Did Iran hijack the 'beast'? US experts cautious about bold claims. (Video)
To hijack the lost US drone, Iran would have to have overcome major technical hurdles. None are impossible, but US experts question Iran's capabilities in such high-end cyberwarfare.
(Page 3 of 3)
One cyberwarfare expert says it might have been possible for the Iranians to cyberjack the drone – but only if they got help from Russia or China. Both nations have world-class cyberwarfare expertise and "may be projecting their own intentions" by helping the Iranians on this, writes James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies in Washington in an e-mail interview.Skip to next paragraph
Russia, he notes:
- Has focused on beating GPS guidance systems since since the war in the Balkans.
- Monitors US telephone and computer networks (and some radio frequencies) and so could have overheard the Department of Defence discussing drone-related problems.
- Helped the Iranian nuclear program – so why not electronic warfare? Especially since the drone would be a good prize.
The actual encryption on the drone developed by the US National Security Agency would be hard to beat, he writes. But perhaps the Iranians – with the Russians' help – found that there was a vulnerability in how the encryption was applied to the drone's control systems, allowing them to work around it.
Still, most experts consider it more likely that the drone failed for mechanical or other reasons and glided to a rough landing. Experts also question why Iran would divulge how it accomplished such an important technological feat.
"If you had that kind of capability you would not want to reveal it," adds Raduege. "That's why I think this is more about showing off how high-tech we are to take control of a US asset. It's false claims and wishful thinking."
Iran refutes the mechanical-failure theory by arguing that the drone, which is still largely intact, would have suffered more damage from a rough landing – although several experts noted that the landing gear has been obscured, suggesting precisely this sort of damage. Meanwhile, the information on the alleged Iran hack was not made public but rather was uncovered in a Monitor investigation in which the source was initially unaware that the material would be published.
Regardless of who is right, the incident points to important cyber lessons, experts say.
"There's no question that cybercommunications systems on the battlefield will have to get better in the long run," says David Aitel, president of Immunity Inc., a Miami-based cybersecurity company that specializes in offensive cybersoftware. As more drones enter the battlefield, a fleet of drones would have to "talk to each other" in ways that can't be disrupted by the enemy.
You don't want a weapons-laden drone taken over and shooting at friendly troops or targets like a friendly embassy, he notes.
"Friendly fire or firing on a politically important target like an embassy is a nightmare scenario," Mr. Aitel says. "Having it land, that's bad. But not as bad as it could be."
Get daily or weekly updates from CSMonitor.com delivered to your inbox. Sign up today.