British media outlets are reporting that the Royal Air Force is now flying its MQ-9 Reaper drones from Lincolnshire as well as from Creech Air Force Base, Nevada.
The Guardian has reported that the crews based at RAF Waddington are working in tandem with their colleagues in the U.S. providing round the clock operations in Afghanistan due to the time difference between the UK and US.
No 13 Squadron stood up at Waddington at the end of October to operate the MQ-9 Reaper alongside 39 Squadron based at Creech Air Force Base, Nevada.
The Sky News website quotes the British MoD as saying “XIII Sqn have commenced supporting ISAF and Afghan ground troops in Afghanistan with armed intelligence and surveillance missions, which are remotely piloted from RAF Waddington.”
The Guardian quoted a source as saying “We aren’t flying any more operations than we were before, but with the time differences between the US, Afghanistan and the UK, it is now possible for pilots at Waddington to work in relay with the those in the US.”
It is thought that the RAF has three control stations at its drone ‘hub’ at Waddington and these have gone through a very tough testing process to make sure these new stations are fit for purpose.
2011 has been an annus horribilis for information security, and aviation has not been an exception to this rule: not only in 2011 the corporate networks of several aviation and aerospace industries have been targeted by digital storms (not a surprise in the so-called hackmageddon) but, above all, last year will be probably remembered for the unwelcome record of two alleged hacking events targeting drones (“alleged” because in the RQ-170 Sentinel downed in Iran episode, several doubts surround the theory according to which GPS hacking could have been the real cause of the crash landing).
But, if Information Security professionals are quite familiar with the idea that military contractors are primary and preferred targets of the current Cyberwar as the following infographic shows, realizing that malware can be used to target a drone is still considered an isolated episode, and even worse, the idea of a malware targeting the multirole Joint Strike Fighter is still something hard to accept.
However, things are about change dramatically. And quickly.
The reason is simple: the latest military and civil airplanes are literally full of electronics, which play a primary role in managing avionics, onboard systems, flight surfaces, communcation equipment and armament.
For instance an F-22 Raptor owns about 1.7 millions od line of codes , an F-35 Joint Strike Fighter about 5.7 millions and a Boeing 787 Dreamliner about 6.5 millions. Everything with some built in code may be exploited, therefore, with plenty of code and much current and future vulnerabilities, one may not rule out a priori that these systems will be targeted with specific tailored or generic malware for Cyberwar, Cybercrime, or even hacktivism purposes.
Unfortunately it looks like the latter hypothesis is closer to reality since too often these systems are managed by standard Windows operating systems, and as a matter of fact a generic malware has proven to be capable to infect the most important U.S. robots flying in Afghanistan, Pakistan, Libya, and Indian Ocean: Predator and Reaper Drones.
As a consequence, it should not be surprising, nor it is a coincidence, that McAfee, Sophos and Trend Micro, three leading players for Endpoint Security, consider the embedded systems as one of the main security concerns for 2012.
Making networks more secure (and personnel more educated) to prevent the leak of mission critical documents and costly project plans (as happened in at least a couple of circumstances) will not be aviation and aerospace industry’s information security challenge; the real challenge will be to embrace the security-by-design paradigm and make secure and malware-proof products ab initio.
While you wait to see if an endpoint security solution becomes available for an F-35, scroll down the image below and enjoy the list of aviation and aerospace related cyber attacks occurred since the very first hack targeting the F-35 Lightning II in 2009.
Of course aviation and aerospace industries are not the only targets for hackers and cybercriminals. So, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow @pausparrows on Twitter for the latest updates.
Look at the following image Lazygranch.com has found on Imageshack.us.
Taken by Ethan Miller/Getty Images on Apr. 16, 2009, the photograph depicts an MQ-1B Predator at Creech Air Force Base, in Nevada, taxing with a Sukhoi Su-27 in the background.
Actually, the Russian plane (whose shape seems to be a mix of a Su-27 and a Mig-29 with a Russian Flanker’s color scheme) is one of the few mock-ups believed to be used at the former Indian Springs Auxiliary Air Force Base for drone crews’ target recognition training.
Such decoys were first spotted inside the airbase in 2002.
Here are the coordinates for at least two of such decoys clearly visible on Google Earth recently released imagery:
The amout of contribution I receive each time I publish a blog post on the stealth drone now part of Iran’s asset is amazing. For instance, yesterday, few minutes after publishing the Infographic that I used to explain how the drone was captured (a theory based on the known facts to date), I got an email from Dave Krakow with an interesting drawing he sent me to show how the mysterious hatch on the top of the RQ-170 Sentinel, it’s not up to the typical American Aerospace standards. “The details are imprecise, nothing like Lockheed Martin products.”
Image courtesy: Dave Krakow
Dave believes the thing shown by Iranians was possibly constructed previously, for radar signature research, with details added in a hurry for cameras. “A lot of the commentary on the web regarding general accuracy assumes Iranian intelligence has only the same photos we have on the internet, and thus they could only know certain details if they had an original. I don’t think this is a reasonable assumption” he wrote to me.
For sure, as highlighted in the above image, the mysterious “top hatch” (that I supposed could be used to deploy a recovery chute) features some oddities. Some of them in particular, raise questions. However the angle of the camera, the effect of the zoom, and many other contributing factors (lights, shadows, image compression etc) may have affected the quality of the footage shown on Iran State TV rendering, for example, fasteners seemingly randomly spaced.
Furthermore, there’s still a chance that Iranians worked on the Sentinel after they recovered it: maybe they tried to get access to the internal hardware, removed panels to inspect lenses, memories to look for interesting data or to disable any self-destruction mechanisms or Emergency Locator-like systems, in order to prevent the Americans from locating or destroying it.
First of all, the lost-link procedure does not foresse the RQ-170 landing autonomously at his actual homebase (because of the many variables, such as wind and traffic) but orbiting until link is re-established or the drone runs out of fuel.
For instance, even under Remote Split Operations, landing is performed in Line Of Sight by the local ground control station: latency induced by the SATCOM link is not compatible with the last phases of the flight when immediate reactions of the robot’s control surfaces to the inputs given remotely by the pilot are required to safely bring the drone on the ground.
Furthermore, provided that the autolanding is used in the lost-link events, it is not that easy to land the drone on a different landing field than its homebase without causing major damages.
Finally, it seems quite weird that any insider so proud to have achieved a hack of the most secret U.S. unmanned aerial system (UAS) could be at the same time so uncautious to give the details of the entire operation to the public domain, with the first and most obvious consequence of not being able to repeat it in the future. Unless, the type of attack they have described is all but unexpected but very well known because highlighted in the above mentioned official documents.
So, I’ve asked once again my friend Ugo Crisponi to put on a nice infographic what I think may have happened on Dec. 4, 2011, when the drone was “downed”, based on all the details I was able to collect so far.
Here it is.
I think the drone’s link with Creech AFB was disrupted using jamming. How did the Iranians know the “Beast of Kandahar” was in the vicinity if they couldn’t see it on the radar? They may have intensified jamming around uranium enrichment sites.
Serbians were able to shot down the F-117 because during the Allied Force planners put the F117s on repetitive routings. Stealth planes are not invisible. They are extremely difficult to see, if you don’t know where they are and you are not close enough to track them. Maybe something similar happened in Iran.
I think that Iran played a role in the crash landing simply because they were able to recover it. If they hadn’t known where the drone had landed they would not have been able to get their hands on it.
Once the link was lost, as per procedure, the drone started an series of racetracks/orbits waiting for the signal to be re-established. In this phase, maybe the Iranians were able to spoof the onboard GPS and guide the drone in the wrong direction. Nevertheless this would mean that the most important American drone relies only on the GPS for navigational purposes and doesn’t use an INS (Inertial Navigation System) platform. Indeed even some GPS-guided bombs as the JDAM (Joint Direct Attack Munition) use anti-jamming and anti-GPS spoofing systems, some of those are based on simple inertial measurement units.
Then, when the Sentinel ran out of fuel, it crashed. Even though it was not mentioned before, there’s a possibility that the drone survived the impact because it was equipped with a safety chute. In fact, I’ve noticed a mysterious hatch on the top of the RQ-170, that, among other things could host the parachute used to safe the precious drone.
It’s obviously a speculation because such a chute could safe the airframe but could also preserve it for the enemy when the drone runs out of fuel during a mission behind the enemy lines. As happened in Iran.