It sounds like the plot of a Hollywood blockbuster: A group of insurgents hack into American military drones, using software they got off the Internet, according to The Wall Street Journal. But, for the benefit of that screenwriter likely pounding away right now to get his idea in first — as well as for the general public — what actually happened?
First is the growing use of unmanned systems, something I explore in my book “Wired for War.” Just a few years ago, the U.S. military had no interest in unmanned systems. Indeed, when the U.S. invaded Iraq, we had only a handful of unmanned systems in the air and zero on the ground in the invasion force, none of them armed.
Today, we have more than 7,000 in the air, ranging from the 48-foot-long Predator to tiny ones that can fit in a backpack, and 12,000 on the ground, such as the Packbot and Talon systems that hunt down roadside bombs. Many of these systems are armed, giving new meaning to the term “killer app…”
The problem of the relatively open video feeds has been known for a while. Indeed, back during our operations in the Balkans, it was discovered that just about anyone in Eastern Europe with a satellite dish could watch live overhead footage of U.S. Special Operations forces going out on raids of suspected war criminals. One joker commented that it was harder to tap into the Disney Channel.
But the Pentagon assumed that foes in the Middle East wouldn’t be smart enough to figure this out, and underestimated how quickly the technology to tap in to the feeds would advance, becoming cheaper and widely available. The problems were not fixed, and more and more of these relatively open systems were deployed…
The U.S. military has responded to the reports with a mix of public calm and private consternation. Officials have said they are fixing the problem, such as by working to encrypt the video downlinks, and that this is a tempest in a teapot.
The first problem, though, is the scale. There are literally thousands of unmanned systems in the air (as well as the current ROVER models that only receive the unencrypted video feed) that will need to be retooled for encryption. This will be expensive and arduous, and all while the war goes on. There are also worries that layering the encryption on top of the system software will slow down the communications and make them hard for multiple users to access at once.
More important, though, is the ad-hoc, back-end nature of the response. It is far different from having your entire system design of both hardware and software take into account how to protect information efficiently but effectively, throughout the communications and operations chain.
The result could be that our patched systems may end up still less protected than the movies or video games you download at home on your DVR or X-Box.
What happens when a Predator drone readies to fire a Hellfire missile – and gets the X-Box red eye of death? What happens when ping time from a tech sitting under a dish in Alamogordo triples out-and-back to that Raptor over South Waziristan?