Computer Virus Calls Into Question U.S. Dependence On Remotely Piloted Vehicles
So far, the U.S. military has pretty much enjoyed a free ride when it comes to the employment of remotely-piloted vehicles (RPVs) or drones. Under the direction of former Secretary of Defense Robert Gates, the Air Force invested in enough Predator RPVs to conduct around sixty continuous orbits. Over the past decade there has been a veritable explosion of RPVs with systems ranging from the hand-deployed Raven and Puma through the smallish Scan Eagles and Fire Scouts to the large, very high altitude and extremely powerful Global Hawk. The military is also looking at a range of sensor-equipped blimps and rigid airships to provide long-endurance surveillance of fixed sites and large areas, respectively.
A major key to the successful deployment and operation of all of these RPVs is the strength and security of the IT systems that not only command and control the vehicles but allow for the timely transmission of data. Virtually all RPVs have computers that will fly the platform home or to a safe landing if contact is lost with the controller.
Defense analysts have pointed out that the current investments in RPVs largely presume that they will be operating in a benign air environment. A few RPVs such as the Scan Eagle are sufficiently small and quiet that they are difficult to target either with small arms or surface-to-air missiles. Others such as the Global Hawk fly high enough with powerful sensors that will enable it to standoff from many threats. But the vast majority of RPVs currently in service will be vulnerable in the face of capable air defenses.
Now a new threat is emerging, one which may be more dangerous to the operation of RPVs than air defenses. This is cyber warfare. According to a recent report by the Associated Press, computers at Creech Air Force Base, the global nerve center for operation of Air Force long-range RPVs, have been infected by computer viruses that are difficult to remove. As reported, the character of the virus suggests that it may be designed to gather intelligence on how our RPVs are controlled rather than to interfere with their operations or the flow of information from their sensors.
This is not the first time hackers have successfully gained access to the IT systems of U.S. RPVs. A couple of years ago reports surfaced of hackers, possibly working for insurgent groups in Iraq or Afghanistan, which had used publicly available software to hack into the video feed of some U.S. RPVs. This is because the video feed was not encrypted. It was reported that this problem was fixed, although how well is unknown.
The current attack is both serious and a portent of things to come. The ability of the U.S. to operate both reconnaissance and armed variants of its RPVs is absolutely dependent on the security of the networks. Why should adversaries spend tens of billions on advanced air defenses to shoot down RPVs when they can go after the networks relatively cheaply? U.S. cyber experts are warning that our networks are not secure. Some analysts have advocated doing away with manned aircraft and relying instead on RPVs. This report should give those experts reason to reflect.
Find Archived Articles: