And you thought this week's news about the Navy's fancy stealth drone was good. Not to be outdone by the sea service, the Army this week revealed that it's looking to develop autonomous robo-backhoes and robot versions the military's famous armored trucks, known as MRAPs.
That's right, the Army wants to have robot trucks prowling battlefields for hidden explosives, finding and disabling or destroying the devices before they can harm people, according to this May 3 request for information that was spotted by a flying Blackberry with a drinking problem.
I have to say, this mission fits many people's job description for drones perfectly: dirty, dull and dangerous. If ever there was a dirty, dull and dangerous job for a drone, it's driving slowly down war-torn roads or paths while hunting for something buried in dirt or debris that could blow a person to smithereens.
So, the Army is interested in talking to contractors who can come up with kits allowing them to convert some of its High Mobility Engineer Excavators (backhoes on steroids, they're armored and can drive way faster than their civilian counterparts) and RG-31 MRAPs into remote-controlled bomb finders -- officially dubbed the Route Clearance and Interrogation System (RCIS).
Click here to see why they want these things to be unmanned.
Specifically, the kits must allow the vehicles to be operated by a soldier in another vehicle or for them to automatically follow a "pathfinder" vehicle or be programmed to drive along a preplanned route using GPS coordinates. However, the trucks must maintain their ability to be driven by a human the old fashioned way.
The Army envisions the trucks operating in nearly every environment, from urban rubble to open desert. The RCIS "will operate in terrain varying from open rolling to complex terrain; in confined areas; with mobility on primary and secondary roads and trails, and during limited cross-country movements," reads the RfI. "Operations will take place during daylight and during night, in limited visibility, and in inclement weather."
The two vehicles that comprise the RCIS system will have tools that allow for slightly different, complimentary missions. The backhoe will allow troops to remotely dig up, identify, and "neutralize" deeply buried explosives "in confined/urban areas" and prevent enemies from planting bombs in routes that have already been cleared by U.S. troops, according to the document.
The robo-MRAP will allow the troops to find and "neutralize" bombs with equipment such as "an explosive hazard roller, debris blower, electronic countermeasures device, infrared neutralizing device [to disable laser tripwires], and trip/command wire detonating device."
The trucks will be equipped with a variety of cameras and diagnostic systems allowing the operator to monitor its progress, the world around the vehicle and its health as if he or she were sitting behind the wheel, according to the RfI. Still, the beasts should be able to automatically recognize and warn the operator to the presence of any vehicle the size of a "Toyota Tacoma" pickup truck or larger and any people "standing upright wearing an Army Combat Uniform" who happen to be in front of or around the vehicles. (I guess you're out of luck if you're stranded in a Mini Cooper that's in the path of one of these things.)
These are hardly the U.S. military's first ground-based drones. The military has fielded thousands of small bomb-disposal robots, and the Army has tested a six-wheeled robot-jeep that serves as a pack mule in Afghanistan.
That's nothing compared to Israel, which has wholeheartedly embraced ground robots to conduct dull, dirty, and dangerous missions for at least a decade. The Israel Defense Force has used robot bulldozers since late 2003 to "knock down buildings, flatten olive groves and clear paths for advancing soldiers," according to this BBC News article. Then there's what might be the world's first killer ground robot, the IDF's Guardium.
As China commissioned its first-ever aircraft carrier aviation unit, Asia's other rising power, India, gave its carrier aviators a serious equipment upgrade with the introduction of 16 brand-new Russian-made MiG-29K and four MiG-29KUB carrier-borne fighters earlier this week.
India has operated old British aircraft carriers for decades. Right now it flies aging Sea Harrier jump jets from INS Viraat, formerly the Royal Navy carrier Hermes. These Sea Harriers are subsonic attack planes with limited payloads operating from a carrier that was built in the 1950s.
The supersonic MiG-29K is an updated, naval version of the Soviet Union's 1980s-vintage MiG-29, which was designed to counter U.S. Air Force F-15s and F-16s in the skies over Europe should the Cold War ever turn hot. The planes are way faster than the 1980s-vintage Sea Harriers and can carry more weapons capable of shooting down enemy planes and hitting enemy ships.
The Indian navy's new MiGs are going to be flown off of India's newest carrier, the former Soviet navy "aircraft-carrying cruiser" Admiral Gorshkov. That vessel has been massively refurbished at a Russian shipyard into the soon-to-be delivered INS Vikramaditya, a full-on carrier that, after much work, looks remarkably similar to China's first carrier, the Liaoning -- herself an old Soviet carrier. (Vikramaditya is supposed to be delivered to the Indian navy sometime this year.)
(China is also reportedly building at least two aircraft carriers of its own, set to enter service in the next decade.)
India will get a second squadron's worth of MiG-29Ks to fly off its first locally made carrier, the INS Vikrant, which is slated for delivery in 2015. (Click here to see great images of her under construction and get a primer on the delays that have troubled India's carrier program.)
So yeah, China isn't the only Asian nation that's building up its carrier force.
And keep in mind that India has one distinct advantage over China when it comes to carrier operations: it has been operating fighter jets from aircraft carriers for more than 50 years. It can take decades to master the art of flying fast jets off of the relatively tiny, floating airfields. Still MiG-29s are much bigger airplanes than the Sea Harriers and they can't just land vertically on a flight deck, as a Harrier can. This means that Indian navy pilots will have to relearn one of the toughest skills in aviation; landing on a pitching, rolling flight-deck and snagging an arrestor cable to come to a stop in a couple of hundred feet.
The same day that the U.S. Navy's X-47B stealth drone took off from an aircraft carrier, photos emerged on Chinese Internet forums that seemingly confirm that China is developing a stealthy unmanned jet, dubbed the Li Jian or Sharp Sword.
These jets are meant to replace the current crop of slow, low-flying, propeller-driven UAVs that military planners assume will be highly vulnerable in a modern conflict where one nation doesn't have absolute control over airspace.
For example, the U.S. Navy envisions these planes doing everything from aerial refueling missions to penetrating advanced air defenses to perform strike and surveillance sorties.
The only stealth drone designs we saw coming out of China were subscale models that basically amounted to remote-control airplanes. It appears that we can now add stealth drones to the military technology that China is developing to catch up with the West.
Hat tip to Alert 5.
History was made this morning when the U.S. Navy's stealthy X-47B Unmanned Combat Air System demonstrator (UCAS-D) drone became the first unmanned stealth jet to take off from an aircraft carrier's catapults.
The jet launched off the USS George H.W. Bush in the Atlantic Ocean at 11:18 this morning and landed at Naval Air Station Patuxent River in Maryland at 12:24 p.m., according to Navy public affairs tweets:
(To be fair, The Wall Street Journal's Julian Barnes may have beat the Navy in announcing the flight on Twitter)
The plane was supposed to conduct several simulated carrier landing approaches before flying inland and accross the Chesapeak Bay to Patuxent River, according to this Navy press release.
The plane followed taxiid onto one of the ship's bow catapults and then lauched into the air where it was controlled by an operator aboard the ship, as the jet made its way closer to shore, control was passed to an operator stationed at Patuxent River who controlled the jet on its flight home through mainland airspace.
Remember, the X-47B is meant to prove that a fighter-size stealth jet can operated from the crowded deck of an aircraft carrier. The Northrop Grumman-made drone is meant to test technology that will allow unmanned stealth jets capable of performing spy and strike missions to safely taxi on a flight deck and execute missions autonomously -- with a human supervising them but not flying them, even as the plane makes carrier landings, one of the toughest feats in aviation. (Click here to read about the technology the Navy will use for this.)
The X-47B program is set to continue until 2015, paving the way for the Navy's Unmanned Carrier Launched Surveillance and Strike program, which aims to have a fleet of stealth unmanned spy and strike jets operating from carriers by the start of the next decade.
Stealthy, unmanned jets capable of operating from carriers and doing everything from aerial refueling to spy and strike missions will play a role in the Navy's strategy for dealing with the great distances involved in operations in the Pacific region. Such craft could take off from a carrier far aways from an enemy's shores -- and hopefully out of the range of anti-ship missiles -- refuel each other and penetrate an enemy's advanced air defenses to perform strike or spy missions.
The U.S. isn't the only nation developing such UAVs. Britain, France, Russia and possibly China are also working stealthy, jet powered drones capable of performing combat missions in the face of modern air defenses.
Click here to read more about the X-47B.
Here's some Monday news: China has apparently commissioned its first aircraft carrier-based aviation unit.
We've known for years that a small cadre of Chinese pilots has been practicing landings and takeoffs on landlocked mock-ups of an aircraft carrier flight deck. Last fall, these pilots conducted their first-ever carrier flight operations when they took off and landed aboard China's first carrier, the Liaoning.
It appears these pilots are set to start training the next crop of Chinese naval aviators, according to a report from Xinhua that came out over the weekend.
The forming of the force, approved by the Central Military Commission (CMC), demonstrates that the development of China's aircraft carriers has entered a new phase, the sources said.
The force comprises carrier-borne fighter jets, jet trainers and ship-borne helicopters that operate anti-submarine, rescue and vigilance tasks.
Pilots of this unit must have at least 1,000 flight hours and have flown five different types of aircraft, according to Xinhua.
Liaoning is meant to serve as China's "starter carrier." It will give this first class of pilots and sailors experience operating a floating airport -- one of the toughest things in aviation. It took decades for the U.S. Navy to master the art of flying fast jets off of 4.5-acre flight decks (they were even smaller 60 years ago) that are bobbing in the ocean.
The carrier started life as the Soviet ship Varyag. However, she sat unfinished in a Ukrainian shipyard for a decade or so after the breakup of the USSR. In 1998, Chinese investors bought the hulk without engines, electrical equipment, or weapons with the stated intention or turning it into a casino. However, toward the end of the last decade, photos emerged of the ship being refitted for naval service.
At the same time, China began developing its own carrier-based fighter jet, called the J-15, based on the Russian Su-27 -- a carrier-borne fighter developed by the Soviets in the 1980s to fly off Varyag's sister ship, the Admiral Kuznetsov. The Su-33 is a navalized version of the Sukhoi Su-27 land-based fighter.
China apparently bought a Su-27 from Ukraine and reverse-engineered it to develop its J-11 fighter after Russian officials refused to sell the type to China. Once they had a J-11, Chinese engineers developed their own navalized version, the J-15.
China is apparently at work building at least two more aircraft carriers that are reported to enter service sometime in the next decade or so. Some say these ships will be based on the Liaoning's design, meaning they can carry about 30 fighters, while others say they may be based on the Soviets' larger, unfinished follow-on to the Admiral Kuznetsov, the Ulanovsk, meant to carry almost 50 planes plus helicopters.
Here's a little tidbit to impress your friends this weekend: Bloomberg Government just published a report on the Pentagon's and Intelligence Communities' classified spending and found that the vast majority of classified weapons development money goes to the U.S. Air Force.
That's right, the flyboys get the most cash to develop everything from super-secret stealth bombers and spy planes to space and cyber weaponry, according to the report.
"Almost all classified procurement money and two-thirds of the research and development funds were allocated to the Air Force," reads the B-Gov report. "About $17 billion of Air Force classified funds are labeled ‘Other Procurement,' which probably includes money for space and cyber programs."
The report points out that big chunk of cash in the Air Force's classified budget is for the service's new bomber (I took the iPhone photo above of Northrop Grumman's concept design for the bomber a couple of years ago at a trade show. It apparently rides rainbows of doom).
The Air Force requested $292 million for fiscal 2013 to develop a new strategic bomber. The funding for it will quickly rise to $2.7 billion in fiscal 2017, making it the largest special access program in that year.
The bomber is a stealth jet that's supposed to work hand in hand with a "family" of other stealthy spy planes and fighter jets, along with satellites, to go out and hunt down targets in heavily defended airspace, Air Force leaders have repeatedly said.
The planned fleet of 80 to 100 new stealth bombers will be built using existing technology in order to get them into service by the 2020s (some think that the planes are already flying over the Nevada desert) and will be designed to be "optionally-manned."
This means that the aircraft doesn't need pilots aboard for the most dangerous conventional strike missions (it can also help for incredibly long missions that would be too long for pilots to endure.) However, for less risky sorties or nuclear strike missions, the plane would be manned.
While Iran's got a somewhat less than "Epic" new propeller-powered UAV, China might be jumping on the stealth drone bandwagon sooner than you thought.
Until now, we've seen photos of Chinese-made versions of propeller-driven drones that strongly resemble their American counterparts like the MQ-9 Reaper.
China has been developing what amount to mock-ups and model airplanes of stealth drones for years now. But it's unclear whether the plane shown above is an actual production jet, or just another mock up. (It might also be a fake, like this false image of a Chinese stealth jet that was circulating the Internet in 2011.)
While there's no way of verifying these grainy photos show a plane that could actually fly, Wired's Danger Room points out that the Pentagon's latest report on Chinese military capabilities says that the PLA is working to field "Unmanned Combat Air Vehicles [that] will increase China's ability to conduct long-range reconnaissance and strike operations." The Pentagon usually describes stealth drones like the X-47B and others with very similar language.
Some online forums claim the aircraft is being built for use by the Chinese air force and navy and that it conducted ground tests in December 2012 and is being readied for a flight test later this year. The introduction of such a weapon would make sense given the PLA's desire to project greater power throughout the Western Pacific. A partial list of platforms to support this strategy includes the J-20 and J-31 stealth fighters, aircraft carriers, and strategic jet transport planes.
The U.S. Navy is hoping to have a fleet of carrier-launcher stealth jet drones that can perform long-range surveillance and strike missions by the early 2020s. The Navy sees these jets as key to its strategy of operating in the Pacific Ocean, particularly since China's development of weapons aims to keep U.S. ships far from its shores. The battle for unmanned aerial supremacy is definitely heating up.
The stealth arms race is spreading. This image, snapped by a Flight Global reporter, Tolga Ozbek, at this year's International Defense Industry Fair in Istanbul, Turkey, this week, is apparently one of three proposed stealth fighter designs for the Turkish Air Force.
The new jets are being developed under a program called TFX aimed at producing a locally made fighter (with a little help from Swedish jet-maker, Saab) to replace Turkey's fleet of F-16s. The plan is that they will be operational sometime in the early 2020s and compliment Turkey's fleet of 116 U.S.-made F-35 Joint Strike Fighters.
If TFX gets past the design phase, Turkey will join the United States, Russia, and China as the sole developers and operators of manned stealth fighter jets. Japan may be Turkey to the Punch with its stealth fighter program called ATD-X. (South Korea is trying to develop its own stealth jet by the 2020s, but that effort has been put on hold.)
But a big question remains for nations developing manned stealth jets: Are they even needed given the advent of stealth drones like the U.S. Navy's X-47B, France's nEUROn and Britain's Taranis that can perform reconnaissance and ground attack missions -- and even land on aircraft carrier decks? One can only imagine what unmanned planes under development 10 years from now will be capable of doing.
The Pentagon's latest report on the capabilities of the Chinese military mentions an important aspect to its buildup: China's efforts to develop advanced technologies that have both civil and military use. This means that China is trying to acquire tech that can be used to drive modern aerospace, computing, and transportation industries -- as well as 21st-century military equipment.
How does it get this information? Everything from outright cyber theft to old-fashioned espionage to legitimate business partnerships.
As the report says:
The Chinese utilize a large, well-organized network to facilitate collection of sensitive information and export-controlled technology from U.S. defense sources. Many of the organizations composing China's military-industrial complex have both military and civilian research and development functions. This network of government-affiliated companies and research institutes often enables the PLA to access sensitive and dual-use technologies or knowledgeable experts under the guise of civilian research and development. The enterprises and institutes accomplish this through technology conferences and symposia, legitimate contracts and joint commercial ventures, partnerships with foreign firms, and joint development of specific technologies. In the case of key national security technologies,
controlled equipment, and other materials not readily obtainable through commercial means or academia, China has utilized its intelligence services and employed other illicit approaches that involve violations of U.S. laws and export controls
Here's a look at a handful of interesting cases of Chinese efforts to get a hold of technology -- both military and civilian -- that could help its military catch up with its Western counterparts.
First up is China's biggest chunk of modern military hardware, its sole aircraft carrier, the Liaoning. Chinese investors bought the Soviet-built ship -- sans engines, electronics, or weapons -- from Ukraine in 2001 with the stated purpose of turning it into a floating gambling den. We all know how that worked out. Instead of becoming a casino (or luxury hotel like the former Soviet carrier Kiev) Liaoning was commissioned into the PLA Navy last year and it'll serve as China's starter carrier, a floating lab where the navy can master carrier operations before it commissions at least two more carriers in the next decade or so. These ships -- and a crop of modern destroyers and other ships -- are meant to help China project power throughout the Western Pacific.
Then, there's its development of stealthy jets that strongly resemble (on the outside, at least) U.S.-made F-22 Raptors and F-35 Joint Strike Fighters. Remember, Chinese hackers reportedly broke into the networks of defense contractors working on the F-35 (including Lockheed Martin, maker of both the F-35 and F-22). In an interesting coincidence, China revealed its J-20 stealth jet in late 2010 boasting a nose section that looks a lot like the F-22's, right down to parts of the canopy design and what might be a 3-D heads up display. Then, last year, China unveiled its second stealthy fighter, the J-31 (below). That plane bears a way-too-close-for-comfort resemblance to the F-22 and the F-35. (Last year, a U.S. Air Force official pointed out that the F-35's computerized maintenance system containing tons of information about the jet had to be redesigned after it was found to be vulnerable to hackers.)
In September 2012, the United States convicted Sixing Liu, a Chinese citizen working for a U.S. defense contractor, of bringing electronic files containing "details on the performance and design of" guidance systems for missiles, rocket target-designators, and even UAVS, the Pentagon's latest report points out. The document also recounts that two Taiwanese nationals were charged in March 2012 with planning to get their hands on "sensitive U.S. defense technology" and passing it to China. The pair, Hui Sheng Shen and Huan Ling Chang, were allegedly going to take pictures of the technology, delete the images from their cameras, and then bring the memory cards back to China where the images would be recovered.
The DOD report also lists the case of aircraft engine-maker, Pratt & Whitney Canada (a subsidiary of U.S. defense giant United Technologies Corporation) illegally giving engine control software to China for use in its latest attack helicopter, the Z-10. UTC and two subsidiaries ended up having to pay a $50 million fine and had some of its export license privileges suspended temporarily as part of a settlement deal with U.S. authorities.
