(NOTE: This is an abbreviated excerpt from "Estate Security Hacks." Want to download the full article & 21-page PDF? — Click Here
I'm honored to feature another great, guest author this week: Larry D. Friese, Jr. from Aerial Information Systems Corporation (AISC). There have been some informative articles written about drones and security, but this one is by far one of the most comprehensive and insightful articles I've read on the subject. Without further delay, please enjoy this great article and share the PDF with your colleagues.
Before we begin, here’s an abbreviated biography of our guest author (full bio at conclusion)
Larry D. Friese, Jr.
Larry is an experienced aerospace engineering professional and the founder of Aerial Information Systems Corporation (AISC). For nearly 20 years, he has conducted UAS development & operation, modeling & simulation, and aerial target development & operation. Notable organizations that Larry has supported include the National Security Agency (NSA) and the US Air Force Air Warfare Center.
The use of drones is on the rise and so is the misuse of drones. While there is some hype around drones, or unmanned aircraft systems (UAS), they are here to stay. We are witnessing the early evolution of a new tool that will affect many aspects of society, from agriculture to emergency services to home delivery. And as with any tool, it’s not if, but when the tool gets used in a reckless or malicious manner.
From a security perspective, drones have the potential to nullify many of the protective measures long relied upon to deter and stop ground-based threats. Walls, vehicle barriers, and officers currently offer limited resistance to even a poorly skilled drone operator with a desire to attack or conduct surveillance against a target. Since World War II, the western private sector has largely not faced a serious threat from the air. The notable exception being 9/11, which was unfathomable to most people on 9/10. Who would fly an airliner into a building? Answer: the same type of people who would fly an explosive laden drone. So, security professionals need to start considering the sky again as a potential avenue of attack.
In this article, we will provide a brief list of known incidents involving drones and then go on to discuss how executive protection professionals can address drone threats. First by looking at counter-UAS measures, then laying out some regulatory roadblocks currently encountered by the private sector, and then finally a checklist of what executive protection professionals can do now.
Note: This is an introductory discussion on the topic and we have also withheld some information for security reasons.
Security and Safety Incidents Involving Drones
The following is a non-exhaustive list of drone incidents relevant to the executive protection field:
Feb – Drone collides with Cessna 172 (British Columbia, Canada)
Feb – Drone collides with Robinson 22 helicopter resulting in the helicopter crashing (South Carolina)
Feb – Drone overflies Frontier Airlines A320 on approach to McCarran International Airport (Nevada)
Jan – Drone found on taxiway at Naval Air Station Fort Worth Joint Reserve Base (Texas)
Jan – Drone flown over FA Cup match (England)
Dec – Drone collides with Black Hawk Helicopter (New York)
Nov – Drone (illegally) drops leaflets over Levi Stadium during a San Francisco 49ers game (California)
Oct – Drone hits commercial airliner, first publicized incident of this kind in North America (Quebec, Canada)
Sep 2016 – Man arrested for flying drone over Polish Prime Minister’s Office (Warsaw, Poland)
Apr 2015 – Drone carrying a small amount of radioactive material is landed on the roof of the Japanese Prime Minister’s Official Residence (Tokyo, Japan)
Jan 2015 – Drone Crashes on White House Lawn (Washington D.C.)
Oct 2014 – Drone with “Greater Albania” (nationalist) flag was own over a soccer match, causing a significant brawl and game cancellation (Belgrade, Serbia). As a result, friction was created between the countries’ political leaders.
Sep 2013 – A political activist caused disruption at a campaign event attended by Angela Merkel, eventually landing the drone on the main stage (Dresden, Germany).
Tech vs. Tech
EP professionals shopping for counter-UAS technology are likely to run into a vendor pushing tech vs. tech. That is, the only way to address threats from drone technology is with (their) counter-drone technology. This isn’t necessarily the case. There are ways to mitigate risks using no tech at all or your existing security tech. Like drones, counter-UAS is very new, so be wary of going all in on some counter-UAS tech before exploring all your options.
Detection is the first phase in the drone engagement process. There are many approaches being studied to detect the presence of a drone in a given airspace, but the following are currently the most common.
Radar: Radar is a tried and proven way for detecting airborne threats, but most radars are not designed to detect slow drones that fly near the ground. This issue is being addressed while ground surveillance radars are being repurposed to search for drones. While quite capable, the radar can also be quite expensive.
