Iran’s response to the joint strikes by the USA and Israel has reiterated the extent to which warfare has been transformed by drone technology. The prospect of being attacked by cheaply-made weapons that hunt down targets a thousand miles behind enemy lines is no longer restricted to the pages of science fiction novels. Cut off by sanctions from the evolving technologies needed to field effective fighter jets, Iran’s theocratic rulers became ardent investors in the development of air power through remotely-guided and self-guided flying drones, also referred to as unmanned aerial vehicles (UAVs) by military professionals. Iranian production lines have fed UAVs to Russia in the wake of its stalled invasion of Ukraine. Both sides in the Ukraine conflict are making extensive and innovative use of UAVs due to the near impossibility of either gaining air superiority as a consequence of modern air defense missile systems. In recent days we have seen Iran and its proxies retaliate to the attack by US and Israeli forces by launching UAVs at a diverse range of military and civilian targets in Azerbaijan, Bahrain, Cyprus, Kuwait, Oman, Saudi Arabia and the United Arab Emirates.
UAVs succeed where airplanes fail because they are so much cheaper to manufacture, allowing them to be deployed in large numbers, either to overwhelm air defenses or to find gaps in those defenses by trial-and-error. The most widely-publicized attack inside Russia involved Ukraine’s SBU intelligence service smuggling the components for over a hundred UAVs across the border, where they were then assembled and transported deep into Russia by truck. At the scheduled time, they all came alive and used mobile networks to guide their flights to unprotected airfields, where they exploded and caused RUB560bn (USD7bn) of damage to Russia’s most sophisticated bomber aircraft. To rub salt into the wounds, Ukraine also had a propaganda victory by sharing the video footage of the raids transmitted back to them across those mobile networks.
Drones have had such an influence on warfare that Elon Musk has significantly tilted the odds in Ukraine’s favor by preventing Russian forces connecting to his Starlink constellation of satellites while continuing to permit Ukraine to use them. Mobile networks provide an alternative form of connectivity to satellites, which explains why some of the Russian UAVs that have been shot down contained SIM cards from Ukrainian networks. A new research paper by Cathal Mc Daid of Enea, one of the world’s foremost experts in mobile network security, examines the ways militaries will subvert mobile networks as part of their strategy for offensive UAV operations. Entitled “Riders on the Cellular Storm — Mobile Connected UAVs in Conflict”, the contents are both fascinating and terrifying.
As Mc Daid points out, our first concern should be that insufficient attention has been paid to hardening mobile networks to prevent them being exploited by enemy UAVs.
However, while there has been much research from us and others on the use of mobile networks in war, the intersection of mobile networks and drones in warfare has not been analyzed in depth.
We outline that military investigation and discussion of the use of civilian mobile networks by (military) drones was lacking. We attribute this to a general belief in military thinking that civilian mobile networks did not have a role to play in UAV communications.
The invasion of Ukraine should change our thinking.
By profiling the evolution of mobile communications and drones in The Ukraine War we show that this belief was unfounded. Focusing on the evolution of Russian drones, and then Ukrainian drones from downed and captured reports, we can see a general increase in the sophistication of mobile network usage from both sides — from using mobile networks as simple location system, to being extended to transmit telemetry, then audio visual information, and then in some cases to allow control of the drones.
Mc Daid is one of the leading experts in mobile network security, and this is reflected in the comprehensive range of anti-UAV defenses he identifies. These techniques range from the crude reaction of simply shutting entire networks down to some highly sophisticated ways that new technologies might be deployed to identify network traffic generated by UAVs. The following is a very succinct summary of the countermeasures detailed by Mc Daid.
- Shut down mobile networks. The method would be completely effective although highly disruptive to the defending side.
- Switch off mobile internet services. Stopping all transmission of data over radio access networks would have the same effect, but also at a significant cost to the rest of society.
- Temporarily suspend services for specific cell sites. The risk with this approach is that UAVs may fly around the area that is disrupted, or may have already penetrated beyond the affected area.
- Permanently suspend services for specific cell sites. This would be like creating a ‘no man’s land’ for radio telecommunications around the front lines.
- Block specific SIMs or devices. Service can be denied for SIMs and equipment that has potentially been transported into enemy territory. However, criminals have repeatedly demonstrated they can fake the IMEIs of equipment and obtain large stocks of unused SIMs.
- Use algorithms to identify network traffic associated with UAVs. There may not be enough knowledge to obtain a high success rate with this technique at the beginning, but combining machine learning with analysis by human experts may accelerate the process of discriminating between enemy activity and false positives.
Mc Daid’s ultimate conclusion is that countries should be prepared to use all of these techniques. I would go further by emphasizing that countries need to make preparations immediately, and not just wait until UAV attacks occur before devising a plan for how to disrupt the mobile data services that attackers may be exploiting. The threat is real and changes will need to be made to mobile networks because of the scale of threat posed by UAVs that can be cheaply and rapidly manufactured. If Iran can amass large stocks of UAVs then so will many other military powers. Mc Daid provides a vivid analogy.
Given the need for all countries to learn from this conflict, and to avoid a similar ‘Drone Pearl Harbor’ incident, then every country should prepare to put in place mechanisms to deny the use of mobile networks to offensive drones if needed.
Like his earlier research on the use of mobile network technology to track the movements of enemy combatants, I expect Mc Daid’s new report will be essential reading for a wide range of professionals working for governments and military forces as well as communications providers. Iran’s UAV attacks have illustrated why past complacency about the potential enemy exploitation of mobile networks must end now.
“Riders on the Cellular Storm — Mobile Connected UAVs in Conflict” is freely available without registration from here.
