Buyer and User Beware: The UAS You’re Using Could Be Spying on You

and

One of us (T. C.), as the saying goes, “used to be young and full of hope; but now old and filled with other things!” Harnessing the ability to cost-effectively and efficiently develop market-driven products and services is crucial for success in not only business today, but especially in government where stakes are high – especially for meeting requirements in the protection of people and property. However, more and more we see stories that elucidate how the very products, services and systems that are meant to protect us can actually be tools to spy on us [Ref 1-3]. A UAS (Unmanned Aerial Systems), as opposed to a UAV (Unmanned Aerial Vehicle), or drone has been around for more years than you may think. Again, one of us (T.C.) was a consultant many years ago to a giant aerospace/defense company that made missiles, among other products. And, another (L.M.) headed security for the UAS/UAV division of a giant defense contractor. Despite many years of development, UAS aren’t fully deployed in all applications where they can serve because the authorities are reluctant to provide open skies to every Tom, Dick and Harry who wants to use them. Slowly, but surely, the FAA and others have recognized the value of UAS – but it unfortunately takes more time to generate change in government circles than the private sector believes is necessary. In fairness to government officials, they want to ensure that safety concerns are handled in a professional, thorough way. We intend to present an easy-to-understand set of guiding principles and practical strategies to using UAS that create value to their users and stakeholders – but being cognizant of the inherent security issues now being discovered in UAS that could create adverse consequences for consumers and users of this class of products and services.

A Little Primer on UAS and Their Markets… 

There are a plethora of market surveys and discussions on the ever-expanding markets related to UAS. In fact, UAS have been used to provide an eye in the sky at events such as this past year’s Super Bowl. In addition, references abound in learning how to develop detailed operational requirements and concept-of-operations, along with both public and private models for the commercialization of technologies related to UAS [Ref 4-13].

Intelligence, Surveillance and Reconnaissance (ISR) within UAS has become an integral part of the U.S. military and intelligence operations across all services and agencies. From multimillion-dollar strategic aircraft to less expensive tactical versions, UAS have become indispensable. Clearly these mission requirements have become the prime capability of UAS. The combination of loitering time, multiple sensor capabilities, and battlespace access has provided information to the warfighter at unprecedented rates.

Surveillance needs, of course, have extended beyond traditional military and intelligence roles. Our heightened security environment post-Sept. 11, 2001, has made UAS a potential capability to address homeland security issues such as critical infrastructure and airport and seaport security surveillance. The Department of Homeland Security (DHS) awarded a contract for border security surveillance to General Atomics in September 2005 for the use of one Predator B. In addition to surveillance used for security purposes, UAS are being used to assess natural disaster effects such as hurricane damage assessment and wildfire tracking. The market space for these UAS will remain small, due mainly to affordability issues. A typical Predator B cost over $22 million.

Funding for these systems has been fairly consistent from Congress, as has the defense budget on the whole, particularly in the current Trump administration. Political support has been gained mainly as a result of the risk reduction with taking the human being “out of the loop” and because of the potential cost savings associated with particular systems. With commitments overseas in support of the Global War on Terrorism (GWOT) and with potential applications in the homeland, UAS will continue to receive this political support.

UAS are quickly gaining ground in the commercial markets. Surveillance and scientific research capabilities are just one of the most likely uses for UAS for the federal, state, and local agencies. In addition to surveillance, UAS could provide communication relay support should communication nodes be disrupted in either a natural disaster or a terrorist attack. Several federal agencies have used UAS in support of scientific research efforts. The DoE, NASA, NOAA, and several others have had these systems in the atmospheric radiation measuring (ARM) study and other environmental tests. These systems can loiter for extensive periods in environments that may or may not be suitable to human exposure. UAS could further complement future scientific research initiatives. In addition, the Department of Interior and the Department of Agriculture have deployed these systems to monitor conditions affecting forests and growing conditions. Farmers and ranchers have even begun to deploy UAS to help them better manage their crops and livestock. A number of private-sector enterprises designated as critical infrastructure have utilized drones not only for security, but to monitor and assess the condition and reliability of key sectors such as the electrical grids, pipelines, ports and a host of others.

While the above applications and markets are well known, new and fascinating commercial applications seem to arise each and every day! For this reason, security is paramount for their uses – not only from a physical perspective, but also from an intelligence perspective.

It should be noted that operating UAS in the National Air Space (NAS) continues to be a significant issue. The Federal Aviation Administration (FAA) is currently assessing requirements and standardization processes needed to operate these systems in a plethora of application and use cases. 

It’s Not Just What You Have to Offer – But Where Do the Parts Come from and Where Is It Built?