Radio Frequency: Most drones are going to have a radio link (AKA a data link) between the drone and operator on the ground. It could be a standard hobbyist remote control radio, or it may simply be WiFi. External properties of the data link’s signal can be used for position approximation of the drone and operator. With access to the data link’s internals (i.e. the ones and zeros), much more information can be obtained, including the drone’s exact position and possibly where it’s going. A key point to remember though, is this detection approach can work on most drones. If the drone does not have a data link, which is possible, this approach is ineffective.
Electro-optical (EO) / Infrared (IR) Cameras: EO/IR sensors monitor for drones in the visible light and infrared (thermal) spectrum, either with an operator watching the video feed or specially designed automated algorithms. In either case, training must occur to teach the “detector” what a drone looks like in flight, considering its visual/infrared signature and flight characteristics. IR is a formidable day/night sensor type; hence it should be paired with an EO sensor, which has obvious limitations at night. Both suffer from inclement weather.
Acoustic: Drones emit distinctive sounds. Electric multirotors, like the DJI Phantom, sound like a bee hive. Internal combustion engine-powered drones sound like leaf blowers. And jet-powered drones sound, well, like jet fighters. Properly designed acoustic sensors can pick up on these sounds and possibly use them to not only alert, but to approximate the position of the source. This approach has two serious issues, however. They have limited range and are susceptible to environmental noise.
Human Sight / Hearing (Humans-As-Sensors): Human sight and hearing should not be overlooked. When trained what to look and listen for, people in and around the target location can be an additional set of counter-UAS sensors. They face some of the same limitations as counter-UAS tech, but they may also be able to process and alert much faster with fewer false alarms. Not to mention, there’s a cost advantage.
Identification (ID) is the next phase in the engagement process. It’s the stage where you decide if the drone is a threat, which is going to be a serious dilemma as more and more drones take to the air. ID approaches will often be combined with the detection components if they exist at all. It may be up to you, the end user, to determine the make and model of drone and whether it is hostile. This may boil down to how close the drone is to the target and its trajectory as determined by your counter-UAS system or human observation. Until proven otherwise, the drone should be considered hostile because time is of the essence in drone engagements.
We’ve already talked about drone signatures for detection, and without going into the technical details, it may be possible for a counter-UAS system to ID a drone based on its physical signatures, especially EO/IR and acoustic. Now, we’ll provide some ID approaches that are more common and more likely to provide reliable results.
Radio Frequency: External signal characteristics such as frequency can be used to ID the class of equipment being used by an unknown drone operator. For those drones using WiFi, it may be as simple as seeing a new SSID show up in your area. For example, if a Phantom 3 operator does not change the default setting, you are likely to see a SSID of “PHANTOM3_XXX.” If signal internals are available, drone make and model information may be available in some form.
Identification Friend or Foe (IFF): IFF is a military approach to tell the difference between friendly and hostile aircraft in battlefield conditions. You transmit a signal that all nearby aircraft receive, and properly equipped “friendlies” reply with a signal. Those who don’t reply or don’t reply properly are considered unknown or hostile. Drones are likely to get a similar system that will continuously broadcast their ID and probably position. If you are pilot, it would be something like ADS-B for manned aircraft. In fact, there are ADS-B systems small enough to fit on drones today. With this approach, you need special equipment to collect and monitor the drone ID transmissions. Expect to see regulations in many countries mandating this tech on drones in the form of a “Trusted Drone” program. That said, we know threat actors are hardly rule followers. There will be countless ways to get around IFF tech for years to come.
Defeat is the last phase in the engagement process. It’s important to note defeat does not necessarily mean shooting the drone down. It can mean just denying information to the drone operator. So, it’s going to depend on your circumstances for what a successful defeat looks like.
There are active and passive defeat approaches. As we will discuss later with regards to regulations, you will probably find passive defeat as the only option for most scenarios. We’ll discuss a few common approaches here.
Concealment: Surveillance drones primarily rely on their cameras to gather information. So, one way to stop this is to conceal your activities as much as possible. You can use static structures to block aerial vantage points. In a residential or office environment, you can also link window shudders to a counter-UAS system that will automatically activate upon the presence of a drone.
Obstacles: Counter-UAS obstacles, when complemented with in situ terrain features and man-made obstacles, can be used to thwart the approach of a drone. Obstacles could include artificial covers, towers, cables, and new trees. Anything that could make an avenue of approach more complex.
Obscurants: In static and mobile settings, obscurants such as smoke can be used to render a drone’s camera ineffective for some period. This length of time may be enough to make an escape or move under cover & concealment.
Note: You may come across the terms “Soft Kill” and “Hard Kill.” A Soft Kill means we are manipulating the drone to reduce its effectiveness or force it to land. A Hard Kill means we are physically acting against the drone to stop its flight.
Projectiles (Hard Kill): Drones are not built for survivability. So, a well-placed round, especially on a propeller, is likely to disable the drone. There are two issues with projectiles though. First, it’s not as easy as you may think to get that well-placed round. A maneuvering drone can present quite a challenge for a shooter. In Iraq and Syria, a common and successful technique is barrage fire, that is filling a volume of space ahead of the drone with projectiles. This leads to a second issue, the projectiles which miss the target must land somewhere, creating a hazard to people and property.
Radio Jamming (Soft Kill): Drone designers can account for some radio interference in their designs, but only so much. If you transmit radio noise in frequency bands used by the drone’s data link and satellite navigation, you may be able to cause the drone to lose communications and/or the ability to navigate. Depending on the drone and flight conditions, this may force the drone to land itself immediately or return to its home point. It could also lead to unpredictable behavior, which may pose a hazard to people and property.
Radio Protocol Injection (Soft Kill): Radio protocol injection requires you to get inside the drone’s data link and have some knowledge of how the drone works. If these conditions are met, your counter-UAS system could simply command the drone to land immediately or return to its home point.
Capture Nets (Hard Kill): Capture nets can be used from the ground as well as a hunter-killer drone. The net encompasses the drone and causes it to cease flying by disrupting the propulsion system. The net-drone bundle then falls to the ground. There may be a parachute included which slows the rate of descent, and in the case of another drone, a line may be used to suspend the bundle until landing. Ranges of these capture nets are limited, so the ability to engage the hostile drone at stand-off distances from the target is very important.
Dazzling (Soft Kill): Dazzling is directing lasers towards the drone’s camera. For surveillance drones, this will prevent the camera from gathering information. It may also disrupt guidance systems during a drone attack. Like projectiles, however, getting the laser on the drone may be an issue. Lasers are also a hazard for manned aircraft as well as people on the ground.
Left of Launch
Left of Launch encompasses all those activities that occur to prevent a hostile drone from taking flight in the first place. It’s really your first line of defense. Examples include:
• Gathering and analyzing threat intelligence
• Disrupting threat actor supply chain and abilities to build drones and train operators
• Developing and deploying left of launch countermeasures
• Red teaming
Left of launch activities may present one of the bigger challenges to security professionals. They often require close relationships with local law enforcement, government security services, and neighbors. A further complication is the amount of technical background needed to execute these activities. Extensive training or outsourcing to counter-UAS specialists is required.
Here and later in the article, we mention the use of red teaming. We feel that red teaming is essential in addressing new threats posed by drones. Drones are asymmetrical in nature, potentially giving an unusual amount of leverage to an adversary. But we need to remember that there is still a person behind the controls of that drone. They have a set of knowledge, skills, and abilities which could be evolving. They have a certain, and potentially powerful motivation. They also have specific behaviors which could affect how they employ a drone.
Red teaming becomes modeling of the drone’s technical capabilities as well as these human factors. Ideally, it’s based on observed data from known threats, but sometimes, as with lone wolves, the best we can accomplish is studying similar incidents and filling in the gaps with estimates and villain research & development (R&D). What’s villain R&D? It’s studying how a drone can be used for malicious acts before a threat actor figures it out. So, when you engage a red team that uses this approach, you are going to be better prepared for what the real bad guys might bring to the fight.
As you’ve probably gathered so far, every counter-UAS approach has some issues. That’s to be expected and the reason why end users should employ an Onion strategy. The Onion simply means layering your defenses to enhance strengths and compensate for weaknesses. Some counter-UAS tech vendors have latched onto this approach and provide interfaces and data fusion software for sensors they don’t produce themselves. Otherwise, you would be left with a patchwork of different counter-UAS approaches and the headache of figuring out how to perform data fusion yourself. And it’s important to point out, the Onion isn’t just about tech. It also includes the human-as-a sensor element as well as Left of Launch approaches.
Counter-UAS is a legal and liability mine field currently in the U.S. and many other countries. Before getting into this very top-level discussion, it’s important to point out counter-UAS users should get legal advice from their attorney regarding their specific situation.
The key issues in the U.S. are
1. Airspace regulation
2. Regulations regarding interfering with aircraft
3. Regulations regarding use of the radio spectrum and interfering with other radios
When it comes to airspace, the federal government has all the authority through federal preemption. The reason behind this was to avoid a patchwork of local and state aviation regulations for manned aircraft. For drones, this appears to still be the case, but many state and local drone ordinances have been enacted across the country. These ordinances control where, when, and under what circumstances someone can operate a drone. There appears to be some interest at the federal level now to delegate authority to state and local government, but who knows what’s going to happen in the long term future. Will it end up in the courts? Will there be a definitive federal regulation on airspace authority? The bottom line is this: airspace restrictions have their uses for counter-UAS, but fundamentally a threat actor will ignore them.
There are federal laws in place that prohibit interfering with an aircraft. Drones fall into that category right now. The military has been given authority to interdict drone threats over military facilities, but civilians are in limbo. There are efforts at the federal level to enable law enforcement to interdict, so stay tuned for that. Private sector security professionals appear to still be left out in the cold. Can you claim self-defense from a drone? Again, this needs to be a discussion with a legal advisor.
There are also strict federal laws in place governing the use of the radio spectrum. Jamming radio signals is a not allowed, nor is penetrating wireless communications. Here’s why: let’s say a potential target is transiting through an airport on a private jet. A drone is being used to surveil the person. The security detail becomes aware of the drone and decided it’s an immediate threat. They deploy a jammer which jams not only the drone’s data link, but the GPS satellite navigation frequency. At the same time, an airliner is on a GPS-based approached to that airport. While jamming can (should) be directional, it is not selective. You will interfere with everyone on those frequencies within your jammer’s field of view.
The final issue, liability, is concerned with damage to a drone as well as third parties on the ground. What happens when a very expensive drone legitimately taking photos of the estate next door strays into your area of responsibility and you engage it, resulting in the loss of the drone? Who pays for the loss of the drone? What happens when the drone lands on the neighbor’s Tesla? Does your insurance cover this? The concept of counter-UAS is even newer than drones, so there are still many unanswered questions.
What Executive Protection Professionals Can Do Now
Re-examine your threat actors periodically. What are their capabilities vis-a-vis drones? (If your threats are undefined, model them with red teaming)
Get familiar with drone tech and stay up to date
Develop a baseline for “normal drone activity” at your operating locations
Develop a standard drone activity reporting procedure (i.e. type, size, color, altitude, direction of flight, etc.)
Determine your threats, vulnerabilities, and risk from drones
Manage threats as required
Develop plans for aerial avenues of attack
Response: cover & concealment, escape & evasion, etc.
Determine counter-UAS tech employment options
Establish rules of engagement
Attempt to locate and identify the operator
Notify local law enforcement and civil aviation authorities about drone activity
Push deep into your outer security circles, as response time is key
Liaison with local law enforcement for threat intel and defeat authority queries, but be aware that they may know less about drone threats
If you need to purchase counter-UAS tech: know your requirements, budget, how the vendor is keeping up with threats, and how you will know if you’re getting good tech
Red team everything
Attend drone threat awareness courses from specialists
Use tabletop and live exercises to periodically exercise your counter-UAS plans and tech
Make Yourself a Harder Target
Employ some of the passive countermeasures mentioned in the “Defeat” section
Let the world know you are aware of drone threats with signs, reaching out to local drone operators, etc.
Use deception in public facing defenses
About the Author
Larry D. Friese, Jr. is an experienced aerospace engineering professional and the founder of Aerial Information Systems Corporation (AISC). For nearly 20 years, he has conducted UAS development & operation, modeling & simulation, and aerial target development & operation. Notable organizations that Larry has supported include the National Security Agency (NSA) and the US Air Force Air Warfare Center.
AISC is a boutique consulting firm specializing in the emerging threat posed by small unmanned aircraft. Our company is different in that we focus entirely on the threat from an adversary’s perspective. Our unique background of aerospace threat intelligence, aerial target development and operation, and UAS development and operation ideally positions AISC to assess and play the role of bad actors employing drones. Government and private sector clients use our services to enhance their security postures as well as to test their defenses against the rapidly evolving drone threat.
About the EP Nexus Blog
The EP Nexus executive protection blog, is a comprehensive resource for security professionals involved in executive protection, protective intelligence, threat assessment, and related fields.
Launched in March of 2016 as a resource for executive protection professionals, command center gurus, and close protection know-it-alls, EP Nexus is quickly becoming a resource for those seeking to quench their thirst for executive protection reading.
The most popular section of the blog is Executive Protection Hacks. EP Hacks is a series in which we address complex topics (one topic per issue) in a convenient collection of tools & writings. I am actively collaborating with industry leaders to produce future issues. If you're interested in taking an active approach in moving your industry into the future, contact me below.
Outside of EP Hacks, I explore the following topics in writings, tutorials, and webinars: online tools for executive protection professionals, open source intelligence investigations (OSINT), threat assessment, protective intelligence, travel security, and more.
Sign up for the newsletter to receive premium content and monthly updates.