This reflection was a result of a two-part participation with the UNOCT, including both a workshop and the event.
I was incredibly honoured to be invited to speak to the United Nations Office of Counter-Terrorism (UNOCT) in their Preventing and Countering Terrorist Use of UAS event and the release of the Global Report on the Acquisition, Weaponization, and Deployment of Unmanned Aircraft Systems by Non-State Actors for Terrorism-Related Purposes.
For context, I was asked to discuss major trends and developments to focus on in the short-medium terms with regards to terrorist use of UAS - a much shorter speech than I usually intend to give, but happy to share it with you here. This was due to the work DroneSec conducts in all-source UAS threat intelligence and global UAS incident tracking. We provide Military, Government and Law Enforcement with awareness of the latest adversary UAS tactics, techniques, procedures and the technologies and methods they use to conduct malicious operations.
Before diving into the topic, I want to highlight that just as the UN convened to discuss this important topic, threat actors are meeting online and, in some cases, up to 30,000 users in a single underground forum. Forums such as these are dedicated to the sharing of TTPs on using UAS as weaponized threat vectors. The only way we can overcome this level of sophistication is to work harder, smarter and in cross-member state collaboration.
Just one year ago, three individuals launched a farming agricultural UAS over a political campaign in Brazil. As the large UAS with 10L capacity, dropped almost 2L of farming and human liquids on the attendees below, most in the audience simply thought the UAS was there for filming purposes; not reacting until it was too late. It is extremely difficult to discern between a hostile and a non-hostile UAS, whether it be in the sky or sitting in a vehicle, which makes all of our work very difficult.
Recently, we saw a criminal organisation in Israel use a remotely controlled UAS, fly up to a balcony and detonate in an attempt to assassinate someone in a high-rise apartment. These tactics, techniques and procedures know no bounds, and will continue to be seen as a force multiplier by potential terrorist use.
Trends in the short-medium term
I’d like to highlight some key trends we are seeing in the space:
For acquisition of UAS: Our analysis demonstrates that both the theft of UAS, and the overseas importation of heavy-lift and FPV UAS (and UAS parts) from cheap, online stores, are useful for terrorists in acquiring the right technology to conduct impactful attacks. Both whole Switchblade 300’s and Black Hornet Nano schematics have been placed up for sale on darknet and hacking forums for sale to international buyers. Similarly, UAS are cyber-physical systems – it is important we highlight this from a cross-skills and cross-domain basis. The trading of hacked or hijacked digital UAS accounts, is increasing in terrorist effort to create yet another layer of abstraction, hiding their digital identity from physically flying the UAS. Similarly, actors can purchase software or hardware modification systems for as little as $5 - $50 USD which deliberately bypass prevention or counter-measure systems, such as geofences and even jammer guns. These are available to buy online with the click of a button, and trivial to locate.
For weaponization of UAS: Our analysis shows that online tutorials are the easiest way for potential terrorists to learn how to create payload droppers, attach objects to UAS and even refine the aerodynamic stability of the payloads for accuracy and aiming at targets below. Payload droppers can be purchased off websites for as little as $30 USD, or 3D printed at home with readily available 3D printing systems for as little as $6 USD in material costs. These 3D schema blueprints, and made-to-order parts are gaining in popularity online, and paired with home-made payloads. Objects can range from dangling copper wire from a UAS with the hope of disrupting electrical substations to using garage-made caltrops and sharp spear-like objects. We are already seeing the rapid development of AI attempting to aid with the tracking and targeting of small, dropped munitions towards moving targets – these are not military UAS, these are systems that are purchased from a store. We need to keep alert and aware of these advancements in weaponization of UAS by terrorists.
For the Deployment of UAS: Threat actors realise they can target locations that were previously too difficult to gain access physically. The flying of home-made UAS to carry up to 70kg a over water storage basin, was demonstrated in Australia. The targeting of residential skyscrapers and telecommunications towers have suffered explosive impact where previous attempts by foot or by vehicle would have been significantly more difficult. The expansion of technologies such as 4G/5G controlled UAS, and Starlink-enabled systems, provides potential terrorist with the opportunity to fly and deploy COTS UAS from another country or over the border. Lastly, systems do not require a constant ‘human in the link’ and once launched, can complete their mission without human intervention. Terrorists are familiar with these benefits for deploying UAS and will take the opportunity when it provides a cheap and effective way to complete their goals.
These are just a few short examples of trends we are seeing in the space. They will move quickly. In some cases, we observe trends change and morph within weeks of their use or pop up again many months later as the knowledge is transferred and proliferates around the world. We can and we must keep up with these trends, the most likely and the most dangerous threats, and share this information with each other.
At DroneSec, we imagined a world where the sharing and collaboration of drone threats and incident reporting would take place at scale. Our Drone Threat Intelligence Platform (DTIP) enables just that – already many member countries use DroneSec to discover new UAS threat trends, dive into deep analytical research and stay aware of the threat actors, their technologies and their tactics, techniques and procedures. It is the only way an organization can be briefed, as things happen, as to how UAS are being utilised for nefarious or terrorist uses. Please contact me or visit www.dronesec.com or training.dronesec.com if you’d like to learn more.
Mike Monnik - DroneSec CEO
If you would like more information, the following links may be useful to you:
Berlin Memorandum on Good Practices for Countering Terrorist Use of Unmanned Aerial Systems
Delhi Declaration on countering the use of new and emerging technologies for terrorist purposes
Protecting vulnerable targets from terrorist attacks involving unmanned aircraft systems (UAS) Good Practices Guide
Global Report on the Acquisition, Weaponization, and Deployment of Unmanned Aircraft Systems by Non-State Actors for Terrorism-Related Purposes (Released Soon - will update here)