A report on the Web site of the Christian Science Monitor claims that Iran exploited a long-known vulnerability in the GPS navigation system of the U.S.’s RQ-170 Sentinel drone to force it into landing safely within Iran.
The report, Thursday, cites an Iranian engineer that is part of a team that is analyzing the drone, which was captured last week. It claims that the Iranians first blinded the aircraft by jamming its communications. They then exploited a known vulnerability in the GPS system used by the drones to fool it into thinking it was landing at its home base in Afghanistan. Instead, the drone landed, intact, within Iran.
The report, if true, is a serious blow to U.S. military and intelligence operations within the country. Recent reports cite circumstantial evidence a mounting cold war between the U.S. and its allies, including Israel, and Iran. That war has included high level defections, mysterious deaths and apparent assasinations and covert cyber operations, such as the Stuxnet worm, which is widely believed to have been developed to retard Iran’s nuclear program.
Unmanned drones have played an important role in the covert operations, flying along the border regions with Afghanistan (according to the U.S.) and over Iran itself (according to the Iranian government) to monitor the country’s nuclear program.
The capture, intact, of one of the military’s most sophisticated drones is an intelligence coup for the Iranians, allowing the country’s technicians to reverse engineer the hardware and software used to control the ship. It could also be a boon to Iran’s allies and would-be allies, including China and Russia, either of which would be anxious to get their hands on one of the U.S. military’s most advanced drones.
The GPS vulnerability exploited by the Iranians was discovered using research on other downed drones, according to the Monitor report.
Problems with the wireless navigation and communications systems used by stealth aircraft aren’t new. The Wall Street Journal reported in 2009 that insurgents in Afghanistan were able to capture video footage from hovering drones using Skygrabber, a widely available piece of commercial software that can intercept satelllite data. The military says that it has since beefed up the security of communications to and from drones. However, they still rely heavily on military grade GPS for navigation. More recent reports documented a malware infection at Creech Air Force Base, the command and control center for the military’s drone aircraft. Finally, a recently leaked report by the U.S. Air Force Scientific Advisory Board found that “limited communications systems” in remotely piloted aircraft “restul in communications latency, link vulnerabilities and lost link events.”