Ukraine Is the First “Hackers’ War”

8 months ago 90

Rapid and resourceful technological improvisation has long been a mainstay of warfare, but the war in Ukraine is taking it to a new level. This improvisation is most conspicuous in the ceaselessly evolving struggle between weaponized drones and electronic warfare, a cornerstone of this war. Weaponized civilian first-person-view (FPV) drones began dramatically reshaping the landscape of the war in the summer of 2023. Prior to this revolution, various commercial drones played critical roles, primarily for intelligence, surveillance, and reconnaissance. Since 2014, the main means of defending against these drones has been electronic warfare (EW), in its many forms. The iterative, lethal dance between drones and EW has unfolded a rich technological tapestry, revealing insights into a likely future of warfare where EW and drones intertwine. After the invasion of Crimea, in 2014, Ukrainian forces depended heavily on commercial off-the-shelf drones, such as models from DJI, for reconnaissance and surveillance. These were not FPV drones, for the most part. Russia’s response involved deploying military-grade EW systems alongside law-enforcement tools like Aeroscope, a product from DJI that allows instant identification and tracking of drones from their radio emissions. Aeroscope, while originally a standard tool used by law enforcement to detect and track illegal drone flights, soon revealed its military potential by pinpointing both the drone and its operator. On both sides of the line you’ll find much the same kind of people doing much the same thing: hacking. This application turned a security feature into a significant tactical asset, providing Russian artillery units with precise coordinates for their targets—namely, Ukrainian drone operators. To circumvent this vulnerability, groups of Ukrainian volunteers innovated. By updating the firmware of the DJI drones, they closed the backdoors that allowed the drones to be tracked by Aeroscope. Nevertheless, after the start of the conflict in Crimea, commercial, off-the-shelf drones were considered a last-resort asset used by volunteers to compensate for the lack of proper military systems. To be sure, the impact of civilian drones during this period was not comparable to what occurred after the February 2022 invasion. As Russia’s “thunder-run” strategy became bogged down shortly after the invasion, Russian forces found themselves unexpectedly vulnerable to civilian drones, in part because most of their full-scale military EW systems were not very mobile. During a training exercise in southern Ukraine in May 2023, a drone pilot maneuvered a flier to a height of 100 meters before dropping a dummy anti-tank grenade on to a pile of tires. The test, pictured here, worked—that night the pilot’s team repeated the exercise over occupied territory, blowing up a Russian armored vehicle. Emre Caylak/Guardian/eyevine/Redux The Russians could have compensated by deploying many Aeroscope terminals then, but they didn’t, because most Russian officers at the time had a dismissive view of the capabilities of civilian drones in a high-intensity conflict. That failure opened a window of opportunity that Ukrainian armed-forces units exploited aggressively. Military personnel, assisted by many volunteer technical specialists, gained a decisive intelligence advantage for their forces by quickly fielding fleets of hundreds of camera drones connected to simple yet effective battlefield-management systems. They soon began modifying commercial drones to attack, with grenade tosses and, ultimately, “kamikaze” operations. Besides the DJI models, one of the key drones was the R18, an octocopter developed by the Ukrainian company Aerorozvidka, capable of carrying three grenades or small bombs. As casualties mounted, Russian officers soon realized the extent of the threat posed by these drones. How Russian electronic warfare evolved to counter the drone threat By spring 2023, as the front lines stabilized following strategic withdrawals and counteroffensives, it was clear that the nature of drone warfare had evolved. Russian defenses had adapted, deploying more sophisticated counter-drone systems. Russian forces were also beginning to use drones, setting the stage for the nuanced cat-and-mouse game that has been going on ever since. The modular construction of first-person-view drones allowed for rapid evolution to enhance their resilience against electronic warfare. For example, early on, most Russian EW efforts primarily focused on jamming the drones’ radio links for control and video. This wasn’t too hard, given that DJI’s OcuSync protocol was not designed to withstand dense jamming environments. So by April 2023, Ukrainian drone units had begun pivoting toward first-person-view (FPV) drones with modular construction, enabling rapid adaptation to, and evasion of, EW countermeasures. The Russian awakening to the importance of drones coincided with the stabilization of the front lines, around August 2022. Sluggish Russian offensives came at a high cost, with an increasing proportion of casualties caused directly or indirectly by drone operators. By this time, the Ukrainians were hacking commercial drones, such as DJI Mavics, to “anonymize” them, rendering Aeroscope useless. It was also at this time that the Russians began to adopt commercial drones and develop their own tactics, techniques, and procedures, leveraging their EW and artillery advantages while attempting to compensate for their delay in combat-drone usage. On 4 March, a Ukrainian soldier flew a drone at a testing site near the town of Kreminna in eastern Ukraine. The drone was powered by a blue battery pack and carried a dummy bomb.David Guttenfelder/The New York Times/Redux Throughout 2023, when the primary EW tactic employed was jamming, the DJI drones began to fall out of favor for attack roles. When the density of Russian jammer usage surpassed a certain threshold, DJI’s OcuSync radio protocol, which controls a drone’s flight direction and video, could not cope with it. Being proprietary, OcuSync’s frequency band and power are not modifiable. A jammer can attack both the control and video signals, and the drone becomes unrecoverable most of the time. As a result, DJI drones have lately been used farther from the front lines and relegated mainly to roles in intelligence, surveillance, and reconnaissance. Meanwhile, the modular construction of FPVs allowed for rapid evolution to enhance their resilience against EW. The Ukraine war greatly boosted the world’s production of FPV drones; at this point there are thousands of FPV models and modifications. A “kamikaze” first-person-view drone with an attached PG-7L round, intended for use with an RPG-7 grenade launcher, is readied for a mission near the town of Horlivka, in the Donetsk region, on 17 January 2024. The drone was prepared by a Ukrainian serviceman of the Rarog UAV squadron of the 