Bad OPSEC (Operations Security) exposed by Air War on ISIS?

“Loose Tweets Destroy Fleets” is the slogan (based on the U.S. Navy’s WWII slogan “Loose Lips Sink Ships”) that the U.S. Air Force Central Command used a couple of weeks ago for an article aimed at raising airmen awareness about the risk of sharing sensitive information on social media.

Indeed, the AFCENT article speaks directly to the threat posed by Islamic State supporters who, according to Stripes, on at least two occasions have acquired and posted online personal data of military personnel, urging sympathizers, “lone wolves,” to attack Americans in the States and overseas in retaliation for the air strikes.

The article highlights the importance of proper OPSEC to keep sensitive information away from the enemy and to prevent leakage of information that could put missions, resources and members at risk,  “and be detrimental to national strategic and foreign policies.”

Interestingly, the article only focuses on the smart use of social media. Ok, however, there are other possible OPSEC violations that the U.S. Air Force (as well as many other air arms currently supporting Operation Inherent Resolve, in Iraq and Syria, or Enduring Freedom, in Afghanistan) should be concerned of.

In October 2014 we highlighted the risk of Internet-based flight tracking of aircraft flying war missions after we discovered that a U.S. plane possibly supporting ground troops in Afghanistan acting as an advanced communication relay can be regularly tracked as it circles over the Ghazni Province.

The only presence of the aircraft over a sensitive target could expose an imminent air strike, jeopardizing an entire operations.

Although such risk was already exposed during opening stages of the Libya Air War, when some of the aircraft involved in the air campaign forgot/failed to switch off their mode-S or ADS-B transponder, and were clearly trackable on FR.24 or PF.net and despite pilots all around the world know the above mentioned websites very well, transponders remain turned on during real operations making the aircraft clearly visible to anyone with a browser and an Internet connection.

During the last few months many readers have sent us screenshots they took on FR24.com or PF.net (that only collect ADS-B broadcast by aircraft in the clear) showing military planes belonging to different air forces over Iraq or Afghanistan: mainly tankers and some special operations planes.

We have informed the U.S. Air Force and other air forces that their planes could be tracked online, live, several times, but our Tweets (and those of our Tweeps who retweeted us) or emails have not had any effect as little has changed. Maybe they don’t consider their tankers’ racetrack position or the area of operations of an MC-12 ISR (Intelligence Surveillance Reconnaissance) aircraft a sensitive information…

Image credit: screenshots from Flightradar24.com

 

Related articles

• U.S. airborne communication plane could be tracked on the Web for 9 hours during air strike that killed Taliban leaders in Afghanistan
• War in the Web 2.0 era: how Air Forces deal (or don’t) with Internet-based flight tracking tools
• In photos, First Canadian Hornets air strike on ISIS in Iraq
• [Photo] U.S. Navy’s Last EA-6B Prowlers and F/A-18C Legacy Hornets take fuel over Iraq
• [Photo] Inside a U.S. C-130H during a night air cargo drop over Afghanistan
• U.S. Air Force disclosed some details about gigantic Global Hawk unmanned aircraft operations against ISIS
• This may be the shape of the future U.S. top secret stealth bomber

In my article titled Would modern transponders have made the hijacked planes visible to radars on 9-11? about Mode-S and ADS-B usage I wrote:

According to an esteem by Flightradar24.com, around 60% of the civil airliners and only a small amount of business jets and military aircraft have an ADS-B transponder. This means that, although you will never spot a Stealth Helicopter nor Air Force One broadcasting its position, speed, altitude and route on the Web, you can still catch some extremely interesting  planes. As the evasive US Air Force C-32Bs (a military version of the Boeing 757), operated by the Department of Homeland Security and US Foreign Emergency Support Team (FEST), used to deploy US teams and special forces in response to terrorist attacks.

I was wrong.

Although even the Flightradar24 FAQs confirmed that the Air Force One, the world’s most famous and important aircraft, should NOT be visible on their website, for a few seconds around 19.40UTC, the U.S. Air Force’s VC-25 (mil version of the B747), with registration 82-8000, transponder code 3614, advertised its position in the public domain while over Baltimore, descending through FL120 at 310 kts, heading towards Washington D.C. (for landing at Andrews AFB).

I don’t really know the reason for this quick appearance of the AF1 on FR24. A human error? A quick test? Hard to say. I’d expect the IFF Mode 5 with encrypted Mode-S and ADS-B to be paramount on the aircraft carrying the POTUS.

However, in the past I’ve witnessed some “doomsday planes” and other DoD flights shamelessly broadcasting on the Internet their position, altitude, track etc.

Let’s see what happens in the future. Maybe tracking Obama’s movements across the world will be possible. By means of a web browser….

Update Dec. 1, 2011: further investigation shows that the AF1 used genuine full ADS-B signal possibly triggered at the request of controllers for positioning purposes during descent to Andrews AFB.