Tag Archives: Predator

U.S. drones and spyplanes involved in information gathering missions over Syria. As in Libya one year ago. More or less…

More or less one year ago, we were observing an increasing activity of U.S., British, French and Italian military spy planes perfoming information gathering missions along the northern border of the Tripoli FIR (Flight Information Region).

Quite silently, those SIGINT (SIGnal INTelligence) platforms flew in the Maltese airspace to eavesdrop into Libyan communications and signals and to collect the information needed to build up the so-called EOB (Electronic Order of Battle) of the Libyan forces, that would be used to have a better understanding of the situation in Libya, to know where forces were located and to build up a priority target list for the subsequent air campaign.

Presumed to remain (almost) secret, those flights were actually “advertised” by LiveATC.net, whose Maltese feeder  (shut down during the war) made the radio communications between Malta Area Control Center and the various EP-3s, RC-135 Rivet Joint, C-160G, British Nimrods R1s etc. transiting the local airspace before operating in “due regard”, public.

Although nowadays we can’t listen to the radio comms of the military traffic in that area as we did in February 2011 and we don’t have the same “evidences” we had one year ago, we can be quite confident that similar activities are being conducted in or around Syria from bases in Italy, Turkey or Cyprus (RAF Akrotiri airbase).

Along with the satellite image released by the US Embassy in Damascus some American defense officials told the NBC that “A good number of American drones are operating in the skies of Syria, monitoring the Syrian military’s attacks against opposition forces and innocent civilians alike”.

The Pentagon was quick to point out that these drones were providing surveillance not for a future military intervention but to gain evidence from both a visual and communications perspective to “make a case for a widespread international response”.

However, the confirmation that U.S. robots are flying inside the Syrian territory does pose the question: what type of drone are being used?

Most media outlets are using stock images of Predator or Reaper drones, but those unstealthy ‘bots would be vulnerable to the Syria SAM (Surface to Air Missile) network, believed to be among Middle East’s most robust ones. Both MQ-1 and 9 are Medium Altitude drones that could be operating in Syria only if flying outside the range of active SAM rings.

Hence, its conceivable that most ISR (Intelligence Surveillance and Reconnaissance) missions in the area are being flown by High Altitude platforms, as Air Force’s Global Hawks or U-2s (or even stealthy RQ-170s, as the one captured in Iran).

Even if Sigonella in Sicily, hosts the U.S. RQ-4Bs belonging to the 9th Operations Group/Detachment 4th, Incirlik in southern Turkey, being next to the border, seems to be more suitable for spy missions in Syria. Missions that these days could be aimed at assessing the type of activities conducted by the destroyer Shahid Qandi and the supply vessel Kharg, the two Iranian warships that have docked at the Syrian port of Tartus after passing through the Suez canal.

In fact Egyptian sources as well as members of the Syrian opposition claimed that the two vessels have been jamming satellite telephone communications of the Syrian opposition forces.

According to the same Egyptian sources, Assad’s forces have been finding it more difficult to monitor the oppositors’ communication due to their encrypted nature and someone believes that the Iranian Navy is helping him disrupting these encrypted communications.

A bit far fetched, considered that a land based systems would be less visible than two closely watched warships, but not completely impossible.

Worth a mention: an Israeli drone was spotted overflying clashes in Homs.

Anyway, the scenario is similar to the Libya of the end of February 2011. With the only difference that one year ago, the spyplanes did not fly into the “enemy” airspace.

Richard Clements has contributed to this article.

Image credit: U.S. Air Force

"Cleared hot": the Italian AMX light combat planes to be cleared to carry (and use) bombs in Afghanistan

As the air war in Afghanistan winds down, hitting a 3-year low in terms of combat sorties, Italy is about to lift one of the national caveats that has denied the Air Force’s AMX light bombers deployed to Herat, to carry PGM (Precision Guided Munitions) in combat.

In fact, although being able to carry bombs to support ground troops, the Italian AMXs, that emerged as some of the most cost-effective assets during the Air War in Libya and, much earlier, during the Allied Force in Serbia and Kosovo, were not allowed to carry any LGB (Laser Guided Bomb) or GPS-guided JDAM (Joint Direct Attack Munition) .

So far, Italian ground troops in in trouble in Afghanistan have relied on AMX’s gun or….U.S. air support.

Since they could not carry bombs, AMX have mainly conducted reconnaissance missions in Afghanistan, using the Reccelite pod.

Following the experience in Libya, where the Italian planes have largely made use of bombs to protect Libyans threatened by pro-Gaddafi forces, in the last few days, the Minister of Defense Giampaolo Di Paola, has said before the joint defense committees of both houses  that the MoD is willing to use the aircraft “without limitations.”

The use of precision bombs will not change the ROE (Rules of Engagement) said Gen. Biagio Abrate, Joint Chief of Staff, who added: “In Libya, we dropped the bombs and we did well.”

The AMX will be allowed to carry the GBU-32 JDAMs, the GBU-16 Paveway, and the Lizard guidance kit that enables 500-lbs Mk82 bombs to hit the target illuminated by the laser.

Abrate also explained that the MoD is willing to provide weapons to the Predator UAS (Unmanned Aerial System) that in Afghanistan is used for reconnaissance duties only. Both the Predator A and the B (Reaper), that was used in Libya to boost NATO’s ISR (Intelligence Surveillance Reconnaissance) capabilities, can carry bombs even if Italy has not procured missiles and PGMs for them yet.

An AMX taking off from Nellis AFB during a Red Flag (credit: Italian Air Force)



Iran seizes a U.S. Stealth Drone by taking over controls. Maybe… And what about that Predator virus?

According to the Iranian Fars news agency, on Dec. 4, Iran’s army downed a U.S. remotely controlled spyplane, along the country’s eastern border. Although no image of the wreckage was released so far, the American drone was described as an intruding RQ-170 Sentinel, first spotted in Afghanistan in 2007 and since then dubbed the “Beast of Kandahar”.

This is the fourth time this year Iran claims to have shot down a U.S. drone. No images have ever been released of the previous downed drone hence, unless a photographic evidence is disclosed, we can’t be sure a downing did happen.

The spy drone is currently seized “with very little damage” meaning that, provided a drone was really lost in Iran, it was not hit by any anti-aircraft system. Indeed, unless it was an extremely lucky shot, I think Iran has not the equipment and capability to intercept and destroy a radar evading Sentinel. Most probably, the robot suffered some kind of failure or lost satellite guidance during a covert surveillance mission: an almost conventional mission of the long lasting unconventional stealth war to the Iranian nuclear program.

Noteworthy, according to an unnamed military official quoted by state TV, Iran’s cyber warfare unit managed to take over controls of the Sentinel and bring it down. Is it possible? Maybe, otherwise I would not explain why the RQ-170 was not remotely destroyed with a kill-switch reportedly used on such systems to prevent them from going in the wrong hands. Such self-destruction systems are designed to bring down the drone should its pilot lose satellite link from the mobile ground control station.

The stealthy UAS (Unmanned Aerial System) is one of the most precious of the U.S. arsenal and it is believed to have taken part in Operation Neptune’s Spear (or “Operation Geronimo”) the Navy SEALs raid for the capture of Osama Bin Laden, that revealed the existence of the famous Stealth Black Hawk.

The RQ-170 is flown by Air Combat Command’s 432nd Wing at Creech Air Force Base, Nev., and the 30th Reconnaissance Squadron at Tonopah Test Range, Nev. Creech AFB is the same from where MQ-1 Predators, those whose mobile ground control stations were infected with a computer virus.

If the most important U.S. drones suffered a malware attack are we sure Sentinels can’t be hacked by Iranian military?

First, we have to be sure an RQ-170 was really downed….

Update: someone asked me to explain what I meant for “hacking” a Sentinel.

I’m not suggesting someone was able to hack the drone and land it. Maybe disrupting/jamming the satellite link with the mobile ground control station and inhibit its self-destruction system would be enough. Then, the uncontrolled drone could crash land with minor damages.

Image source: Internet

Mini-Drones, SAMP/T, Storm Shadow and a Lotus "Evora" at the Italian Armed Forces Day

The Italian Armed Forces Day exhibition, held each year in Rome inside the Circus Maximus (Circo Massimo), always provides an interesting opportunity for a close look at the most interesting equipments of the four Armed Forces [Aeronautica Militare (Italian Air Force), Marina Militare (Italian Navy), Esercito Italiano (Italian Army), and Carabinieri (Military Police)], and of the Italian Armed Corps, as the Guardia Costiera (Coast Guard) and the Guardia di Fin

Infected US drones: rather embarrassing but (probably) no big deal

Even though the news that a computer virus has infected US Predator and Reaper drones, logging pilots’ keystroke during their missions over Afghanistan, Libya and other warzones (Yemen?), spread like fire thanks to the exclusive article published by Wired’s Danger Room on Oct. 7, the fact that today and tomorrow’s war robots have been targeted by a computer virus is far from being surprising.

Drones or, to use the standard designation, Unmanned Aircraft Systems (UAS) play a vital role in modern wars. They are able to silently fly for 20 or more hours deep inside the enemy territory; they carry a wide array of sensors, radars and (in some cases) weapons to identify or attack time-sensitive targets; and they are “expendable” because they are controlled from a remote Ground Control Station by pilots who fly them in the same way you might fly a plane in your favourite flight simulator game.

