Return to

April 6, 2017
Notes from the Pentagon

Stratcom issues guidance on drone threats
The commander of the Strategic Command voiced concerns this week that terrorists could use drone aircraft to attack U.S. nuclear facilities.

Air Force Gen. John E. Hyten, Stratcom chief, told a Senate hearing that he recently issued new policy guidance on how security personnel at nuclear bases should respond to unauthorized intrusions by remotely piloted drones. Gen. Hyten said recent incidents of unauthorized intrusions by drones at Navy and Air Force facilities were “incidental” overflights and not deliberate surveillance or other nefarious activity.

“But the fact that they’re occurring, and then if you watch what is happening overseas in the [Central Command area of responsibility] with the use of lethal [unmanned aerial vehicles], and the use of UAVs for surveillance on the part of a terrorist adversary, I’m very concerned that those same kinds of UAVs could be employed against our weapon storage facilities, especially the nuclear weapon storage facilities,” the general said.

Last week, Gen. Hyten signed new guidance to nuclear forces on how to respond to “a threat UAV or a surveillance UAV.”

The classified guidance is designed to instruct security forces, such as Marines guarding the Kings Bay, Georgia, nuclear missile submarine base or airmen protecting the F.E. Warren Air Force Base missile facility in Cheyenne, Wyoming, on how to respond to drone intrusions, Gen. Hyten said.

The guidance is designed to provide a legal and policy framework as well as rules of engagement.

Inside the Ring reported March 8 that in response unauthorized intrusions by aerial drones at Navy and Air Force nuclear bases, both services plan to deploy defenses to detect, track and shoot down drones.

Another option under consideration is the use of birds of prey — eagles and hawks — to take out small drones that intrude over sensitive facilities.

Electronic devices that disrupt drone control signals also are being considered.

Lt. Col. Martin O’Donnell, a Stratcom spokesman, declined to provide details on anti-drone defenses.

“Protecting our force remains a top priority,” Col. O’Donnell said. “That is why Gen. Hyten issued very specific but classified guidance to his force on how to counter the unmanned aircraft threat to the security of facilities, assets and personnel under U.S. Strategic Command.”

As Chinese President Xi Jinping meets with President Trump in Florida this week, the commander of the Strategic Command is warning that China’s nuclear buildup is raising questions about Beijing’s declared policy of not being the first to use nuclear weapons in a conflict.

“Although China still professes a ‘No First-Use’ doctrine, it is re-engineering its long-range ballistic missiles to carry multiple nuclear warheads,” Air Force Gen. John E. Hyten said in prepared Senate testimony made public Tuesday.

China also is continuing to develop and test its hypersonic-glide vehicle capability, a weapon that has undermined U.S. nuclear deterrence strategy.

Gen. Hyten indirectly criticized the Obama administration policy of reducing U.S. military reliance on nuclear weapons, noting the policy spurred both China and Russia to increase reliance on nuclear weapons and to aggressively modernize and expand their arsenals.

“Our adversaries have taken the exact opposite view of our de-emphasis and have emphasized those nuclear capabilities once again,” he said.

A major worry is China’s development of ultra-high-speed hypersonic maneuvering strike vehicles. The weapons are launched atop ballistic missiles and then accelerate to speeds of more than 7,000 miles per hour. The high speeds make them difficult to detect and stop since they can outfly most anti-missile interceptors.

Hypersonic missiles are “very significant in terms of our ability to see them and provide warning,” he said. “We need to figure out how to do [that] with those.”

The general sounded the alarm about the aging U.S. nuclear arsenal and delivery systems that need to be upgraded to maintain deterrence against the new and growing Russian and Chinese nuclear missiles, submarines and bombers.

“I’m asking for help on modernizing our entire forces and making sure we have the force structure that is needed to make sure we can deter, not only today, but into the future,” he said.

Sen. Marco Rubio questioned key cybersecurity officials, including the former director of the National Security Agency, about the use of Russian security software that has been linked to the Russian security services.

The Florida Republican disclosed during a recent hearing of the Senate Select Committee on Intelligence that members of his presidential primary campaign last year had been targeted in cyberattacks from unidentified hackers in Russia. Computers used by Rubio aides were attacked by Russian hackers beginning in July in an unsuccessful attempt to gain access to internal campaign documents.

The senator then announced to the committee that on March 29 another unsuccessful Russian cyberattack was carried out against his former presidential campaign members.

Mr. Rubio then asked three cybersecurity experts testifying before the committee if they would use cybersecurity software produced by the Russia-based company known as Kaspersky Lab, and if they would recommend that senators use the company’s products.

“There have been open-source reports which I can cite from that basically say the Kaspersky Lab has a long history connecting them to the KGB successor, the Russian security services,” Mr. Rubio said.

Would the experts use Kaspersky Lab security products and should senators use the Russian software? the senator asked.

“I’ll answer by no, I wouldn’t,” said retired Gen. Keith Alexander, former director of the NSA, “and I wouldn’t recommend that you do it either. There are better capabilities here that you can use.” Gen. Alexander said other U.S. security firms are more capable of dealing with cyberthreats and would be better at blocking those threats than Kaspersky.

Kevin Mandia, CEO of the cybersecurity firm FireEye was more circumspect.

“I think the way I’d address that is generally people’s products are better based on where they’re most located and what attacks they defend against,” Mr. Mandia said.

“My answer indirectly would be there would be better software probably available to you than Kaspersky to defend you here,” he added.

Thomas Rid, professor of security studies at King’s College, London, said he had no qualms about using Kaspersky products but recommended using competing security software in addition.

“A bit of a redundancy never harms, but it’s important to say that Kaspersky is not an arm of the Russian government,” Mr. Rid said.

Mr. Rid said he believes Kaspersky does not pose cybersecurity threats because it has publicized information about Russian cyberintrusion campaigns and digital espionage operations. “Name any American company that publishes information about American digital espionage,” he said.

U.S. security and intelligence agencies have warned against using Kaspersky software for government computers and networks.

In particular, the Pentagon’s Defense Intelligence Agency warned in March 2016 that the Russian company was planning to sell security software to American companies in charge of critical infrastructure that the intelligence service warned could be used by the Kremlin to gain access to industrial control systems. The DIA warned that use of the security software would weaken security for U.S. industrial control systems and so-called supervisory control and data acquisition software, or SCADA systems.

Kaspersky Lab has denied that use of its security products would weaken infrastructure control cybersecurity: “The alleged claims are meritless as Kaspersky Lab’s products and solutions are designed to protect against cybercriminals and malicious threat actors, not enable attacks against any organization or entity,” the company said in a statement.

“We are not developing any offensive techniques and have never helped, or will help, any government in the world in their offensive efforts in cyberspace,” the company added.

  • Contact Bill Gertz on Twitter via @BillGertz.

  • Return to