9 September 2018

The Drone Threat Is Real. The Solution Is Complex

By Ben Joelson, Sean Horner

In August, Venezuelan President Nicholas Maduro claimed he was the target of a drone-borne explosive assassination attempt. While some sources assert that the entire episode may have been staged to assist Maduro in consolidating power in distressed Venezuela, the incident highlights the challenges of defending against and mitigating drone threats. The United States has experienced our own less nefarious drone incidents, including one that occurred in 2015 at the White House. Although it garnered less notoriety than the Maduro incident, a drone carrying de-activated grenades, and likely flown by an organized cartel, targeted a police chief in Baja Mexico in June of this year. These incidents bring to the forefront an issue that security professionals and governments have been struggling with since the introduction of inexpensive, and readily available, commercialized unmanned aircraft systems (UAS) or “drones” — how to identify, classify, and defend against one or many hostile drones?

The answer is complicated. Like many past technology solutions, mitigating hostile drones will require collaboration and convergence of public and private expertise, resources and technology. Throughout history, the “cat and mouse game” between adversary and defender has driven many advances in security technology—ranging from Linus Yale’s invention of pin tumbler locks in 1861 to complex electronic countermeasures aimed at defeating improvised explosive devices in Iraq and Afghanistan. However, the drone challenge is unique because it sits at the intersection of three trends: the availability and relatively low cost of commercial drones that are growing increasingly sophisticated; lessons learned from the IED-era about jamming and defeating a range of explosive devices; and a domestic regulatory and legal environment that is still playing catch up. Equally alarming is that the United States Government does not appear to have a widespread solution.

In May 2018, Sen. Ron Johnson (R-WI) introduced a bill, S.2836 – Preventing Emerging Threats Act of 2018, which would in effect provide The U.S. Department of Justice (DOJ) and The U.S. Department of Homeland Security (DHS) legal authority to deter, detect, track and take action against unauthorized UAS to protect designated facilities, infrastructure and assets. The bill remains under committee review. Two months later in July, DHS Secretary Kierstjan Nielsen published an op-ed in the Washington Post, outlining how unprepared the United States Government is to deal with a hostile drone threat. Much of this lack of preparedness, especially within the private sector, stems from an antiquated Federal Communications Commission (FCC)blanket ban on all jamming activity domestically in the United States. Not long after Secretary Nielsen’s op-ed Rep. Michael McCaul (R-TX) introducedH.R. 6401 – Preventing Emerging Threats Acts of 2018, which was referred to The U.S. House of Representative’s Subcommittee on Aviation. While the most recent The National Defense Authorization Act (NDAA) carves out some exceptions for The U.S. Department of Defense (DoD) and The U.S. Department of Energy (DOE), other agencies, including Secretary Nielsen’s DHS and the DOJ, are largely prohibited from employing drone countermeasures. Even with an amendment to the FCC’s blanket prohibition - which was designed largely to prevent GPS jamming and other RF-spectrum activities that could negatively impact commercial flights - questions remain around the efficacy of existing technology to defeat an airborne drone threat—especially operating at high velocity and altitude.

Current Counter-UAS (C-UAS) technology ranges from kinetic options like the shotgun shells with inside nets, purchased by the U.S. Air Force in 2016 as a stop-gap measure, to directed RF-Jamming technology utilized in a series of handheld options for ground-based defenders. Due to the FCC and Federal Aviation Administration (FAA) restrictions, private C-UAS technology companies have focused heavily on developing best-in-class drone detection and classification technology rather than defeat mechanisms. This technology leverages a range of sensors including ground-based radar, acoustic, RF-detection, and static cameras to identify drone incursions in designated airspace. The thought process is simple: you cannot defeat what you cannot see, and while these systems are impressive, they seem to be tailored to detect nuisance drones conducting illicit or harassing surveillance above private property. But how well can these systems detect and defeat a high-speed drone incursion intent on delivering an explosive payload? No matter how impressive C-UAS technology may be, or how effective it could be in protecting critical infrastructure and other high-value targets, many of these technologies cannot be deployed without significant changes to current laws and regulations governing the use of such technology.

Almost all commercially available technology and frankly the technology near-implementation at U.S. military installations require a human in the “kill chain.” There simply is not enough implementation data to entrust an autonomous system with classifying an aerial target and firing ammunition, net or otherwise, to bring it down. Other systems, including shoulder-fired RF-jamming devices, require an operator to visually identify a target before blasting a cone of disruptive RF noise designed to execute a “return to sender” command or force an immediate descent. These systems may work for slow-moving drones that do not present an overt physical threat, such as those flown by a nosy neighbor or backyard journalist, but questions remain around whether a ground operator could reasonably identify a target at 400 ft. of altitude and moving at a high velocity—even with early warning detection from a radar-based system.

So, what does the future of drone denial look like? It is likely that the defense industry will continue to lead the charge when it comes to developing a viable automated - and maybe one day autonomous - solution. The DoD continues to host a once-classified exercise called BLACK DART at Eglin Air Force Base to address this question. And, while some of the solutions tested there are undoubtedly classified, the future of drone denial will likely include directed energy—an area the U.S. Air Force has devoted a significant amount of resources into developing. Specifically, high-powered microwaves (HPM’s) and high-powered lasers (HPL’s), coupled with advanced tracking and classification technology, is likely where drone denial is headed... But these endeavors will be costly and prohibitive for smaller, private C-UAS companies to develop, which will most likely fall to one of the larger aerospace and defense contractors with both the budget and capacity to research, design, test, and evaluate such a system on their own.

Unfortunately, this leaves many U.S. government agencies and private sector organizations, including those who operate power plants, airports, stadiums and other mass gathering venues in the United States, without a perfect solution. Since most of the commercial denial systems are not cleared for use in the United States, and others likely carry the same restrictions as a firearm (e.g., shotgun shells), companies are left to invest in drone detection technology and notification systems that sound the alarm or instruct personnel to shelter in place—certainly less than an ideal solution, especially for defeating an explosive-laden drone. That said, as has been the trend with many other technologies, once the industry identifies a solution, these systems will likely integrate with existing drone detection technologies, making such investments extremely valuable. Perhaps companies can take comfort in knowing other first world governments (including the U.S.) still struggle with drone incursions, as evidenced by Secretary Nielsen’s note. Additional “near-misses” continue to highlight a lack of preparedness, including a 2017 incident when a drone collided with a commercial aircraft in Canada near the Jean Lesage International Airport, or when a drone narrowly missed fans at a San Diego Padres game before crashing in the stadium. 

Finally, it is worth noting that while a comprehensive solution from detection to defeat is desirable, certain companies are already carving out specialized capabilities that can one day support an open-architecture ecosystem of drone detection, monitoring, navigation, and mitigation response options. In certain circumstances jamming the drone might make sense, in others, it may be enough to simply close privacy blinds to prevent surveillance or warn spectators to shelter-in-place. With over 100,000 “Remote Pilot Certificates” having been issued by the FAA, and the advent of more regular drone flights using upgraded technology, C-UAS research and development will play a key role in future security system design. Given the range of drone technology currently in use and the myriad of response and mitigation options, it is also is likely that a “system of systems” will be the best option versus one homogenous end-to-end solution. Either way, security stakeholders need to start preparing and thinking about drone threats now or face being overwhelmed by an exploding market in five to ten years.

Ben Joelson and Sean Horner are directors of the Chertoff Group's Strategic Advisory Services, advising clients on physical security risk management.

No comments: