US Drone Displayed in Iran a Fake?

Interesting twist today to the story of Iran recovering a downed US RQ-170 stealth drone. As the battle rages back and forth as whether Iran’s report of it’s cyber army hacking the plane, electronic jamming or hardware malfunction brought the plane down this statement from the New York Times caught my eyes:

“American officials have acknowledged the loss of an RQ-170, a C.I.A. stealth drone made by Lockheed Martin and designed to fly covert missions and collect information in hostile territory, but have declined to confirm or deny that it is the plane that Iran says it recovered.”

They refuse to confirm or deny that the drone being displayed is the one the US is missing… What?

Why would they do that?

Could it be that the drone on display in Iran is a fake? Take a good look at the picture above from the video. Does this look like a $6 million dollar precision stealth drone or a parade float as military hardware expert John Pike at lovingly describes it:

“…it was highly unlikely the Iranians had the technology to wrest control of the drone’s navigation and bring it down so softly that it was left with barely a scratch.

“It looks like a parade float. For one thing, it looked remarkably intact for something that crashed, and the wings are drooping the wrong way.

“On the real thing, the wings go up at the end. This one’s wings droop down.”

If they are displaying a fake, why would they lie?

I believe to bring a halt to future intelligence gathering missions or possibly a reprieve from the “mystery” explosions that seem to be targeting Iran’s nuclear scientists and weapons specialists.

At best case, it could be a propaganda victory. Why show a mangled and battered drone that has all the electronics on-board destroyed, when you could create a mock up and make the US think they have all the hardware and programming intact?

One thing is for certain. With the CIA being involved in this, we are probably not going to see any more information released from the US side.

If the drone Iran has is legit and intact, the next question is who will end up with it, Russia or China?

US Chose Not To Use Cyberwarfare Against Libya?

Earlier this week, The New York Times released an article titled “U.S. Debated Cyberwarfare in Attack Plan on Libya“. Apparently, when the US led the air campaign against Libya in March (Operation Odyssey Dawn), we had a choice – to take out Libyan air defenses with conventional kinetic weapons or use a cyber attack.

The cyber route sounded exciting:

“While the exact techniques under consideration remain classified, the goal would have been to break through the firewalls of the Libyan government’s computer networks to sever military communications links and prevent the early-warning radars from gathering information and relaying it to missile batteries aiming at NATO warplanes.”

But not everyone was on board with this, “fearing that it might set a precedent for other nations, in particular Russia or China, to carry out such offensives of their own” and “These cybercapabilities are still like the Ferrari that you keep in the garage and only take out for the big race and not just for a run around town, unless nothing else can get you there”.

So, conventional weapons including airplanes, drones and cruise missiles were used instead. But the article just left me scratching my head. Haven’t air defense systems been taken out before through electronic means?

Sure they have, two instances come to mind immediately. One is the Israeli raid on the Syrian Nuclear facility and the other is during our military operations in Iraq. A system called “Suter” could have been used in both.

Simply put, Suter is a system that attacks and confuses the computer controls of air defense systems. I remember a history channel interview with an EC-130 pilot that was talking about his experiences in Iraq. “We owned their radar and telecommunication systems,” he said. “We were able to place fake targets into their systems and hide real ones.”

So if we have been able to manipulate foreign air defense computer systems using electronic technology and programming in the past, why would cyber attacks be any different? Granted you would be coming in through a firewall to attack a computer, but is it really any different than attacking it through radar waves? Especially if the results would be the same, or very similar?

If this is true, then is cyber warfare really any different from Electronic Warfare that has been used for ages, or is it just be a new form of it?

Putting the Cyber in Cyber Warfare

Analyzing the security field for a while now, I have seen the naysayer comments about cyber warfare. In a real war, you can’t kill with Denial of Service attacks. Or, you can’t shut down the power grid through the internet.

Well, putting all the fluff aside, how would cyber attacks be used in war time?

Right now we just see a lot of cyber espionage, nation states stealing information from other nations. Not that this is a little thing that can just be ignored. According to Sun-Tzu in the Art of War, “Thus it is said that one who knows the enemy and knows himself will not be endangered in a hundred engagements.”

But what most people don’t realize is that in a military conflict, cyber warfare is just another tool in the tool chest. It will be folded in with other forms of electronic warfare.

On the Military channel a while back they interviewed a Commando Solo pilot. He mentioned that during Desert Storm, they completely owned Iraq’s communication, radar, SAM and advanced warning systems. They were able to hide American troop movement by removing them from their systems, and placing fake decoy units into the system.

Electronic warfare specialists coordinated with Special Forces ground troops to subvert every form of Iraqi communication. An Iraqi officer would pick up the phone and a Special Forces operator would answer.

It got so bad, that Iraqi’s no longer trusted radio and phone communication to troops, so they started hand writing commands and delivering them in vehicles. The US responded by simply blowing up the vehicles.

Systems do not have to be connected to the internet to be susceptible to cyber warfare. Many modern communication systems run on TCP/IP, the same protocol that the internet uses. When TCP/IP was created, security was not a big concern, so phone systems based on TCP/IP are just as susceptible to the same protocol level vulnerabilities as computer systems.

Also, systems not connected to the internet are still vulnerable to cyber warfare if someone walks into the facility and installs a virus or a back door into the system. Or, if a USB drive infected with SCADA attacking Stuxnet is plugged into a computer inside the isolated network…

The Russians combined cyber warfare tactics with physical warfare during the Russia-Georgia conflict.

When utilities and communication systems go down during a large natural disaster, chaos ensues. We are one of the most technologically advanced nations in the world, yet look how long it took to get aid to New Orleans during Katrina.

When communication systems and utilities go down during a military conflict the outcome is very deadly indeed.

DOD Cyber Commander wants Situational Awareness

One of the first things that America’s new Cyber Commander wants to do is create better situational awareness for its massive data network. According to an article today on,  Gen. Keith Alexander said that currently CYBERCOMM is in defensive mode, reacting to a penetration, instead of responding in real-time.

“We must first understand our networks and build an effective cyber situational awareness in real-time through a common, sharable operating picture, We do not have a COP, a common operating picture, for our networks. We need to get there. We need to build that.”, Gen. Alexander said in a speech given at the Center for Strategic and International Studies. Due to the size of the military’s network,  this will be no small task, as according to DefenseSystems:

DOD is responsible for protecting more than seven million machines, linked in 15,000 networks, with 21 satellite gateways and 20,000 commercial circuits, Alexander said. DOD’s systems are probed by unauthorized users approximately 250,000 times an hour or over six million times per day, he added.

Gen. Alexander seems to be very realistic in seeing what needs to be done. He also wants to address the Rules of Engagement for cyber threats. This is very important and will heavily influence our countries cyber war doctrines. What level of response will be used for a Denial of Service Attack, what if the attack is bounced through an ally nation? These are questions that will need to be answered.

General Alexander has a big job in front of him, but it looks like he is headed in the right direction. He summed this up with this statement, “Our Department of Defense must be able to operate freely and defend its resources in cyberspace, we will do this as we do it in the traditional military domains of land, sea, air and space.” I truly hope Gen. Alexander can get this done and avoid the red tape bog that is politics.