Then there's the case of U.S. defense giant General Electric's partnership with China's state-owned aviation firm COMAC -- a program aimed at developing digital avionics for China's first domestically made jetliner, the COMAC 919 (shown below). GE came under fire from Virginia congressman Randy Forbes, who claimed the technology used to develop next-generation airliner avionics was inked to the same technology used in the U.S. Air Force's premier fighter, the F-22. Forbes worried that sharing information on even a civilian version of these avionics would allow China to develop them for military use. The deal remains on, but given the news we've heard in the last year or so about Chinese hackers, one hopes that GE is being extra vigilant in protecting its most sensitive information.
The predecessor of the avionics deal is GE's partnership with AVIC (COMAC's parent firm) to develop modern jet engines in China. It might seem like decades-old technology, but building jet engines, especially those used in 21st-century fighter jets, are one of the toughest engineering challenges in aviation. AVIC has partnered with GE in an attempt to develop engines capable of powering large aircraft: from civilian jetliners to military transports, radar planes to bombers. As U.S. Naval War College professor Andrew Erickson has said, these joint ventures could "give the Chinese aerospace industry a 100 piece puzzle with 90 of the pieces already assembled. Enough is left out so that the exporting companies can comply with the letter of the export control laws, but in reality, a rising military power is potentially being given relatively low-cost recipes for building the jet engines needed to power key military power projection platforms."
Chinese Internet, Wikimedia Commons
So what's new in the Defense Department's new report about Chinese military capabilities? The biggest news seems to be that the Pentagon is actually saying that Chinese-military hackers are attacking its networks. Not that this should be news to readers of Killer Apps.
The report states that numerous U.S. government computer systems around the world are being "targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military." It goes on to say that China is using cyber espionage to collect intelligence on U.S. diplomatic, economic, and "defense industrial base sectors that support U.S. national defense programs."
The same skills being used by Chinese cyberspies to steal information could easily be used in a destructive attack against U.S. networks, the report points out.
Preventing cyber espionage and cyber attacks is "a consequences calculation and the consequences aren't there," said one Senate staffer who works on cyber issues. For "everybody from your common hacker to your professional hacker to the nation states, the consequences aren't there" to deter these kinds of actions.
He went on to compare the current era of cyber espionage to the "Napster days" of free music downloading.
"There was nothing that was going to deter college-age students from ripping off music until there was a consequence that was associated with it and the RIAA [Recording Industry Association of America] had to go out there and start suing," said the staffer.
Richard Bejtlich, chief security officer at Mandiant, thinks that while it's important for the U.S. government to call out the Chinese government's bad behavior, it's going to take more than harsh language to deter state-backed cyber espionage. (Remember, Mandiant is the firm that published a report in February detailing the exploits of what is believed to be a PLA hacking unit against worldwide targets, including the U.S. government.)
"It's important for noncommercial, government entities like DOD to make definitive statements on Chinese cyber capabilities," Bejtlich told Killer Apps. However, "because the Chinese consider espionage a tool for economic development, and the economy is one of their top national security concerns, they will not change course if the U.S. only complains with words. They are more likely to constrain their behavior if the U.S. imposes specific sanctions and exercises all elements of national power."
Bejtlich's comments echo those of Rep. Mike Rogers, chair of the House Intelligence Committee who has repeatedly urged the State Department to impose sanctions on any foreigner found to aid cyber espionage against the United States government or businesses.
Happy Monday. Here's some drone history being made: This video shows the U.S. Navy's X-47B Unmanned Combat Air System demonstrator (UCAS-D) making its very first arrested landing. On May 4, the stealthy drone landed aboard a mock aircraft carrier flight deck, painted on a runway at the Navy's airbase at Patuxent River, Md.
The Northrop Grumman-made X-47B is meant to prove that the Navy can operate a fighter jet-sized stealthy drone from aircraft carriers -- paving the way for a fleet of similar aircraft to enter service around 2020 under a program called Unmanned Carrier Launched Surveillance and Strike or UCLASS. The Navy is testing the X-47B's ability to do everything from safely taxi around a crowded flight deck to takeoff and land autonomously on a carrier's four-acre deck (a human simply gives the plane clearance to land and then monitors the jet while a computer controls the actual maneuvers).
The X-47B is slated to fly from an actual aircraft carrier for the first time in the next year or so; the whole demonstration program will run until 2015.
Meanwhile, the sea service will soon give Northrop, Boeing, Lockheed, and General Atomics contracts to flesh out their designs for a stealthy, carrier-launched drone capable of flying through advanced air defenses, spying on potential targets, and even dropping bombs on them under the UCLASS program. That program is intended to incorporate the lessons learned from the Navy's experience with the X-47B to field operational jets by the end of this decade.
As the militaries of the United States and Britain purchase more and more of the same networked hardware, most notably the F-35 Joint Strike Fighter (above), the two nations are increasing collaboration in cyber warfare, according to a Pentagon official.
"Cybersecurity is a growing area of cooperation between the United States and the United Kingdom," the official told Killer Apps. "We're sharing more information and going deeper into threat analysis and response planning than we ever have before. Both nations firmly agree we need improved multilateral cyber coordination and we're working to do just that. Cyber will also be on the agenda for discussions at the upcoming NATO conference in June."
His comments come a day after British Defence (with a "c") Secretary Phil Hammond was in Washington meeting with U.S. Defense Secretary Chuck Hagel to discuss the situation in Syria, the war in Afghanistan, how to deal with Iran, and visit U.S. Cyber Command at Fort Meade, MD. (As is sadly the norm, a spokesman for the command could not talk about Hammond's visit to Fort Meade.)
While much of the discussion between the two officials centered current or potential conflict zones and major weapons buys like the F-35, Hagel announced that the two allies will increase their cooperation in the cyber world.
"The United Kingdom's continued commitment to [the F-35] program, and our growing cooperation in new priority areas like cyber, is helping ensure this alliance has the kind of [cutting-edge] capabilities needed for the future," Hagel said during a Pentagon press conference yesterday.
"The U.K. and the U.S. remain in lock step on these projects, and as we take them forward, we will ensure the continuity of those vital capabilities," added Hammond.
It makes sense for the two to discuss F-35 and cyber in the same breath. The F-35 relies on tens of thousands of lines of software code to function. It is perhaps, the most networked plane in history, using software to do everything from fire weapons to beam chunks of data to other aircraft or command centers. Last fall, Killer Apps reported that the jet's computerized maintenance system was found to be vulnerable to hacking -- meaning that, if penetrated by spies, they could see everything from how many pilots were available to fly the jets to the maintenance status of all the airplanes in a squadron.
This comes just after Bloomberg news reported that QinetiQ, a British defense firm (that used to be a Ministry of Defense research agency until it was privatized in 2001 suffered) a series of major cybersecurity breaches at the hands of Chinese government hackers. QinetiQ works on a host of advanced technologies from cyber to robotics with U.S. government agencies such as the DOD and the Department of Energy. In fact, the firm runs Britain's version of Area 51, a site known as MoD Boscombe Down and has been called the inspiration for the workplace of James Bond's gadget-maker, Q.
This week's crash of a civilian cargo jet at Bagram airfield in Afghanistan highlights the fact that the U.S. military relies on a private air force to move enormous amounts of supplies and numbers of people around the globe.
The jet that crashed at Bagram (shown above) was a Boeing 747-400 that had been converted from a passenger jet into a freighter for Florida-based National Airlines, one of the many little-known civilian carriers that keep the U.S. military and intelligence agencies supplied around the globe. The plane was said to be transporting five MRAP armored vehicles (which are incredibly heavy) from Afghanistan to Dubai -- a route the airline had been flying for about a month prior to the crash.
Here are just a few more of the many private airlines that serve the U.S. government on a regular basis:
Spend any time at BWI Airport and you'll see MD-11s sitting on the ramp, painted in the livery of World Airlines, a contractor that flies U.S. troops to Europe and the Middle East. They usually operate out of a terminal reserved for the U.S. Air Force's Air Mobility Command -- the organization that operates more than a thousand cargo and tanker aircraft such a C-5 Galaxies, C-17 Globemaster IIIs, C-130 Hercules, KC-135 Stratotankers, and KC-10 Extenders. Despite all these planes dedicated to moving troops and materiel, the service still contracts with dozens of private airlines.
Frequently sharing ramp space at BWI with World Airlines is North American Airlines, the company that provided a Boeing 767 for Barack Obama's 2008 presidential campaign. The charter-jet provider operates five 767s that are frequently used to ferry U.S. soldiers around the world.
The Washington state-based Evergreen Aviation is supposedly one of the successors to the CIA's legendary Air America -- famous for hauling everything from chickens to drugs (allegedly) throughout Southeast Asia during the Vietnam War. (In 1968, an Air America UH-1 Huey chopper actually shot down a Soviet-made An-2 Cub cargo plane flown by the North Vietnamese air force.) The company has done everything from supporting CIA missions to operating one of the largest aerial firefighting aircraft in the world: the Evergreen Supertanker, an old 747 passenger jet that was converted to carry more than 20,000 gallons of fire suppressant.
Tepper Aviation is a company that operates a fleet of ghost-white Lockheed L-100s (the civilian version of the C-130 Hercules), allegedly conducting missions for the CIA all over the globe, possibly including prisoner transport. As would be expected, Tepper has no website. However, if you search Google Maps for the small airport in Crestview, Fla., where Tepper is reportedly based, you'll find a large facility on the southeast corner of the runway with a U.S. Air Force C-130 parked nearby and a hangar with the logo of defense giant L-3 Communications painted on the roof. (Click here to see apparent pics of the flight deck of one of tepper's planes while it was stopped in Japan with some "diplomatic" cargo aboard.)
And who can forget Presidential Airways. This former Blackwater subsidiary is famous for a 2004 incident in which a CASA 212 ferrying U.S. troops from Bagram to Farah, Afghanistan crashed into a canyon wall after the pilot became disoriented, killing three soldiers and three civilian crew. This incident brought attention to the fact that small carriers were hauling U.S. troops around battlefields even though the U.S. Air Force, Army, and Marines have thousands of planes and helicopters designated for such tasks. Despite increases in the number of military tactical airlifter missions in the Middle East since then, the U.S. military still relies on contractors to support the massive task of keeping its troops supplied via air in Afghanistan.
View U.S. military presence in Africa in a larger map
The United States may
be deploying 10 have a handfull of troops helping the French in Mali, but that's just a drop in the bucket of the U.S.
military's presence in Africa, which has been quietly building for the last
decade. You've probably heard about the 2,000-troop hub at Camp Lemmonier,
Djibouti, and the 100 special operators hunting Joseph Kony. But less is known
about the handful of U.S. drone bases scattered across the continent and the
dozens of exercises involving hundreds, if not thousands, of American troops (Click the placemarks on the map above for a quick description of what U.S. troops are doing in each country.)
A quick look at exercises and other activities conducted by U.S. Africa Command this spring alone reveals a U.S. military presence in more than a dozen countries -- from Cape Verde in the West to the Seychelles in the East and Morocco in the North. These exercises have shared medical techniques with the Nigerian military, provided intelligence training in Congo, trained special operators in Cameroon, and even included an East African Special Operations Conference in Zanzibar.
Just look at the U.S. Army's page on Africa to find even more examples of soldiers deploying to Africa.
In 2012, Africa Command planned 14 major exercises with African militaries, according to the command's website. Meanwhile, the Foreign Military Financing program gave African militaries $45 million to buy American-made weapons in 2011. Tunisia received the most cash ($17 million), followed by Morocco ($9 million) and Liberia ($7 million).
Let's take a close-up look at the eight reported U.S. drone bases scattered across equatorial Africa that are depicted on this map.
1) First up is Camp Lemmonier, which houses thousands of U.S. personnel and has -- according to satellite imagery -- also hosted everything from F-15E Strike Eagle bombers and C-130 cargo planes, to PC-12 special ops planes and MQ-1 Predator or MQ-9 Reaper UAVS.
2) Next is the U.S. Indian Ocean drone base in the Seychelles that's used to hunt Somali pirates and other seaborne ne'er do wells. You can clearly see a tan-colored "clamshell" tent on the northwest end of the runway -- a common indicator of a U.S. military presence at an airstrip.
3) Speaking of clamshell tents, this Bing map shows several at what appears to be a fairly large and newly constructed facility near the old terminal at Entebbe Airport on the shores of Lake Victoria in Uganda. The old terminal at Entebbe is famous as the site of the Israeli commando raid that freed hundreds of passengers from a hijacked Air France flight in 1976.
We've been hearing for years now that the U.S. military's crop of slow-moving spy planes fielded for the wars in Iraq and Afghanistan -- ranging from MQ-9 Reaper drones to manned MC-12 Liberties -- will be totally useless in a fight against an adversary armed with sophisticated radars and anti-aircraft missiles (often labeled anti-access/area denial (A2/AD) weapons).
This, of course, is how the U.S. Air Force and Navy are justifying the development of a host of stealthy strike and spy jets (manned and unmanned), missiles and electronic warfare weapons designed to fight countries equipped with sophisticated weapons designed to keep U.S. forces far from their borders.
However, the Air Force's spy arm -- officially called the Air Force Intelligence Surveillance and Reconnaissance (ISR) Agency -- is experimenting with flying low and slow prop-driven spy planes in skies where advanced air defenses are present. In late February, the agency sent several squadrons of Air Force intelligence assets to play in the service's legendary air combat exercise known as Red Flag over the Nevada desert.
"One of the things that we need to figure out is how much risk would we have to take to fly airborne ISR assets ... in a non-permissive environment," said Col. Mary O'Brien, commander of the Air Force's 70th ISR Wing during a speech late last week. "Initially, we had said, ‘well you could never fly them because there would be risk.' But one of the things that you can practice at Red Flag is you can build a package that includes defenses and then see."
The agency managed to successful fly a propeller-driven MC-12 Liberty -- based on Beechcraft's civilian King Air -- to collect intelligence in the face of a simulated advanced air defense network that featured Soviet-designed SA-6 surface-to-air missiles.
"It was not shot down but that's a case of one," said O'Brien. "It made us say, ‘this should be perhaps an exercise objective in a future Red Flag."
(While the MC-12 is a slow, twin turboprop of the type you'd see at your average small town airport, it might help that the SA-6 is a 1970s-vintage system used by dozens of countries that the United States has had decades to figure out how to defeat.)
She went on to say that while advanced enemy air defenses would pose a big threat to planes like the MC-12, U.S. forces may be able to provide such planes with protection for just long enough to collect some pieces of vital intelligence.
"How long do we need to operate in that environment?" asked O'Brien. "Maybe you don't need air supremacy and maybe you only need air superiority for this amount of time depending on what you want to do."
The whole point of sending prop-driven ISR planes into the fight is getting people to think about the notion that "hey, we don't need to sit everything on the ramp that we used in Iraq and Afghanistan.... Let's start thinking about" how these aircraft might play a role in a future fight.
She wouldn't say what type of protection the Liberty had as it flew its mission, it could have been anything from fighter escorts who were hunting down the enemy radar and missile sites to advanced electronic warfare gear that jammed enemy sensors or some combination of both.
U.S. Air Force
We've been inundated with information about the threat that foreign cyber attacks pose to U.S. power systems, banks, and transportation infrastructure for years now. Now, the Air Force's research arm is turning its attention toward protecting space systems from cyberwar.
The military relies on its massive fleet of spacecraft -- from satellites to secret space planes like the X-37B shown above -- to do everything from providing precision navigation and targeting to passing secure communications from stealth bombers to their bases as they fly over hostile territory. It's such a critical asset that Air Force officials, worried about enemies like China or Russia taking out U.S. satellites with anti-satellite missiles, that the service occasionally practices operating for "a day without space," in order to get used to the notion that it may not be able to rely on its orbital infrastructure.
Anyone who has been paying attention to cyberwarfare knows that it would be far cheaper to disrupt or take down U.S. space assets via cyber attack than it would be to develop and launch a missile.
Just imagine if an enemy were able to scramble secure satellite communications or manipulate GPS coordinates, thus sending U.S. troops to the wrong locations.
The Air Force Research Laboratory (AFRL) has kicked off a new program looking at technology that would protect spacecraft from these kinds of cyber attacks.
(The Ohio-based lab is the Air Force's far-out research lab, responsible for developing insect-sized UAVs, stealthy, special ops transport jets, and air-breathing engines capable of propelling aircraft at speeds up to Mach 6.)
"AFRL seeks to gain understanding of the state of industry research pertaining to protecting both ground- and space-based assets that provide space services, ranging from the space parts supply chain to the conduct of integrated space operations," reads this RFI that was updated last week.
In English, that means that the Air Force wants to protect from cyber attacks the networks of every firm that has a hand in building spacecraft or space control systems, and of course the actual spacecraft once they are aloft.
Here are some highlights of the specific cyber-defense technology the lab is interested in:
So, if you want to drop that iPhone app you've been working on and get in on this project, you have until May 6 to pitch the service on your "interests and capability," according to the RFI.
U.S. Air Force
Given all the news reports citing British, French, and Israeli officials saying that chemical weapons may have been used in Syria we thought we'd give you an updated version of what we know about Bashar al-Assad's stockpile of chemical agents and their delivery systems.
The United States' Intelligence Community's 2013 Worldwide Threat Assessment released last month states that Syria has a "highly active chemical weapons program" maintaining a stockpile of sarin, VX, and the longtime staple of chemical warfare, mustard gas. These weapons can be delivered a number of ways, via cluster bombs dropped from jets and helicopters to chemical warheads placed atop Scud ballistic missiles. They can even be fired via shorter-range artillery guns or missiles systems, like the Soviet-made BM-27 Uragan.
In addition to chemical weapons, the Intelligence Community's report states that it's likely the regime has biological weapons, albeit without dedicated delivery systems.
"Based on the duration of Syria's longstanding biological warfare (BW) program, we judge that some elements of the program may have advanced beyond the research and development stage and may be capable of limited agent production," reads the threat assessment. "Syria is not known to have successfully weaponized biological agents in an effective delivery system, but it possesses conventional and chemical weapon systems that could be modified for biological agent delivery."
The Assad regime may well improvise with delivery systems as its weapons stockpiles are run down by the war. Remember, we've seen Syrian air force personnel pushing "barrel bombs" lit via cigarettes from the cargo doors of helicopters onto Syrian cities.
The recent reports about the Assad regime's possible use of chemical weapons do not provide information on the types of delivery systems used.
While we've reported that Western officials have stated that securing Syrian weapons of mass destruction (WMDs) would be an incredibly complicated operation, it's worth noting that NATO has deployed counter-WMD teams in the region for months, in an attempt to figure out how to secure Syria's stockpile in the event that the regime loses control of them.
Last week, it was revealed that the U.S. is sending about 100 soldiers to Jordan where they are establishing an Army headquarters unit there -- a possibly precursor to a larger buildup of forces that may move to secure the WMD. FP's Situation Report quoted a U.S. defense official as saying that the troops are "a well-trained, well-coordinated team that can be the nucleus of further mission planning and growth of the command and control element, should that be ordered."
But, as Charles Blair, a specialist on WMD proliferation with the Federation of American Scientists points out, there are no rock-solid public estimates of the size of Assad's arsenal.
"Any open source assessments of a Syrian BW program -- and its notional size and composition -- are purely hypothetical," Blair told Killer Apps in an email.
Last year, Chairman of the Joint Chiefs of Staff, Army Gen. Martin Dempsey, told lawmakers that the size of Assad's chemical weapons arsenal was "100 times the magnitude we experienced in Libya." (The Libyan government voluntarily destroyed most of its chemical weapons well before Muammar al-Qaddafi was overthrown in 2011.)
"I've heard that Syria has 100 to 200 missiles with nerve agents loaded and ready to go, but that seems extreme," Blair told us last summer.
However, he did point out today that Assad may have doubled down on his bio-weapons program in the wake of the 2007 Israeli airstrike that leveled one of his main nuclear research facilities at al-Kibar.
"We know that when Libya finally concluded that sophisticated chemical agents (i.e., nerve agents) were a bridge too far, they abandoned their CW pursuits and doubled down on their nuclear program (until abandoning that too in 2003)," wrote Blair. "Does this portend anything for Syria's BW program? Perhaps, if the 2007 Israeli destruction of Syria's clandestine nuclear reactor in September 2007 precipitated Damascus to double down on its BW program."
In addition to traditional chemical weapons, Blair says there are unconfirmed reports of Iranian transfers of riot control agents (RCAs) or "incapacitating agents" that have been used against the Syrian rebels.
"The Syrians have undoubtedly used RCAs and/or incapacitants but there are no open source credible estimates of the quantities Damascus might possess of these non-lethal agents," said Blair today.
As for the possibility that the weapons have fallen into rebel hands, Blair said, "to my knowledge there are no credible open source reports of any chemical agents or weaponized chemical munitions transferring hands."
Still, "no one in the open sources knows anything for certain about Syria's lethal CW arsenal and alleged offensive BW capabilities," he added.
This is interesting. An April 2013 report by the Defense Science Board says that arcane safety procedures are actually making some aspects of the way the Air Force handles its nuclear weapons more dangerous.
Perhaps the best example is that nuclear weapons maintainers aren't allowed to use the hoists designed to lift B-61 nuclear bombs onto Weapons Maintenance Trucks because "the end of the bolt [securing the hoist to the truck] is flush with the outer surface of the nut while technical data require that two threads show beyond the surface of the nut," reads the report. While this condition has existed since the trucks were introduced 22-years ago and has resulted in no problems, the Air Force recently barred units from using the hoists due to their failure to meet technical safety specifications. The result?
"An awkward process entailing the use of a forkliftt to move the weapon into the truck and the manhandling of the 200-pound tail section," states the report. The document goes on to describe the workaround as a procedure "that by any informed judgment, impose[s] far greater safety risk than that presented by the deficiency in the bolt length."
Apparently, new bolts are supposed to be on their way and a whole new truck is expected to enter service around 2015.
The report goes on to cite a number of smaller examples where the service's adoption of a "zero defect" mentality for adhering to the rules and regulations for all things associated with its nuclear weapons combined with old equipment is harming the service's ability to perform what it says is one of its most important missions. It goes on to slam the Air Force's Personnel Reliability Program (PRP) -- aimed at ensuring that airmen involved in nuclear-related activities are top quality -- as overly bureaucratic and adhering to guidelines so strict the report describes them as "ludicrous."
"At one base, the PRP inspectors from [Air Force Global Strike Comand] declared it a major finding that the dimensions of the red status identification stickers [that identify a persons medical status] were 1.5 inches rather than the prescribed 2 inches," reads the report. "One medical group commander, referring to the bureaucratic excesses stated: ‘administrative paperwork and chasing regulations are the focus of PRP rather than serving the airmen on PRP to ensure they are ready to perform their jobs'."
In something that sounds like it's straight out of Catch-22, the PRP requires airmen who need to go off base for a routine dental visit to have their status allowing them to work on nukes temporarily revoked because some medical flaw could, in theory, be discovered during this visit that would disqualify them from working in the service's so-called nuclear enterprise.
For example, an off-base dental appointment to have an annual examination or a routine filling requires suspension until the individual proves upon return that there was no cause. While the system declares there is no stigma with suspension, the individual must physically visit the medical facility upon return (at a specified time in some wings) and cannot perform his work until this administrative process is accomplished. Individuals who care a great deal about their work team know that there is no cause for suspension and feel they are forced to let their team down for no reason. It can take three to five days to return to work when the eventual determination is that there was no cause for concern. This also requires the time and attention of medical technicians, doctors, and certifying officials.
We can't make that stuff up.
"Much of the risk assessment conducted across the Air Force nuclear enterprise has little to do with performance, safety, and security risk to accomplishing the missions," reads a memo from the board's chairman, Paul Kaminski, which accompanies the report." Decisions to avoid very small technical risk result in far greater risk to personnel to perform essential nuclear related-tasks."
The report is one of several published over the last few years aimed at assessing the Air Force's progress in revamping its nuclear weapons-related activities. A 2007 incident where nuclear-tipped cruises missiles were mistakenly flown across the country and left missing and unguarded for more than a day and a 2008 incident where Air Force nuclear triggers were mistakenly shipped to Taiwan led to the firings of then Air Force Secretary Michael Wynne and former Air Force Chief of Staff Gen. T. Michael Moseley and the creation of a new command, Global Strike Command to oversee the service's fleets of ICBMs and nuclear bombers.
Retired Air Force Gen. Larry Welch, now chair of DOD's Permanent Task Force on Nuclear Weapons Surety, notes that the Air Force has "implemented extraordinary measures" that have been largely successful in restoring the "high standards of professionalism and discipline" to the nuclear enterprise.
Still, the service needs to, "provide faster and broader material evidence that the mission is indeed treated as Job 1 (or even as first priority behind the demands of ongoing combat operations)" reads a memo by Welch that accompanies the report. This can by accomplished by refurbishing dilapidated facilities, purchasing basic new materials (such as maintenance trucks described above) and by developing more intelligent ways to enforce performance standards, states the report.
CISPA isn't the only piece of cyber-security legislation that passed the House this week.
The Federal Information Security Management Act of 2013 updates the 2002 version of the federal IT security law, known as FISMA, by requiring government agencies to constantly monitor their computer networks for threats
Right now, FISMA requires government agencies to perform only yearly evaluations of cyber-threats and vulnerabilities. Yours truly can't tell you how many times I've heard cybersecurity experts say the current version of FISMA does nothing to stop fast-paced cyber threats; it's merely an exercise in checking off boxes.
As a statement released this week by Rep. Jim Langevin, co-chair of the Congressional Cyber Caucus says, "While the annual reports currently mandated under FISMA are supposed to give government executives overall insight into security management of their networks, this does not provide the minute-by-minute view into network security that is needed.
"It's just an out of date and slow process for examining security of government networks," a House staffer told Killer Apps. The new version of FISMA would mandate "continuous monitoring of networks and provide regular threat assessments."
Here's an excerpt from the Library of Congress' official summary of FISMA 2013, explaining the change in the reporting procedures:
Directs senior agency officials, with a frequency sufficient to support risk-based security decisions, to: (1) test and evaluate information security controls and techniques, and (2) conduct threat assessments by monitoring information systems and identifying potential system vulnerabilities. (Current law requires only periodic testing and evaluation.)
Directs agencies to collaborate with OMB [the Office of Management and Budget] and appropriate public and private sector security operations centers on security incidents that extend beyond the control of an agency. Requires that security incidents be reported, through an automated and continuous monitoring capability, when possible, to the federal information security incident center, appropriate security operations centers, and agency Inspector General.
The House also passed the Cybersecurity Enhancement Act which requires the National Science Foundation, the National Institute of Standards and Technology, and "other key federal agencies" to develop a strategic plan for federal cybersecurity research and development work, with a focus on securing industrial-control systems and developing advanced protections for personal information online. (Remember, the Stuxnet virus that destroyed thousands of Iranian uranium-enrichment centrifuges targeted the machines' industrial-control computers.)
The second bill also calls for the establishment of a "Scholarship for Service" program meant to cultivate a highly-skilled government cybersecurity workforce, and it requires the president to send a report to Congress on the government's current and future cybersecurity workforce needs.
The Cyber Intelligence Sharing and Protection Act, better known as CISPA, just passed the House by a vote of 288 to 188. Meanwhile, the Senate is working on crafting its own bill aimed at facilitating information-sharing on cyber-threats.
