OPSEC - never underestimate the enemy...

#1
various sources report the story that insurgents in both iraq and afghanistan have managed to view downlink footage from Predator, using commercially available software:

http://www.guardian.co.uk/technology/2009/dec/17/skygrabber-software-drones-hacked

SkyGrabber is a simple enough concept: grab the signals that spill from a satellite broadcast (or even narrowcast), aimed from a satellite towards a specific location, and turn them into TV feeds you can look at. Or as the website puts it: "You don't have to keep an online internet connection. Just customise your satellite dish to selected satellite provider and start grabbing."

http://news.bbc.co.uk/2/hi/middle_east/8419147.stm (snipped)

Iraq insurgents 'hack into video feeds from US drones'

Insurgents in Iraq have hacked into live video feeds from unmanned American drone aircraft, US media reports say.

Shia fighters are said to have used off-the-shelf software programs such as SkyGrabber to capture the footage. The hacking was possible because the remotely flown planes have an unprotected communications link. Obtaining such video feeds could provide insurgents with information about sites the military might be planning to target.

.............

The Associated Press news agency quotes a US Department of Defense official as saying the military has also found evidence of at least one instance where insurgents in Afghanistan monitored drone video.

The breach of the Pentagon surveillance system's security in Iraq is said to have come to light when footage shot by a Predator drone was found on the laptop of an apprehended insurgent.

A senior Pentagon official is quoted by the Wall Street Journal as saying that although militants were able to view the video, there was no evidence that they were able to jam electronic signals from the aircraft or take control of them.

http://www.telegraph.co.uk/news/wor...urgents-hacked-Predator-drone-video-feed.html

The military has known about the vulnerability for more than a decade, but assumed adversaries would not be able to exploit it.

from the beeb again:

"As we identify shortfalls, we correct them as part of a continuous process of seeking to improve capabilities and security. As a matter of policy, we don't comment on specific vulnerabilities or intelligence issues."
or in other words: "what the hell do you mean the downlink is unencrypted!??!? are you insane?!?! sort it out!!!"


don't know how accurate or up to date the story is, but a timely reminder never to underestimate the enemy...
 
#2
There is obviously an issue with potentially unencrypted sat links, but was this not known? Is this not how Rover works? Anyhoo.

The bigger thing is that this is practically a non issue. The Iraqi's that I 'met' over there had a hard enough time working out how a map worked, and could not even identify their own house from a overhead image. Asking them to try and interpret a FMV feed, that could actually be being taken from anywhere in TELIC, HERRICK is another thing entirely. I'm pretty sure that I wouild have a difficult time doing it and I'm an IA.

Yes there is an underlying issue, and no I'm not in anyway saying that our enemies are dense, but as usual, IMHO the media have blown this out of all proportion...
 
#3
Whilst the opposition may not be able to take full tactical advantage of what can be watched, it has been known for some considerable time that these feeds were available to anyone with the knowhow and equipment to watch. Without being specific, I believe you would be horrified at the ease of data capture.
 
#4
Well the media have blown the Russian originated software that allows you to view the video stream.
Apparently it was available to the Serbs during the Kosovo campaign.
The US is claiming they knew about this but didn't believe anybody would have the nouse to use it.
The problem was encrypting live video stream when it was shared with multiple users,
as numerous command eyes wanted in on the video game!
They claim that the Predators in Af/Pak are datastream protected.
 
#5
Howayman said:
There is obviously an issue with potentially unencrypted sat links, but was this not known? Is this not how Rover works? Anyhoo.

The bigger thing is that this is practically a non issue. The Iraqi's that I 'met' over there had a hard enough time working out how a map worked, and could not even identify their own house from a overhead image. Asking them to try and interpret a FMV feed, that could actually be being taken from anywhere in TELIC, HERRICK is another thing entirely. I'm pretty sure that I wouild have a difficult time doing it and I'm an IA.

