Wireless Hacking In Flight: Air Force Demos Cyber EC-130 « Breaking Defense – Defense industry news, analysis and commentary

NATIONAL HARBOR: Matthew Broderick in his basement, playing Wargames over a landline, is still the pop culture archetype of a hacker. But as wireless networks became the norm, new-age cyber warfare and traditional electronic warfare are starting to merge. Hackers can move out of the basement to the sky. In a series of experiments, the US Air Force has successfully modified its EC-130 Compass Call aircraft, built to jam enemy transmissions, to attack enemy networks instead.“We’ve conducted a series of demonstrations,” said Maj. Gen. Burke Wilson, commander of the 24th Air Force, the service’s cyber operators. “Lo and behold! Yes, we’re able to touch a target and manipulate a target, [i.e.] a network, from an air[craft].”

Source: Wireless Hacking In Flight: Air Force Demos Cyber EC-130 « Breaking Defense – Defense industry news, analysis and commentary

This is pretty interesting. Compass Call was originally simply a broad band noise jammer. To actually be able to use network intrusion on enemy networks is the future of tactical cyberwarfare.

There’s been wide speculation that the Israeli strike on Syria’s nuclear weapons program in 2007 used a variant of the US program, broadly known at Suter. Suter is run by Big Safari, a classified program management office for the US Air Force that provides innovative (and almost always classified) reconnaissance technologies to the Air Force.

Now, when you say reconnaissance, you naturally thing of photography. But a huge element of the Air Force reconnaissance effort is towards SIGINT, or Signals Intelligence, and ELINT, or Electronic Intelligence.

Imagine, for a moment, a Syrian (or better, Iranian) air defense radar that is a part of the national, integrated, air defense system.

That radar both transmits radio frequency energy, and receives it. And that energy that it sends out can be shaped into a variety of waveforms. Further, the returned radio signal requires processing before it can be presented to the operator in a useful way. This is done by digital signal processing.

What Suter (and variants thereof) do, is slip in malware into the digital signal processor by means of the radar’s own antenna.

This not only corrupts the radar, but since it shares its feed with the integrated network, it  can quickly infect the entire system.

Now we see the Air Force demonstrating this capability against not just air defenses, but potentially virtually any combat network or datalink that uses radio frequency networking, even if they are secure networks.

That’s both nifty, and frightening, since no one uses networking to the extent we do, and if we can do it, sooner or later, so will our opponents.

5 thoughts on “Wireless Hacking In Flight: Air Force Demos Cyber EC-130 « Breaking Defense – Defense industry news, analysis and commentary”

  1. There was once a time when Compass Call was classified. And this variation was, too. Apparently, not anymore.

  2. I’m still trying to wrap my head around how malware may be inserted into a data stream. Yes, you feed the DSP tailored data, but how does that translate into software instructions which are then executed? Since when does any kind of computing device accept that kind of input from a manipulated data stream? It sounds like injecting malware into a home computer when someone views an image in (say) Windows Photo Viewer. All WPV does is open a file, then display said image on the screen. How does that involve instructions?

    Just about every exploit I’ve heard about involve vulnerabilities such as overflows, or use of scripting engines in unanticipated ways.

Comments are closed.