watch U.S. military operations."

Concern about the video feeds continued as the combat intensified in Iraq. During 2004 and 2005, the Office of the Secretary of Defense held meetings about the problem. But former Air Force Secretary Mike Wynne (who participated in those sessions) tells the Times that the emerging consensus was to "field the UAVs as quickly as possible." Mr. Wynne's account was verified by another participant, General Mike Moseley, who served as the service's Chief of Staff during that period.

Not all signals associated with the drones are unsecured. Command signals used to pilot the aircraft are encrypted, as is the video feed provided to commanders. Securing the line-of-sight signal to ground forces would have required additional hardware, added to the cost of UAVs, and slowed their entry into the inventory.

Luckily, few insurgent groups have taken advantage of the vulnerability. An assessment by U.S. commanders in Iraq indicates that only one group--the Iranian-backed Kata'ib Hezbollah--has the technical capacity to intercept the signals. While some elements of the hacking operation (most notably the software) are inexpensive and readily available, integrating the various components requires a certain degree of technical sophistication. American analysts believe Iran was only willing to give the package to their most loyal surrogates in Iraq, a main reason that Kata'ib Hezbollah would up with the equipment.

Still, there's no reason that other terrorist elements won't gain the same capability on their own, or through Iranian agents. Meanwhile, the U.S. is applying some interim technical fixes, such as narrowing the area in which the video feeds can be received. That would make it easier to detect insurgents trying to pirate the signal.

But that remedy only goes so far. In urban terrain, it's still possible for terrorists inside a building to intercept the video feed, while a U.S. patrol passes outside. We're guessing that American troops will find a few more insurgent laptops--with files of our UAV video--before the system is fully encrypted in 2014.

It's another testament to our hubris--the same mindset that (prior to World War II) assured us that the Japanese could never produce--let alone fly--a first-class fighter, and that the B-17 would not require fighter escort to reach enemy targets. In both cases, the cost of our arrogance was measured in human lives.

So far, we haven't paid a similar price in Iraq or Afghanistan. We can only hope that trend holds. Meanwhile, someone needs to ask former Bush and Clinton officials about their decision to leave UAV video feeds unsecured. Yeah, we saved a few bucks--but at what potential cost?

It's worth remembering that the same, unsecured links would be used in conflicts with more capable adversaries like North Korea and China. We can only imagine how Beijing or Pyongyang might have exploited our vulnerability. But a generation of military commanders and senior civilian officials were willing to take the risk. That sort of group think requires a further explanation.

7 comments:

Skip said...

2014? That's nuts. There's simply no reason this should take that long. There's off the shelf hardware and software for this that should be adaptible in much less time.

SMSgt Mac said...

Proof 'Military' minds do disagree from time to time. I'm with LtGen Deptula (as usual): http://www.flightglobal.com/blogs/the-dewline/2009/12/deptula-whacks-predator-hack-w.html

fmfnavydoc said...

I find it hard to believe that the military is going to take until 2014 to fix this problem, especially when it has know about it since (at least)1999. What next - we're giving AQ/Taliban NVG's to "level the playing field"?

Time to put some IT types to work to find some OTS or write some code to stop the bad guys from "watching TV" to find out when the "infidels" are checking out the 'hood...

Aerospook said...

Most importantly, why, in today's environment, when even some corporate video feeds are properly encrypted, was this not part of the plan PRIOR to deployment?????

Sounds like one more case of "oh, they are stupid ragheads, we don't have to worry about this"

I am postulating that this is not a case of budget, this is a case of violating the 5P rule. (Proper Planning Prevents Piss Poor Performance)

Think anyone will track this back to whomever made the decision or lack thereof to broadcast unencrypted video feed?

When the Generals jabber, is their video feed unencrypted?

Aerospook said...

Apologies to all.....Fingers tired from firing emails to Congressmen about the "Health Bill", it is 6P rule...:)

Old Curmudgeon said...

"Not to worry, Admiral-san. The Americans will never break our codes!"

Bob said...

I believe a case can be made that the right decision was made to ship without video encryption. The technology is clearly available to encrypt. That is not the issue. The challenge is key management.

The goal of the program was to feed live video to those on the ground that need it. It needs to be available to all sorts of people, of varying nationalities and security clearances, on a variety of field terminals, in a variety of geographical areas, in all sorts of conditions -- with everything constantly changing. Key management in this environment would be a nightmare.

Imagine the headline when a Marine on the ground did get real-time video that would have saved civilian lives and the investigation reports the reason as "he didn't have the right password".

Not having encrypted video is less than perfect. But pushing the technology out and having our people be able to use it now is far better than the alternative.