Vantage Point: Non-traditional threats; We have to be forward thinking
There’s an old adage, shared in different ways and brought to modern times in reference to software developers and others, that goes along the lines of “leaders need to prepare for the next war, not the last one.” The idea is that we have to keep looking forward, not backwards. For our community of InfraGardNCR security professionals, that means understanding not just the world, and threats and risks, we’re looking at today, but also those emerging challenges ahead of us.
From learning from the pandemic, to thinking about the impacts of climate change, from cybersecurity and technology threats to the evolving extremism and terrorism threats – we need to be preparing for what’s next and stay ready for what’s in the environment today. One developing challenge that many are already experiencing are the varied threats and risks associated with unmanned aerial vehicles (UAV) or, as we more commonly refer to them, drones.
Today’s Threat. Just recently, there have been a number of recent developments and incidents that continue to reinforce the capabilities of drones and some of the potential risks. Here’s just a sampling of incidents across critical infrastructure.
Energy. Last fall, U.S. authorities acknowledged that a July 2020 incident at a power substation in Pennsylvania was a drone likely targeting the energy infrastructure. The bulletin released noted that, “This is the first known instance of a modified UAS [unmanned aerial system] likely being used in the United States to specifically target energy infrastructure.”
Commercial Facilities/Commercial Real Estate. A drone crashed into the 27th floor window of a New York City apartment.
Commercial Facilities/Sports Leagues & Public Assembly. How a Wrigley Field Drone Promo Unwittingly Reinforced Sports Leagues' Security Concerns. Sky Candy Studios has disseminated footage of a drone touring both the exterior and the bowels of Wrigley Field, illustrating the type of infiltration that has concerned sports leagues about drones. Prior to the current NFL season, the league’s chief security officer Cathy Lanier said she was worried about unauthorized drones penetrating stadium airspace and potentially causing "catastrophic outcomes." The Atlanta Falcons are among the NFL teams using a drone detection system to monitor the activity of unauthorized drones flying near their stadium.
Commercial Facilities/Sports Leagues & Public Assembly. NFL Remains Concerned About Unauthorized Drones Infiltrating Stadiums. The NFL’s Chief Security Officer Cathy Lanier told Bloomberg Government that the league is worried about "the nefarious actor" who could navigate a drone near or inside a league venue and either crash or perhaps instigate an attack. "The frustration is twofold: keeping pace with the technology so that we have the technology to counter the threats as they evolve, but also having the legislation to support our ability to keep pace with that threat," Lanier told Bloomberg. Related: Atlanta Falcons Using Drone Detection System to Monitor Unauthorized Drone Activity Near Mercedes-Benz Stadium.
More Commercial Facilities.
In 2014, a soccer match between Kosovo and Albania had to be cancelled after a drone incident
In 2013, a drone being used to record video crashed into the stands, injuring several people.
A drone crashed a tennis match at the US Open.
A drone crashed into the stands at a San Diego Padres baseball game, narrowly missing fans.
Retail. In 2012, an al-Qaeda plot to use a UAS filled with explosives targeted a shopping mall.
Entertainment & Media. The subsector has to contend with drones flying over television or movie sets to “leak” spoilers similar to ones that disrupted The Game of Thrones. And while the story may not be true, one had to at least consider it was, given the secrecy of filming.
Airports. Leading up to the Christmas holiday in 2018, Gatwick International Airport -- England’s second busiest airport -- was shut down for parts of two days as drones were observed in, or close to, take-off and landing areas. This resulted in flight disruptions for more than 140,000 passengers, and the cancellation of about 1,000 flights.
On 8 January 2019, a drone temporarily halted outbound flights at London Heathrow promoting a criminal investigation.
International. The ongoing conflict between Russia and Ukraine continues to highlight the impact drones have on the front line:
The Ukrainian military is using drones to build awareness of the day-to-day conflict, capturing stories of horror and heroism.
The more technology advances, the more targets become vulnerable to drones making it important for organizations to assess vulnerabilities.
International. Israeli authorities shot down three Hezbollah drones heading towards one of its gas rigs in a disputed area of the Mediterranean. Hezbollah claims the drones were part of a reconnaissance flight and indicated that the mission was a success. While not specifically stated, success could be argued because it provoked a response by Israel and it showed the reach of the recognized terrorist group.
My guess is that InfraGardNCR members are generally aware of the types of incidents above. But the threat of drones is both a very present and an evolving one, and the security challenges transcend solely the physical concerns.
The Emerging Threat. A recent Twitter thread from information security researcher Greg Linares outlined the cybersecurity threat posed by drones. According to Linares, earlier this summer an east coast company specializing in private investments detected unusual activity on their internal confluence page that was originating on their own network. WiFi signal tracing led the response team to a nearby rooftop where a “modified DJI Matrice 600” and a “modified DJI Phantom” were discovered. The Phantom was carrying a modified WiFi Pineapple Device, while the Matrice was carrying a case containing a raspberry pi, several batteries, a GPD series mili laptop, a 4G modem, and another WiFi device.
The investigation showed that the Phantom drone had been used several days prior to intercept a worker’s credentials and WiFi and that data was later hard coded into the tools deployed by the Matrice. Those tools were used to directly target the internal confluence page in order to target other internal devices. The entire operation was estimated to cost $15,000 USD, and is considered a relatively primitive setup, yet one that still worked.
That was this month. The threat and the blended threat of drones will continue to develop next month, and next year, and into the future. We have to be forward-thinking when it comes to threats and to consider where new technology and other threats are both today and where they’re going. Leaders, as we work together to achieve InfraGard NCR 's mission to improve and enhance information sharing to protect the national capital region's critical infrastructure, let us think of these present and emerging threats, and let us work together to stay informed, to understand the potential consequences drones and other emerging technologies can have, and let us work together to help secure our community and our nation.
Let me briefly pause and acknowledge my teammates who have supported the Real Estate Information Sharing and Analysis Center (RE-ISAC). I have largely borrowed from their good work to inform this Vantage Point.
For more information:
Drone Incidents. Counter-drone company Dedrone maintains a Worldwide Drone Incident tracker that highlights various incidents from around the world in which drones have had impacts. These range from privacy issues in residential areas, to incidents at government buildings and landmarks, as well as hostile activities and beyond.
White House Fact Sheet: The Domestic Counter-Unmanned Aircraft Systems National Action Plan (25 Apr 2022). The U.S. government recognizes the impact of drones and has taken steps to develop a strategy to defend against this increased risk. In April, the Biden administration released a " whole-of-government plan" to address the threat from drones / unmanned aerial systems, or UASs, on American soil.
The Gate 15 Risk Roundtable EP 31: A 4th of July Security Mindfulness Special. The podcast talked about drones, their continued risk, as well as the latest efforts by the U.S. government to start to address the risk.
Protecting Against The Threat Of Unmanned Aircraft Systems (UAS), an Interagency Security Committee Best Practice, November 2020 Edition
DOD. U.S. Department of Defense Counter-Small Unmanned Aircraft Systems Strategy
NATO Review. Countering drones: looking for the silver bullet
CISA. UAS - Critical Infrastructure
CISA. Unauthorized Drone Activity Over Sporting Venues
CISA. Unmanned Aircraft Systems Critical Infrastructure Drone Pocket Card
CISA. Public Safety Unmanned Aircraft System Resource Guide
CISA. Unmanned Aircraft Systems (UAS): Addressing Critical Infrastructure Security Challenges
CISA. Unmanned Aircraft Systems (UAS): Considerations for Law Enforcement Action
DHS. Counter Unmanned Aircraft Systems (C-UAS) Tech Guide