Yes there is an underlying issue, and no I'm not in anyway saying that our enemies are dense, but as usual, IMHO the media have blown this out of all proportion...
Having seen your IA skills, I concur! :wink: You can't even spell 'would'!
 
#7
Howayman said:
There is obviously an issue with potentially unencrypted sat links, but was this not known? Is this not how Rover works? Anyhoo.

The bigger thing is that this is practically a non issue. The Iraqi's that I 'met' over there had a hard enough time working out how a map worked, and could not even identify their own house from a overhead image. Asking them to try and interpret a FMV feed, that could actually be being taken from anywhere in TELIC, HERRICK is another thing entirely. I'm pretty sure that I wouild have a difficult time doing it and I'm an IA.

Yes there is an underlying issue, and no I'm not in anyway saying that our enemies are dense, but as usual, IMHO the media have blown this out of all proportion...
I think that's a ridiculous view to take.

There are people linked to the Taliban, Muslim extremists, who have been born and bred in the UK. They have lived with technology and our way of life since birth, and are returning to, or at least assisting, the Taliban.

To assume that the people are sub-standard to interpret the intelligence is completely naive! It's beyond the point.

BATCO sheets were barely understood even by the people that use them. But if there was a systematic failure found out that allowed the enemy to intercept them at the same time that we used them... somebody would have done something about it!
 
#8
Howayman said:
There is obviously an issue with potentially unencrypted sat links, but was this not known? Is this not how Rover works? Anyhoo.

The bigger thing is that this is practically a non issue. The Iraqi's that I 'met' over there had a hard enough time working out how a map worked, and could not even identify their own house from a overhead image. Asking them to try and interpret a FMV feed, that could actually be being taken from anywhere in TELIC, HERRICK is another thing entirely. I'm pretty sure that I wouild have a difficult time doing it and I'm an IA.

Yes there is an underlying issue, and no I'm not in anyway saying that our enemies are dense, but as usual, IMHO the media have blown this out of all proportion...
I have to say that this is one of the mongiest statements. There is a huge issue. How can you say that these people would have a hard time even to identify their own house etc when a) they figured out how to get the video feed, and which satellite or satellites it was on b) the information that they gain is given to the commanders who then use it to determine where best to send their troops and/or weaponary.
If anything the media has undermined the issues that this could/can cause. How many lives has this cost? Why on earth do you think that they cannot interpret the feed? Do you think that only people from the west have knowledge about how technology works? It is far from a non issue.
 
#11
I did my sigs course over forty years ago when we were told that any signal sent by any means was going to be heard and read by the enemy after a time, being over confident about your technoligy is stupid and it cost the Germans the war, If we and the Septics did not see this coming then we have a command that is thicker than I thought. After the cock up with the US Navy not encripting the SatNav signals you would have thought they had learnd somthing
 
#12
Cabana said:
Howayman said:
There is obviously an issue with potentially unencrypted sat links, but was this not known? Is this not how Rover works? Anyhoo.

The bigger thing is that this is practically a non issue. The Iraqi's that I 'met' over there had a hard enough time working out how a map worked, and could not even identify their own house from a overhead image. Asking them to try and interpret a FMV feed, that could actually be being taken from anywhere in TELIC, HERRICK is another thing entirely. I'm pretty sure that I wouild have a difficult time doing it and I'm an IA.

Yes there is an underlying issue, and no I'm not in anyway saying that our enemies are dense, but as usual, IMHO the media have blown this out of all proportion...
I have to say that this is one of the mongiest statements. There is a huge issue. How can you say that these people would have a hard time even to identify their own house etc when a) they figured out how to get the video feed, and which satellite or satellites it was on b) the information that they gain is given to the commanders who then use it to determine where best to send their troops and/or weaponary.
If anything the media has undermined the issues that this could/can cause. How many lives has this cost? Why on earth do you think that they cannot interpret the feed? Do you think that only people from the west have knowledge about how technology works? It is far from a non issue.
Quite right, history repeating itself?
The Japanese were portrayed as educationally sub normal with poor eyesight (slitty eyes) and their armed forces were outdated.
Just before they sunk two capital ships - with unrestricted movement at sea, using land based bombers. Then they kicked our arrses out of Singapore by cycling pretty much their whole army through jungle paths and shitty roads to beat a force of superior numbers. Not bad for slitty eyed short-arrses.
Never underestimate the enemy.
 
