S2Ep7 The Threat Space
How Iranians hacked and stole a US drone, and what that means for aviation
In December 2011 the US was operating its most advanced drone, a stealth unmanned aerial vehicle (UAV) called the RQ-170 Sentinel, over Iranian airspace when suddenly they lost control of the $6 million aircraft. The drone descended and landed in Iran, and the Iranians were able to decrypt its contents, reverse enginneer the drone, and build its own version, the Shahed 171.
For the US the incident was one of the most embarrassing and painful intelligence failures in decades.
How did it happen?
Experts believe that Iran blindsided the US with an Electronic Warfare capability that the US didn’t realize it had. In underestimating their adversary, the Americans had left themselves unwittingly vulnerable to a humiliating defeat.
Iran staged a two-phase attack against the drone, first blasting it with electromagnetic waves in what’s known as a jamming attack, then feeding falsified GPS signals to confuse it about where it was located, a so-called spoofing attack.
The incident was not only a shocking embarassment for the US, it marked the beginning of a new era in aviation — the dawn of what has been called “cyber physical” warfare, the overlap between cyber attacks, which affect computer systems, and the machines that they control in the real world.
In today’s episode we’re going to learn about the threat environment that existed in early 2014, who the players were, what capabilities they had, and what their motives might be. And what light it might shed on the disappearance of MH370.
I’m grateful to be joined in this week’s episode by a leading researcher in the field of electromagnetic warfare, Dr Thomas Withington, who is a senior associate fellow ot the Royal United Services Institute, and is the author of “International Safety & Security Counter Terror, Cyber & Resilience.”
He is an award-winning analyst and writer specialising in electronic warfare, radar and military communications. He has written widely on these subjects for a range of specialist and general publications. He also works as a consultant and adviser in these areas for several leading government and private sector clients.
For me, the main take-home of our discussion is this: in the wake of the RQ-170 hijack, we have to recognize that a new era of cyber conflict is on us, and the worst thing we can do is to underestimate the capabilities of our adversaries. The proliferation of automated systems throughout aviation has meant that the potential attack surface is now vast, but we can take positive steps toward protecting ourselves — if we first simply to acknowledge that the problem exists.