There once was a time that “Made in America” was a slogan used to connote high-quality craftsmanship and trust that the manufacturer produced, a product you could trust and rely upon. But where UAS are concerned, it’s becoming incredibly important to know where the UAS and its key parts are produced, particularly as it relates to the use of UAS for purposes of espionage and potentially for delivery of a biological or other type of explosive device. At the Nov. 19, 2019, Executive Summit Series forum held in Crystal City, Va., National Counterintelligence Executive William Evanina warned both senior government and private executives in attendance that drones manufactured in China and those containing electronic components (which includes transistors, chips, CPUs, cameras, software, batteries and electric motors) produced in China have been intercepted sending data back to China. Evanina recommended to stop utilizing drones of Chinese origin and those that may be assembled in another country and contain electronic components produced in China. He further recommended that anyone procuring a drone or contracting with a service provider for the use of a drone require full disclosure on the provenance of all electronic components along with a certification that the drone is not of Chinese origin and does not contains any electronic components produced in China. U.S. government agencies have grounded the majority of their fleets of drones until they can replace them or replace their electronic components, he said.

Summary

While many of the concepts presented here sound rather simple, their implementation on a day-to-day basis eludes many organizations – especially those trying to pioneer emerging technologies for security applications. Like many technologies, UAS technologies and their associated components can be used for nefarious purposes. We all need to remain diligent in thinking about how technology can be used against us if we’re not careful in the design and implementation of complex technology-based systems like UAS.

 

References

[1] Mattice, Lynn,   “U.S. Counterintelligence Raises a Red Flag” Cover Story for Security Technology Executive Magazine (February/March issue 2020).
[2] Mattice, Lynn, “The NSA, Cyber Espionage, Hackers and More –A Frank Look at the World Today with
Congressman Mike Rogers”, Cover Story for SECURITY Magazine October 2013.
[3] Mattice, Lynn, Leadership and Management Column, January 2013 – January 2018 SECURITY Magazine.
[4] Cellucci, T.A., “Heeding the Call to Make a Real Difference in End-Use Performance”, Homeland Security Today Magazine (August 9, 2019).
[5] Cellucci, T.A., “Accelerating Time to Market”, Frost & Sullivan Executive Symposium Proceedings (2006).
[6] Frost & Sullivan, “Unmanned Aerial System Markets” Executive Symposium Proceedings (2006).
[7] Cellucci, T.A., “Heeding the Call to Make a Real Difference in End-Use Performance”, Homeland Security Today Magazine (August 9, 2019).
[8] Cellucci, T.A., Deploy Capabilities Faster with Less Expense by Technology Foraging”, Homeland Security Today Magazine (April 15, 2019).
[9] Cellucci, T.A., “Perspective: Link Public and Private Sectors to Let Water Security Innovation Flow”, Homeland Security Today Magazine (December 30, 2018).
[10] Cellucci, T.A., “Perspective: Innovative Public-Private Partnerships Help Secure Critical Infrastructure”, Homeland Security Today Magazine (November 27, 2018).
[11] Cellucci, T.A., “Get First Responders What They Need with Rapid Commercialization Techniques”, Homeland Security Today Magazine (April 26, 2019).
[12] Cellucci, T. A., “A Guide to Innovative Public-Private Partnerships: Utilizing the Resources of the Private Sector for the Public Good”, Rowman & Littlefield Publishing Group, Inc. 352 pages (February 2011).
[13] Cellucci, T.A., “Get First Responders What They Need with Rapid Commercialization Techniques”, Homeland Security Today Magazine (April 26, 2019).

 

Lynn Mattice is Managing Director of Mattice and Associates LLC, which specializes in enterprise risk management, intelligence, cyber, resiliency and security. Mr. Mattice is a Fellow at the Institute for Strategic Risk Management; a Senior Fellow at  Auburn University’s Center for Cyber and Homeland Security; a Distinguished Fellow at The Ponemon Institute and Chairman Emeritus at the National Intellectual Property Law Institute. He also served on the Inaugural Advisory Board for the National Counterintelligence Center and was one of the lead private sector chairs on the Presidential Taskforce that created the National Industrial Security Program under President George H.W. Bush. Mr. Mattice is also President and Founder of the non-profit National Economic Security Alliance and is Founder and Program Chair of the Executive Summit Series forums. He previously served in senior executive positions at three major global corporations during his career. He has author numerous articles in a wide-range of periodicals on topics such as intelligence, economic espionage, cyber defenses and enterprise risk management. He has also been a contributing author to several books. Mr. Mattice is the recipient of numerous awards and citations from the government and the private sector.

(Visited 414 times, 1 visits today)

Dr. Thomas "Tommy" Cellucci writes about the intersection of emerging technology, commercialization, and implementation to protect the homeland. Dr. Cellucci has been a senior executive in both the private and public sectors for over 39 years. He served as the US Government’s first-ever Chief Commercialization Officer after turning around his fourth high technology firm, working for both President George W. Bush and President Obama. Thomas is a turn-around artist on Wall Street and serves on many global Boards. He also currently assists President Trump’s team when asked. Thomas has authored or co-authored 25 scholarly books and over 231 high-tech business articles. Cellucci earned a PhD in Physical Chemistry from the University of Pennsylvania (1984), an MBA from Rutgers University (1991) and a BS in Chemistry with Honors from Fordham University (1980). He serves on 23 Boards and is the recipient of many awards. He holds two endowed Chairs at prestigious universities in Kazakhstan, as well as taught at Harvard Business School, Princeton University and the University of Pennsylvania. He and his wife Julie spent their free time with their children and grandchildren.

Leave a Reply

Latest from Cybersecurity

Go to Top
X
X