"We are currently drafting a bipartisan information sharing bill and will proceed as soon as we come to an agreement," Senate intelligence committee chair Dianne Feinstein wrote in an email to Killer Apps.
Remember, CISPA allows private businesses to share "cyber-threat information" with each other and government agencies, including the military.
Earlier this week, the White House threatened to veto CISPA unless it was amended to require that information businesses with the government go through a civilian agency, such as the Department of Homeland Security, before being sent to any military organization, such as the National Security Agency. The White House also wants to narrow the liability protections given to businesses that improperly disclose personal information or commit antitrust violations while sharing information with each other or the government.
"The version of CISPA that just passed the House floor includes an amendment that encourages, but doesn't require businesses to share cyber threat information with DHS instead of the military," a Hill staffer told Killer Apps.
Another amendment bans the U.S. government from using information gathered under the auspices of the bill to target a U.S. citizen for surveillance. Another one "reconfirms" that "the federal government may not use library records, book sales records, customer lists, fire arms sales records, tax returns, educational and medical records that it receives under CISPA," said the staffer.
Last week, the House intelligence committee removed language from the bill that would have allowed companies to collect and share information for "national security" purposes. Privacy advocates who oppose CISPA claimed using the broad term "national security" would allow the government to spy on people online without a warrant. The committee also added an amendment requiring that information shared with the government be scrubbed of all personal information.
Still, these amendments weren't enough to satisfy privacy advocates such as the ACLU. Here's what Michelle Richardson, one of the ACLU's lawyers, said after the bill passed today.
CISPA is an extreme proposal that allows companies that hold our very sensitive information to share it with any company or government entity they choose, even directly with military agencies like the NSA, without first stripping out personally identifiable information. We will work with Congress to make sure that the next version of information sharing legislation unequivocally resolves this issue, as well as tightens immunity provisions and protects personal information. Cybersecurity can be done without sacrificing Americans' privacy online.
The big questions that remain are whether the White House still opposes CISPA and whether the Democrat-controlled Senate will permit language included in CISPA to pass the conference process. So far, the White House has remained mum on today's news.
Last year's White House-backed Cyber Security Act of 2012, sponsored by former Senators Joe Lieberman and Susan Collins, failed to pass the Senate because Republicans objected to the bill's call for minimal cyber-security standards for certain banks, energy firms, communications providers, transport companies, and other so-called critical infrastructure providers.
In February, the White House issued an executive order allowing the government to share intelligence on cyber-threats with businesses and encouraging minimal best practices for critical-infrastructure providers.
This didn't take long. Cyber criminals have begun exploiting the Boston Marathon bombings to spread malware.
That's right, hackers are sending out a spam email labeled "Boston Marathon Explosion" in the subject line, according to a brand new FBI warning. The email contains a link to a website showing a series of photos of the attack site. At the bottom of the page there's an unloaded video that directs to "the Red Exploit Kit," according to the warning.
FP staffers have actually recieved several similar emails titled, "2 Explosions at Boston Marathon" and "Texas Plant Explosion".
The Red Exploit Kit is a new hacking tool that allows criminals to surreptitiously find security vulnerabilities in a victim's computer and upload malicious software through those vulnerabilities. "Once an exploit has been successful, the user sees a popup asking them to download a file, at which time the malware is downloaded," the warning says.
Once in, the hackers may look for personal information about their victims, according to the FBI. Personal information could include anything from bank account numbers to website passwords.
The FBI's announcement goes on to warn against fake charity Twitter accounts soliciting donations for victims of the attacks: "According to various reports, a Twitter account was created soon after the explosions that resembled a legitimate Boston Marathon account. Allegedly, for every tweet received to the account a dollar would be donated to the Boston Marathon victims."
The warning goes on to say that, while that account has been suspended, other fraudulent accounts may be set up. "The FBI was made aware of at least 125 questionable domains registered within hours of the Boston Marathon Explosions. Though the intentions of the registrants are unknown, domains have emerged following other disasters for fraudulent purposes."
Here are the FBI's recommendations for avoiding marathon bombing-related online scams.
Individuals can limit exposure to cyber criminals by taking the following preventative actions when using email and social networking Web sites.
- Messages may contain pictures, videos, and other attachments designed to infect your computer with malware. Do not agree to download software to view content.
- Links appearing as legitimate sites (example: fbi.gov), could be hyperlinked to direct victims to another Web site when clicked. These sites may be designed to infect your computer with malware or solicit personal information. Do not follow a link to a Web site; go directly to the Web site by entering the legitimate site's URL.
Individuals can also limit exposure to cyber criminals by taking the following preventative actions when receiving solicitations from, or donating to, charitable organizations online.
- Verify the existence and legitimacy of organizations by conducting research and visiting official Web sites. Be skeptical of charity names similar to but not exactly the same as reputable charities.
- Do not allow others to make the donation on your behalf. Donation-themed messages may also contain links to Web sites designed to solicit personal information, which is routed to a cyber criminal.
- Make donations securely by using debit/credit card or write a check made out to the specific charity. Be skeptical of making donations via money transfer services as legitimate charities do not normally solicit donations using this method of payment.
Investigators sifting through the flood of cellphone, surveillance camera, and TV footage of Monday's bombings at the Boston Marathon are being aided by technology similar to the software that the military has used to collect intelligence about IED attacks in Iraq and Afghanistan.
"There's a different twist to it this time. The different twist is the increased degree of crowd-sourcing if you will, in terms of providing information. You have many, many more sensors in the context of people with video devices in their smartphones," said retired Lt. Gen. David Deptula, who was in charge of the Air Force's intelligence efforts from 2006 to 2010. "You had many, many more collectors than we had in the past."
The amount of video and photo documentation of the marathon attacks may be unprecedented, so how do you sift through all that data quickly to find clues? Software, naturally.
As ABC News reported, investigators from the FBI's Operational Technology Division are likely using a computer program that can do things like recognize faces in a crowd if they match those listed in a criminal database. This is similar to the software that the military has been developing for years in an effort to quickly glean information from UAV videos.
As the U.S. military flocked to the skies of Iraq and Afghanistan with all manner of camera-equipped spy-planes, intelligence officials soon realized they were collecting far more footage -- thousands of hours a day -- than human beings could sort through in time to use the information it contained. The military turned to tech companies to produce software capable of quickly identifying certain things analysts were looking for -- say, a red Toyota pickup truck that had been seen at a bombing site.
"There are software programs that are out there that allow one to rapidly search through that information and key in on what the investigators may find of interest," said Deptula. "Exponential growth is not hyperbole when it comes to motion imagery, much less still imagery, because we've had an explosion in that kind of information. As the information [available] has grown, people have moved from human analytic teams to more automated means to sift through all that data."
"Let's say somebody reported that they saw somebody that was Caucasian, with a yellow sweatshirt, with powder burns on their hands running away before the explosion -- that's a hypothetical -- you could tell the software to look for a yellow sweatshirt, Caucasian running before a certain period of time," said Brian Cunningham, a former White House security official and now a senior advisor to the Chertoff Group who works with firms that develop this kind of software. New York City and London both have massive video surveillance systems that use similar software.
Still, another homeland security consultant who wished to remain anonymous tells Killer Apps that it might not be that easy. First of all, Boston doesn't have a massive, centralized video camera system the way New York does. Many of the images will come from people's phones and other private cameras, meaning that investigators will probably have to receive and review each photo and film clip individually.
"There are some automated tools that exist for this type of thing, but for the most part it's just a very labor-intensive process to go through things and try to correlate and sequence things in time and look for suspicious activity and then try to build a profile for how somebody's moving around," said the former DHS official. "There are capabilities like in London and lower New York where they can follow a person who is of concern as they walk from camera to camera. When you're dealing with public-source information it's just a different process."
Cunningham agrees that while the Boston Police Department or the FBI has the software capable of identifying a particular person or bag as they appear in the mountains of video, investigators still face the challenge of uploading all that footage so the software can analyze it. "The biggest challenge will be: how do you upload that volume of video onto a single server or a couple of servers that can be searched against?" he said.
Investigators have identified two
people they want to talk to in connection with suspects (see the video above) in the Boston bombing. But, Cunningham said, "It's not clear
yet whether it was good old-fashioned shoe leather as much as analytic software."
He explained how the process could work: "You'd figure out where the devices were, and while you had street cops out interviewing people and collecting video of cellphones and you would go to fixed cameras in department stores or ATMs and pole cameras that are right around the area of the devices" and then upload the footage into the software, said Cunningham. "They also may have just had officers sitting there watching the footage. Let's say there were 15 cameras that were fixed, that had a good line of site of where the device was, then you could throw 100 officers at it; you probably wouldn't need software."
Cunningham also points out that investigators are working with cellphone companies to find cellphone records of the calls that were made close to the site of the explosions. Cellphones might allow them to find calls that were used to detonate the explosives. It's not clear if the explosives were triggered by timing devices or cellphones. Initial reports suggest that at least one of the suspects sought by investigators was actually talking with someone on the phone rather than triggering a bomb.
"Once they know what cellphone was his, that's the jackpot because they can find out where he was right before, and they can find out where he is today if he's dumb enough to be carrying that same cellphone," added Cunningham. Even if the phone the suspect used was a cheap, pay as you go phone, investigators would immediately begin to look for the store where that phone was sold.