UAS have been flying in support of ground troops, helping them to identify suspect activity and to prevent IED (Improvised Explosive Device) attacks in Iraq and Afghanistan for years. In the last few months they were dispatched to monitor and attack Gaddafi forces in Libya, and took also part in Operation Neptune’s Spear, when they flew over Abbottabad, in Pakistan, to keep watch over Osama Bin Laden’s compound prior to the Navy Seals raid that unveiled the Stealth Black Hawk helicopter.

Drones have been supporting ground troops, helping them to identify suspect activity and to prevent IED (Improvised Explosive Device) attacks in Iraq and Afghanistan for years. They were dispatched to attack Gaddafi forces in Libya, played a vital role in Operation Neptune’s Spear in Pakistan (where they helped monitor Osama bin Laden’s compound prior to the Navy Seals raid that resulted in the al-Qaida leader’s death) and, more recently “an American drone killed top terrorist Anwar al-Awlaki — part of an escalating unmanned air assault in the Horn of Africa and southern Arabian peninsula”.

A UAS consists of four main components: the remotely piloted vehicle (RPV), its sensors, its Mobile Ground Control Station (MGCS), and its data link and communication suite. That’s why the term UAS, which describes the whole system, is preferred to UAV (Unmanned Aerial Vehicle).

Although they have their own peculiarities and equipments, Predator A and B and other drones control stations are much similar in terms of layout. Both have five workstations, each one equipped with two or more screens providing all the information required by the specific operator’s tasks: from the pilot’s view with the proper flight symbology, to the moving map showing the aircraft position and the regions “covered” by the UAS sensors, to the live video feed. There are also some telephones: in fact, even if the Predator A+ and B are equipped with secure radios, a fixed telephone line can be used to contact air traffic control units in case of radio failure: a clear advantage over conventional planes.

Each crew can be made up of five members: a Mission Monitor, who is responsible for the entire mission; a Pilot, who flies the drone using a joystick to send inputs to the aircraft flight control surfaces; a Sensor Operator, who takes care of the cameras, radar and targeting systems; an Intelligence Operator, who performs a first analysis of the imagery; and a Flight Engineer, who supervises the entire system.

The malware,  a keylogger, was detected nearly two weeks ago, at the MGCS at Creech AFB, in Nevada. According to the reports it didn’t prevent the drones to fly their missions, but it has shown an unexpected resilience, so that all the efforts to remove it have failed to wipe it out.

Since MGCS are not interconnected to public networks, they should be immune to the viruses and malware that travels thanks to the Internet. However, crews use removable hard drives to load maps and planned routes into the system and to download mission video, the keylogger might have entered the secret control rooms by accident, by means of an infected USB token.

So, what kind of information could be grabbed by a keylogger inside a Predator or Reaper ground control station?

Anything you might need to input with your keyboard when flying your favourite plane on a Flight Simulator game: most probably, altitude, speed, heading, and other autopilot inputs, radio frequencies, coordinates for the navigation systems, and so on. Unless they are correlated with a specific engine, capable to use those data and to determine the current position and track of a drone, these inputs are hardly interesting or useful. Much more dangerous for drones is the lack of encryption used to transmit live high-resolution video to the ROVER (Remote Operations Video Enhanced Receiver) tactical hand-held receivers on the ground. The video should give the troops on the ground a clear view from the overhead Predator improving the overall situational awareness and reducing the risk of collateral damage or friendly fire. However, in 2009, US forces discovered hours of footage recorded by American drones on the laptops of Iraqi insurgents.

ICT Security expert Paolo Passeri says on his blog:

This is not the first time that an infection has been spread through an hard drive: in late 2008, for example, the drives helped introduce the agent.btz worm to hundreds of thousands of Defense Department computers. It looks like the Pentagon is still disinfecting machines, three years later.

Curiously the [Predator] virus showed to be very resistant to digital vaccines, and after several attempts to remove it with standard procedures (following removal instructions posted on the website of the Kaspersky security firm), the only safe method to clean it was to wipe the infected hard drives and rebuild them from scratch: a time consuming operations. As to say: sophisticated military weapons and technologies suffer the same issues than civil users (how many Windows installations from scratch after a malware infection), on the other hand the drone virus was detected by the military’s Host-Based Security System, a flexible, commercial-off-the-shelf (COTS)-based application. If you look carefully at the HBSS web site you will also be able to identify the commercial security technology which lays behind the HBSS.

Concluding, I don’t think the information leaked because of the malware is worth the reputational damage suffered by the entire US drone fleet and by the USAF INFOSEC (Information Security) capability.