24th Separate Mechanized Brigade.Inna Varenytsia/Reuters/Redux As of early 2024, analog video signals are the most popular option by far. This technology offers drone operators a brief window of several seconds to correct the drone’s path upon detecting interference, for example as a result of jamming, before signal loss. Additionally, drone manufacturers have access to more powerful video transmitters, up to 5 watts, which are more resistant to jamming. Furthermore, the 1.2-gigahertz frequency band is gaining popularity over the previously dominant 5.8-GHz band due to its superior obstacle penetration and because fewer jammers are targeting that band. However, the lack of encryption in analog video transmitter systems means that a drone’s visual feed can be intercepted by any receiver. So various mitigation strategies have been explored. These include adding encryption layers and using digital-control and video protocols such as HDZero, Walksnail, or, especially, any of several new open-source alternatives. In the war zone, the most popular of these open-source control radio protocols is ExpressLRS, or ELRS. Being open-source, ELRS not only offers more affordable hardware than its main rival, TBS Crossfire, it is also modifiable via its software. It has been hacked in order to use frequency bands other than its original 868 to 915 megahertz. This adaptation produces serious headaches for EW operators, because they have to cover a much wider band. As of March 2024, Ukrainian drone operators are performing final tests on 433-MHz ELRS transmitter-receiver pairs, further challenging prevailing EW methods. Distributed mass in the transparent battlefield Nevertheless, the most important recent disruption of all in the drone-versus-EW struggle is distributed mass. Instead of an envisioned blitzkrieg-style swarm with big clouds of drones hitting many closely spaced targets during very short bursts, an ever-growing number of drones are covering more widely dispersed targets over a much longer time period, whenever the weather is conducive. Distributed mass is a cornerstone of the emerging transparent battlefield, in which many different sensors and platforms transmit huge amounts of data that is integrated in real time to provide a comprehensive view of the battlefield. One offshoot of this strategy is that more and more kamikaze drones are directed toward a constantly expanding range of targets. Electronic warfare is adapting to this new reality, confronting mass with mass: massive numbers of drones against massive numbers of RF sensors and jammers. Ukraine is the first true war of the hackers. Attacks now often consist of far more commercial drones than a suite of RF detectors or jammers could handle even six months ago. With brute-force jamming, even if defenders are willing to accept high rates of damage inflicted on their own offensive drones, these previous EW systems are just not up to the task. So for now, at least, the drone hackers are in the lead in this deadly game of “hacksymmetrical” warfare. Their development cycle is far too rapid for conventional electronic warfare to keep pace. But the EW forces are not standing still. Both sides are either developing or acquiring civilian RF-detecting equipment, while military-tech startups and even small volunteer groups are developing new, simple, and good-enough jammers in essentially the same improvised ways that hackers would. Ukrainian soldiers familiarized themselves with a portable drone jammer during a training session in Kharkiv, Ukraine, on 11 March 2024.Diego Herrera Carcedo/Anadolu/Getty Images Two examples illustrate this trend. Increasingly affordable, short-range jammers are being installed on tanks, armored personnel carriers, trucks, pickups, and even 4x4s. Although limited and unsophisticated, these systems contribute to drone-threat mitigation. In addition, a growing number of soldiers on the front line carry simple, commercial radio-frequency (RF) scanners with them. Configured to detect drones across various frequency bands, these devices, though far from perfect, have begun to save lives by providing precious additional seconds of warning before an imminent drone attack. The electronic battlefield has now become a massive game of cat and mouse. Because commercial drones have proven so lethal and disruptive, drone operators have become high-priority targets. As a result, operators have had to reinvent camouflage techniques, while the hackers who drive the evolution of their drones are working on every modification of RF equipment that offers an advantage. Besides the frequency-band modification described above, hackers have developed and refined two-way, two-signal repeaters for drones. Such systems are attached to another drone that hovers close to the operator and well above the ground, relaying signals to and from the attacking drone. Such repeaters more than double the practical range of drone communications, and thus the EW “cats” in this game have to search a much wider area than before. Hackers and an emerging cottage industry of war startups are raising the stakes. Their primary goal is to erode the effectiveness of jammers by attacking them autonomously. In this countermeasure, offensive drones are equipped with home-on-jam systems. Over the next several months, increasingly sophisticated versions of these systems will be fielded. These home-on-jam capabilities will autonomously target any jamming emission within range; this range, which is classified, depends on emission power at a rate that is believed to be 0.3 kilometers per watt. In other words, if a jammer has 100 W of signal power, it can be detected up to 30 km away, and then attacked. After these advances allow the drone “mice” to hunt the EW cat, what will happen to the cat? The challenge is unprecedented and the outcome uncertain. But on both sides of the line you’ll find much the same kind of people doing much the same thing: hacking. Civilian hackers have for years lent their skills to such shady enterprises as narco-trafficking and organized crime. Now hacking is a major, indispensable component of a full-fledged war, and its practitioners have emerged from a gray zone of plausible deniability into the limelight of military prominence. Ukraine is the first true war of the hackers. The implications for Western militaries are ominous. We have neither masses of drones nor masses of EW tech. What is worse, the world’s best hackers are completely disconnected from the development of defense systems. The Ukrainian experience, where a vibrant war startup scene is emerging, suggests a model for integrating maverick hackers into our defense strategies. As the first hacker war continues to unfold, it serves as a reminder that in the era of electronic and drone warfare, the most critical assets are not just the technologies we deploy but also the scale and the depth of the human ingenuity behind them.


View Entire Post

Read Entire Article