Today, the White House once again threatened to veto the Cyber Intelligence Sharing and Protection act, CISPA, unless the bill incorporates additional privacy protections.
"The Administration recognizes and appreciates that the House Permanent Select Committee on Intelligence (HPSCI) adopted several amendments to H.R. 624 [CISPA] in an effort to incorporate the Administration's important substantive concerns. However, the Administration still seeks additional improvements and if the bill, as currently crafted, were presented to the President, his senior advisors would recommend that he veto the bill." (Underlines by the White House.)
"We have long said that information sharing improvements are essential to effective legislation, but they must include proper privacy and civil liberties protections, reinforce the appropriate roles of civilian and intelligence agencies, and include targeted liability protections," said National Security Staff spokeswoman Caitlin Hayden today.
CISPA -- set for a vote on the House floor tomorrow and Thursday -- allows private businesses to share information on cyber threats with each other and government agencies including the military. The bill died last year after the White House issued a veto threat, citing concerns that it would infringe on citizens' privacy rights.
Despite the veto threat, the White House said it looks forward to working with the committee to refine the information-sharing bill. Remember, the White House called for such legislation after it released its cyber-security executive order in February that allows the government to share information on cyber-security threats with businesses. But the executive order could only permit government-to-industry info- sharing, it couldn't mandate industry to share information, nor could it protect businesses that share such information from lawsuits.
Last week, the intelligence committee struck language from CISPA that would have allowed private companies to collect and share information for "national security" purposes -- a statement that was too vague for privacy advocates, who claimed this would allow the government to spy on people's online lives without a warrant. The committee also added language to the bill requiring that information shared with the government be scrubbed of all personal information.
Still, these steps don't go far enough for the White House, which wants the bill to do more to protect personal information and to place a civilian government agency -- namely the Department of Homeland Security -- in charge of receiving information from businesses instead of allowing the info to be sent directly to a military organization, such as the National Security Agency.
The Administration, however, remains concerned that the bill does not require private entities to take reasonable steps to remove irrelevant personal information when sending cybersecurity data to the government or other private sector entities. Citizens have a right to know that corporations will be held accountable - and not granted immunity - for failing to safeguard personal information adequately. The Administration is committed to working with all stakeholders to find a workable solution to this challenge. Moreover, the Administration is confident that such measures can be crafted in a way that is not overly onerous or cost prohibitive on the businesses sending the information. Further, the legislation should also explicitly ensure that cyber crime victims continue to report such crimes directly to Federal law enforcement agencies, and continue to receive the same protections that they do today.
The White House is also calling for the bill to reduce the amount of protection it affords companies from lawsuits if they improperly share private information or violate antitrust laws while sharing info on cyber threats with one another or the government.
The Administration agrees with the need to clarify the application of existing laws to remove legal barriers to the private sector sharing appropriate, well-defined, cybersecurity information. Further, the Administration supports incentivizing industry to share appropriate cybersecurity information by providing the private sector with targeted liability protections. However, the Administration is concerned about the broad scope of liability limitations in H.R. 624. Specifically, even if there is no clear intent to do harm, the law should not immunize a failure to take reasonable measures, such as the sharing of information, to prevent harm when and if the entity knows that such inaction will cause damage or otherwise injure or endanger other entities or individuals.
With news that the bombs used in yesterday's attack on the Boston Marathon were encased in six-liter pressure cookers, we've got our first clue about the tech that played a role in this attack
Reports of pressure cookers being used as bombs go back to at least the 1990s when they were first used by Maoists in Nepal during the civil war there, and they are still used in the mountain nation with alarming frequency. (In fact, do a quick Google search and you'll see that pressure cooker bombs are found all the time in South Asia from Nepal to Malaysia.)
By the 2000s, such weapons were being found across the region at terrorist camps on the frontier of Afghanistan and Pakistan. This 2004 warning from the Department of Homeland Security says that "a technique commonly taught in Afghan terrorist training camps is the use/conversion of pressure cookers into IEDs.
By 2010, DHS was reporting that such bombs were frequently used in Afghanistan, Pakistan, India, and Nepal. (Note this report from 2010 displaying a pressure cooker bomb found by British special operators after a raid on a Taliban bomb factory in Afghanistan.)
"Typically, these bombs are made by placing TNT or other explosives in a pressure cooker and attaching a blasting cap at the top of the pressure cooker. The size of the blast depends on the size of the pressure cooker and the amount of explosive placed inside. Pressure cooker bombs are made with readily available materials and can be as simple or as complex as the builder decides," reads the 2004 announcement. (Notice that the announcement says nothing about using the pressure of the pressure cooker, it's merely described as a vessel for the explosives.) While the DHS warning doesn't say exactly why pressure cookers are preferred over normal pots, their lids lock into place, perhaps making it easier to hide explosives inside.
Remember, doctors in Boston have reported removing "pellets, shrapnel and nails" from the victims of the marathon attack, indicating that the bombs were filled with these tools in order to cause more damage by shredding flesh.
"These types of devices can be initiated using simple electronic components including, but not limited to, digital watches, garage door openers, cell phones or pagers. As a common cooking utensil, the pressure cooker is often overlooked when searching vehicles, residences or merchandise crossing the U.S. Borders," the 2004 DHS announcement points out.
Still, the 2010 announcement notes that pressure cookers are not as innocuous in the United States as in developing nations: "Because they are less common in the United States, the presence of a pressure cooker in an unusual location such as a building lobby or busy street corner should be treated as suspicious."
That document was released several months after a pressure cooker filled with firecrackers was found to be one of the components used in the failed Times Square bombing of May 2010. In 2011, U.S. Army Private Naser Jason Abdo was charged in plotting to set off a pressure cooker bomb on Fort Hood, Texas -- a weapon he supposedly learned to make from reading al Qaeda's online magazine, Inspire. It's important to point out that investigators have said there is no indication so far of a connection to al Qaeda in the case of the Boston attack.
Ever thought the term C4ISR was acronym overkill? Well, here's another doozy. The Air Force's fiscal year 2014 budget request includes $11.3 million to develop tools to do, wait for it, "D5."
D5 stands for "deceive, degrade, deny, disrupt, destroy." No, it's not something an awful child does on the playground; it's what the service wants its cyberweapons to do enemy networks.
Offensive cyber-technologies are being built to allow Air Force cyber operators to secretly infiltrate enemy networks, stay there undetected, steal information, watch what the enemy is doing, resist reverse-engineering should it be discovered, and wreak D5 havoc (cue action-movie music).
Here's what the service's program has achieved so far, as described by the Air Force's budget request:
What's left to work on in 2014 besides continuing to develop the capabilities listed above? Start developing a "common operating platform" -- the actual computer interface that will allow Air Force cyber-troops to do all of the above.
U.S. Air Force
Happy Friday. Killer Apps sat down with Rob Ruszkowski, Lockheed Martin's man in charge of making sure its new stealth drone becomes the U.S. Navy's next light-strike and reconnaissance jet.
Remember, the sea service is looking to field an unmanned, stealthy, fighter-size jet capable of taking off from aircraft carriers and doing everything from spying to bombing to conducting air-to-air refueling by 2020 under a program called Unmanned Carrier Launched Surveillance and Strike -- or UCLASS. The Navy is about to give Lockheed -- along with Boeing, General Atomics, and Northrop Grumman -- contracts to develop prototypes.
Lockheed's bid uses technology that the company developed for its newest stealth planes, such as the RQ-170 Sentinel drone and the F-35 Joint Strike Fighter. This is meant to keep costs and development times down. Lockheed's aim is to have a first flight by 2017 or 2018, a pretty aggressive schedule given the fact that it has taken decades to field the U.S. military's most recent fighter jets: the F-35 and the F-22 Raptor.
"We're reusing a lot of systems, and software and hardware and technology that we have from other places -- F-35, RQ-170 -- and we're integrating those systems [onto a new airframe] not inventing them," Ruszkowski said. While the company doesn't have an actual prototype yet, it does have a full-scale mock-up sitting in a California facility, according to Ruszkowski.
The new plane's airframe borrows from the design of the RQ-170 and Lockheed's older, experimental drones like the Polecat, he said. It will take sensors, software, and stealth coatings that are able withstand harsh sea air from the F-35.
The plane is designed to easily accept new hardware, such as sensors, electronic warfare gear, and new software that may not be available when the first jets enter service
"We've tailored our [design] to meet, not only what we saw as the evolving requirements to be, but to have the foundation to grow beyond that," said Ruszkowski. What's this mean? "It could start its early operational career with a base model, and then you add to it later."
So, what kind of gear might the jet be equipped with to start? High-powered cameras and radars that will allow it to survey wide swaths of the sea and shore to identify targets from beyond the range of an enemy's most potent defenses.
The jet will carry some sort of electro-optical/infrared (EO/IR) camera that's capable of doing wide area searches and battle damage assessment, "where you want a very, very high-resolution image," said Ruszkowski. "A lot of the things this type of aircraft might be used to gather intelligence on, might be in situations where you need to be further away" from the target in order to stay away from antiaircraft defenses. (The camera will not be based on Lockheed's Electro-Optical Targeting System, which is going on the F-35, he noted.)
