Combat drones—aka remotely piloted vehicles (RPVs)—are now seen by U.S. combat commanders as one of their most valuable, if not the most valuable, military asset in the inventory. They are certainly seen as a very important element of the current administration's counter-terrorism policy.
Last week, there were a couple of news stories that highlighted the importance of RPVs once again.
The first was a story Friday in Wired magazine reporting that a keylogging virus of unspecified origin had been detected "logging pilots’ every keystroke" of USAF Predator and Reaper RPVs during their missions.
According to the Wired article, which the USAF will neither confirm or deny, the virus was detected two weeks ago, and it has proven to be extremely difficult to eradicate. It is unknown whether the RPV control/monitoring system at Creech Air Force Base (formerly Indian Springs Air Force Auxiliary Field ) in Nevada was deliberately targeted or not.
While the virus has not stopped flight operations, what is feared is that the "... infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger and then transmitted over the public Internet to someone outside the military chain of command."
The most likely point of entry is a portable drive or other USB storage device. Although these devices were banned from the DoD in 2008 because they were determined to be a source of a successful cyberattack against the DoD, Wired says the operations at Creech were exempted from the decree. In a case of JTL (Just Too Late), the use of portable drives has now been stopped.
There is also speculation that the "virus" is actually DoD internal system monitoring software meant to keep an eye on what was happening inside the RPV system. That is always a possibility, but it also wouldn't be surprising if the malware was a targeted virus either, given the importance of RPVs to modern warfare and governmental foreign policy.
For instance, an article in yesterday's New York Times discussed the "coming" RPV arms race, although this is probably a misnomer since it appears the race is already long underway. According to the article, the Chinese "startled some Americans" by displaying 25 different RPV models last November at the Zhuhai air show. There was even an animation of an RPV taking out a U.S. carrier.
The United States currently has the lead in the number of RPVs, is put at roughly 7000—mostly unarmed—although I suspect that number may be on the low side. According to this entry at Wikipedia, there are at least 48 countries other than the United States operating RPVs. This count doesn't include "third party operators" such as Hezbollah. In 2005, Hezbollah surprised Israeli soldiers by launching RPVs that flew over some northern Israeli towns and returned safely to Lebanon.
The Times article highlights the issue of using RPVs to conduct strikes against terrorists—or even American citizens who are seen as terrorists—in foreign countries, and how this use may be creating unintended and potentially fraught political and foreign policy consequences. The Times article, for example, poses the question:
"If China, for instance, sends killer drones into Kazakhstan to hunt minority Uighur Muslims it accuses of plotting terrorism, what will the United States say? What if India uses remotely controlled craft to hit terrorism suspects in Kashmir, or Russia sends drones after militants in the Caucasus? American officials who protest will likely find their own example thrown back at them."
Peter W. Singer, the director of the 21st Century Defense Initiative and a senior fellow in foreign policy at the Brookings Institution wrote about this issue in Wired for War. In a 2009 interview that I did with him for Spectrum, he said robotic technologies like RPVs:
"...are revolutionary not only because of the incredible new capabilities they offer you but because of the incredible new questions they force you to ask—questions about what’s possible that was never possible before and also new questions about what’s proper, what’s right or wrong that you didn't have to think about before."
Mr. Singer said then that the U.S. government had not been particularly proactive in asking, or answering, the myriad legal, moral, and political questions that the use of robotics has created. The recent strike that killed American-born and -raised Muslim cleric Anwar al-Awlaki, a leading member of Al Qaeda, however, is starting to force those questions to be answered as well as be critiqued.
In other RPV-related news, the Smithsonian National Air and Space Museum is currently (and has been for a while) running an exhibition on unmanned aerial vehicles. On Saturday, the museum was forced to close down early by protest groups who are against the use of armed RPVs. Things were back to normal yesterday, the Washington Post reported.
Finally, in late September, Rezwan Ferdaus, a Muslim American from Ashland, Massachusetts, with a degree in physics from Northeastern University, was arrested by the FBI for plotting to use large-scale model aircraft as a terrorist weapon, the Washington Post reported. The experts interviewed by the Post said that the model aircraft he planned to use were too small to cause substantial damage to his intended targets, the Pentagon and the U.S. Capitol Dome. You can read about the charges being leveled against Mr. Ferdaus here (PDF).
Update (13 October 2011)
The AP is reporting that the Air Force has admitted that a virus has infected its RPV ground systems but that it was "not directed at the military systems, but was common malware used to steal log-ins and passwords used in online gaming." In other words, it wasn't a common key-logger but a common credential-stealer.
The Air Force also stated that the virus did not affect the RPV flight systems, which are separated from the ground systems.
An Air Force Space Command spokeswoman, Col. Kathleen Cook, told the AP that virus was found on a small, portable hard drive used to transfer information between systems at Creech Air Force Base.
It wasn't reported how the virus got onto the portable hard drive in the first place.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.