#13
therealbigdizzle said:
I think that's a ridiculous view to take.

There are people linked to the Taliban, Muslim extremists, who have been born and bred in the UK. They have lived with technology and our way of life since birth, and are returning to, or at least assisting, the Taliban.

To assume that the people are sub-standard to interpret the intelligence is completely naive! It's beyond the point.

BATCO sheets were barely understood even by the people that use them. But if there was a systematic failure found out that allowed the enemy to intercept them at the same time that we used them... somebody would have done something about it!
Agreed. The naivity in many quarters is that those who would attack BRITFOR consist purely of those in-country. Tosh - there are many, located not only in this country, but throughout the world, who now view any "resistance" to the US and other coalition forces as legitimate, given what must now be viewed as a completely flawed invasion of Iraq.

These people have the same degrees, attended the same universities as our smartest candidates.

The story here being that data is unencrypted in the downlink. Which is where the expert comment is due. The answer to which, can no doubt be found in the myriad of procurement scoping, technical feasibility and costing documents. Yet again, compare and contrast to the steps that would be taken by a commercial organisation dealing with data that is of commercial value over this kind of link. The performance hit as I understand, is minimal. One could almost get the feeling that this architecture and platform was signed off, by a group of people that did not understand the operational risk and technical openess of the shiny boxes that the nice sales man showed them in the cgi generated video.
 
#14
If this is what a terrorist group can do with off the shelf kit it scares me what someone like the Chinese or russians could do!
 
#15
Cabana said:
Howayman said:
There is obviously an issue with potentially unencrypted sat links, but was this not known? Is this not how Rover works? Anyhoo.

The bigger thing is that this is practically a non issue. The Iraqi's that I 'met' over there had a hard enough time working out how a map worked, and could not even identify their own house from a overhead image. Asking them to try and interpret a FMV feed, that could actually be being taken from anywhere in TELIC, HERRICK is another thing entirely. I'm pretty sure that I wouild have a difficult time doing it and I'm an IA.

Yes there is an underlying issue, and no I'm not in anyway saying that our enemies are dense, but as usual, IMHO the media have blown this out of all proportion...
I have to say that this is one of the mongiest statements. There is a huge issue. How can you say that these people would have a hard time even to identify their own house etc when a) they figured out how to get the video feed, and which satellite or satellites it was on b) the information that they gain is given to the commanders who then use it to determine where best to send their troops and/or weaponary.
If anything the media has undermined the issues that this could/can cause. How many lives has this cost? Why on earth do you think that they cannot interpret the feed? Do you think that only people from the west have knowledge about how technology works? It is far from a non issue.
No it isn't, it's a well known issue which has been public knowledge for about for the last 10 years.

Getting the feed is as easy as surfing the internet via your neighbours unencrypted wifi*.

Non story.

msr
* not that I would do that
 
#16
msr said:
Cabana said:
Howayman said:
There is obviously an issue with potentially unencrypted sat links, but was this not known? Is this not how Rover works? Anyhoo.

The bigger thing is that this is practically a non issue. The Iraqi's that I 'met' over there had a hard enough time working out how a map worked, and could not even identify their own house from a overhead image. Asking them to try and interpret a FMV feed, that could actually be being taken from anywhere in TELIC, HERRICK is another thing entirely. I'm pretty sure that I wouild have a difficult time doing it and I'm an IA.