The plane may also carry some sort of powerful surveillance radar -- similar to this one -- allowing it to identify targets moving along the sea or land and even to take snapshots through clouds using a technique called synthetic-aperture radar imaging.
While the jet will start its career as a spy plane that's capable of dropping about 1,000 pounds worth of bombs on targets it finds, it could eventually be used as an electronic-warfare platform or as a flying gas station refueling other Navy jets.
"I think the first aircraft that will go to early operational capability may only have an EO/IR sensor. That's up to the Navy. They might say, ‘Hey, we want to get this thing out there, fielded, doing some initial missions and maybe all it needs is an EO/IR sensor and the radar comes two or three years later,'" said Ruszkowksi.
Lockheed has yet to field a jet that can take off and land from an aircraft carrier with minimal human involvement -- something that the Navy and Lockheed's rival in the UCLASS effort, Northrop Grumman, are working to master right now with a program known as UCAS-D, which is meant to pave the way for UCLASS. Ruszkowski says he's not too worried about this since Lockheed has conducted simulated landings on carriers in rough seas and that it will receive information from the Navy about what it learns from UCAS-D. Hopefully, they will get the Sea Ghost's tail-hook design right. (We couldn't write an article about Lockheed and aircraft carrier jets without mentioning it.)
Despite a climate of what defense officials love to describe as "fiscal uncertainty," the Pentagon's 2014 budget request includes $4.7 billion for increased "cyberspace operations," including dozens of cyber attack teams, the Defense Department announced today. To give you some sense of just how much cyber has increased in importance over the last year, the DOD’s 2013 budget overview mentions "cyber" 47 times while the 2014 overview mentions it 153 times. Last year's budget provided $3.9 billion for cyber according to DOD Comptroller Robert Hale. This money will be used to "increase defensive capabilities and develop the cyber Joint Force," according to the budget proposal.
What's that mean in English? The billions will support the Pentagon's previously announced plan to field dozens of cyber-combat teams that will protect the country from devastating cyber attack.
Thirteen of these teams -- called "defend the nation" teams -- are geared toward offensive operations aimed at deterring cyber attacks. Twenty-seven teams will support battlefield commanders around the globe by giving them cyber attack capabilities. The remainder will focus on defending DOD's networks from cyber attack.
These teams will be composed of a mix of civilian and uniformed personnel at locations across the country.
The increased funding "provides manpower, training and support costs for regional cyber mission teams to be located in Maryland, Texas, Georgia, and Hawaii as well as other Combatant Command and military service locations," the budget proposal says. "In addition, manpower at the National Security Agency continues to be funded to provide both cyber security and intelligence support to the USCYBERCOM teams."
Continued investment in cyber is listed as one of the "Key Priorities" in the budget, along with missile defense, space programs, science and technology efforts, personnel pay, and funding National Guard and reserve forces.
Here are the other cyber highlights of the 2014 budget as listed by DOD:
- Continues to support the construction of the Joint Operations Center for USCYBERCOM at Fort Meade, Maryland. Planned construction begins in FY 2014 with occupancy scheduled in FY 2017.
- Provides funding to develop tools to automate vulnerability detection on classified networks.
- Provides funding for commercial software for data monitoring of defense networks that will identify and isolate suspect files for analysis.
- Continues to robustly support cyberspace operations Science and Technology programs.
- Continues to support defensive cyberspace operations providing information assurance and cyber security to the Defense networks at all levels.
- Provide funding to enhance cyberspace range capabilities by increasing capacity, improving pre- and post- exercise analysis, and mainstreaming and sustaining capabilities of the National Cyber Range developed by the Defense Advanced Research Projects Agency under the oversight of the Department's Test Resource Management Center.
U.S. Air Force
U.S. military commanders around the world are discussing how to integrate cyber weapons with all the other tools in their arsenals, according to the chief of the Navy's cyber forces.
Doing this will give battlefield commanders the ability to choose which weapon they want to use to achieve a desired effect.
"Whether we do that through the spectrum [via electronic warfare], we do that through the network [via cyber] or we do that through something kinetic [bullets and bombs], what we want to be able to do is be able to tee up to the commander, multiple options," said Vice Admiral Michael Rogers during the Navy League's annual Sea Air Space conference just outside Washington today. Then, "the commander can make the decision about what's the best tool to use. . . . I don't get any pushback on that idea at all."
"If we think we're going to do cyber off in some closet somewhere we have totally missed the boat on this thing," Rogers noted.
At the same time, the lines between traditional electronic warfare -- radar jamming, electronic eaves dropping, etc. -- and cyber warfare are containing to blur, at least in the U.S. Navy.
"I see those lines blurring increasingly There is great convergence between the spectrum [EW] and the cyber world at the moment which I think just offers great opportunities, as a SIGINT [signals intelligence] kind of guy by background, I just lick my lips at the opportunities that I see out there in that arena," said Rogers.
While Rogers didn't elaborate on the type of combined cyber-electronic warfare missions he envisions, a fellow admiral noted that the Pentagon is looking at non-cyber ways of shutting down an enemy's ability to fight without firing a shot. (Remember, cyber-philes often point out that cyber weapons can cripple a nation without a single missile being launched.)
"Cyberspace can be an enabler but there's [other] non-kinetic ways to disadvantage the enemy in cyberspace that don't require a cyber activity; [electronic warfare] capability, and other things like that," said Rear Admiral Michael Hewitt, deputy director of the special programs cross functional team on the Joint Staff, during the Navy League's annual Sea Air Space conference just outside Washington today.
Click here to read an example of a type of non-cyber electronic weapon that's capable of shutting down an enemy's electronics systems without blowing anything up.
Happy Monday. We're celebrating the nicest day of 2013 so far in Washington by showing you the most high-res photo of China's J-31 stealth fighter we've ever seen.
The J-31 is China's second, smaller stealth fighter after its J-20. The J-31 strongly resembles a cross between Lockheed Martin's F-22 Raptor and its F-35 Joint Strike Fighter. Some speculate that the J-31 is being built as a smaller attack jet meant to compliment the large J-20 -- a plane that may be a high-speed interceptor meant to keep enemy planes far from China's shores. Others think the J-31 could be China's attempt to build a carrier-based stealth fighter given its small size and dual-wheeled nose landing gear. Though, as you can see in this photo, Chinese engineers clearly have yet to add a tail hook to the jet. Despite the close-up nature of this shot, we still can't make out the outlines of the J-31's weapons bays. Though we do notice a pair of what look like rather unstealthy, circular running lights on the bottom of the wingtips
Enjoy, and get out of the office already if you live in DC.
Hat tip to Alert 5.
It's not every day that you get to see a new stealth jet unveiled, but today Lockheed Martin's famed Skunk Works division posted these artist's renderings of its bid for the Navy's next attack jet at its booth at the Navy League's annual Sea Air Space conference just outside of Washington.
Remember, the Navy is trying to field a fleet of stealthy, unmanned fighter-sized jets that can launch from an aircraft carrier, fly through enemy air defenses and do everything from bomb targets to spy on them under a program called Unmanned Carrier Launched Surveillance and Strike or UCLASS.
Last summer, Lockheed showed us a very unrevealing drawing of what it said would be its UCLASS bid, nicknamed the Sea Ghost. These pictures offer a far better look at the jet.
The plane above looks remarkably similar to Lockheed's super-secret RQ-170 Sentinel spy plane, nicknamed the Beast of Kandahar by reporters after grainy photos of it operating in Afghanistan emerged in 2008. (A Sentinel was famously captured by Iran in late 2010, giving the world its first close-up view of the jet.) When yours truly pointed out the similarities between Lockheed's UCLASS bid and the Sentinel to a company spokeswoman, she just smiled and said she had no idea what I was talking about. It makes sense for Lockheed to base the airplane on an existing stealth drone since the Navy wants UCLASS operating from carriers by the end of this decade.
While the spokeswoman couldn't say anything about the plane beyond that it will be flying sometime around 2018 to 2020, she did provide Killer Apps with a quick fact sheet.
Lockheed says the jet will be based on its existing manned and unmanned planes and will feature a "maximum reuse of hardware and software," according to the factsheet posted below. (This means the plane will incorporate technology developed for the F-35 Joint Strike Fighter as well as the RQ-170.) Still, the jet will need to have a tail hook added, wings that fold (to fit on a carrier's crowded deck), and have its airframe strengthened to withstand the pressures of catapult launches and arrested landings, as well as the corrosive sea air,
As you can see from these pictures, the plane doesn't feature the RQ-170's two large humps, which likely sensors contain communications gear, on the top and bottom of its fuselage. This is likely because the Sentinel was designed a decade or more ago and sensor and comms technology has shrunk in size dramatically since then.
Like all modern stealth jets, Lockheed's UCLASS bid features "signature control," meaning it doesn't just rely on a stealthy shape to remain undetected. It will feature a combination of radar absorbing coatings, heat-masking technology, and various ways of protecting its electronic emissions (radar, satellite communications, etc.) from detection by an enemy, according to the factsheet.
Finally, one operator aboard an aircraft carrier or ashore will be able to control multiple jets as they carry out missions. This last attribute is a key tenet of the UCLASS program, which seeks to field a fleet of semi-autonomous drones that can do everything from land themselves on aircraft carriers to refuel in midair with a pilot simply supervising the mission.
John Reed reports on the frontiers of cyber war and the latest in military technology for Killer Apps.