Yes there is an underlying issue, and no I'm not in anyway saying that our enemies are dense, but as usual, IMHO the media have blown this out of all proportion...
I have to say that this is one of the mongiest statements. There is a huge issue. How can you say that these people would have a hard time even to identify their own house etc when a) they figured out how to get the video feed, and which satellite or satellites it was on b) the information that they gain is given to the commanders who then use it to determine where best to send their troops and/or weaponary.
If anything the media has undermined the issues that this could/can cause. How many lives has this cost? Why on earth do you think that they cannot interpret the feed? Do you think that only people from the west have knowledge about how technology works? It is far from a non issue.
No it isn't, it's a well known issue which has been public knowledge for about for the last 10 years.

Getting the feed is as easy as surfing the internet via your neighbours unencrypted wifi*.

Non story.

msr
* not that I would do that
It may be an issue that has been well known for the last 10 years, which makes it even worse as it should have been rectified by now. However, that doesn't distract from the intelligence gains that the "insurgents" could have (and may have) achieved due to this issue and why is equipment being used that can be comprimised (not controlled) by any man and his dog.
There is a vast difference to pinching an internet feed from your neighbours wifi and having a live feed of say a battlefieled in as far as the resulting outcome.
 
#17
Cabana said:
There is a vast difference to pinching an internet feed from your neighbours wifi and having a live feed of say a battlefield in as far as the resulting outcome.
That sweeping statement rather depends on what your neighbour is using their wi-fi connection for.

Although experience would tell me that neighbours doing anything vaguely dodgy, tend to realise the issues of electronic risk better then those responsible for this situation.

As stated by msr - in many respects a non-story and one that has existed for ten years plus.

Problem is that The Guardian article just prints the logical outcome to a risk that has been known about by those who are in any kind of position to rectify the risk for the majority of their working lifetime.

So, who would identify and set about one of the most challenging Procurement / Change Control mechanisms on a critical military architecture, whilst the users (you know who you are) are ever more reliant on the insecure link?
 
#18
Cabana said:
It may be an issue that has been well known for the last 10 years, which makes it even worse as it should have been rectified by now. However, that doesn't distract from the intelligence gains that the "insurgents" could have (and may have) achieved due to this issue and why is equipment being used that can be comprimised (not controlled) by any man and his dog.
There is a vast difference to pinching an internet feed from your neighbours wifi and having a live feed of say a battlefieled in as far as the resulting outcome.
Why should it have been fixed? If it known about and the risk managed, then there is no need to spend a large amount of money fixing something?

It is clearly not bothering the Septics, or they would have got it fixed.

msr
 
#19
ABrighter2006 said:
Cabana said:
There is a vast difference to pinching an internet feed from your neighbours wifi and having a live feed of say a battlefield in as far as the resulting outcome.
That sweeping statement rather depends on what your neighbour is using their wi-fi connection for.

Although experience would tell me that neighbours doing anything vaguely dodgy, tend to realise the issues of electronic risk better then those responsible for this situation.

As stated by msr - in many respects a non-story and one that has existed for ten years plus.

Problem is that The Guardian article just prints the logical outcome to a risk that has been known about by those who are in any kind of position to rectify the risk for the majority of their working lifetime.

So, who would identify and set about one of the most challenging Procurement / Change Control mechanisms on a critical military architecture, whilst the users (you know who you are) are ever more reliant on the insecure link?
Well, I think I am pretty safe in stating that using the neighbour wifi to get an internet feed has not resulted in say for example an RPG round being fired at a particular target (which quite possibly result in the deaths of soldiers) on the command of an insurgent commander who may have access to the live unencrypted feed from a drone that is flying above a battlefield. Not possible you say? Well, I would not go as far as to say it is not possible at all.
 
#20
Fair comment msr - the risk factor being closely associated to the operational use, collection or live mission execution. Pretty sure that the US DoD have looked at this, and taken the mitigate risk through standard techniques route.

What the article ignores is the opportunity that is opened up, allowing the exploitation of the bandwidth to send out pysops data. But any fule kno that already!
 

Similar threads

Latest Threads