I don’t normally post about military or political events here, but this this article had a specific technology angle to it, and I thought it was too interesting to ignore.
From Aviation Week:
Syrian President Bashar al-Assad said the Israelis struck a construction site at Tall al-Abyad just south of the Turkish border on Sept. 6. Press reports from the region say witnesses saw the Israeli aircraft approach from the Mediterranean Sea while others found unmarked drop tanks in Turkey near the border with Syria. Israeli defense officials admitted Oct. 2 that the Israeli Air Force made the raid.
The big mystery of the strike is how did the non-stealthy F-15s and F-16s get through the Syrian air defense radars without being detected? Some U.S. officials say they have the answer.
U.S. aerospace industry and retired military officials indicated today that a technology like the U.S.-developed “Suter” airborne network attack system developed by BAE Systems and integrated into U.S. unmanned aircraft by L-3 Communications was used by the Israelis. The system has been used or at least tested operationally in Iraq and Afghanistan over the last year.
The technology allows users to invade communications networks, see what enemy sensors see and even take over as systems administrator so sensors can be manipulated into positions so that approaching aircraft can’t be seen, they say. The process involves locating enemy emitters with great precision and then directing data streams into them that can include false targets and misleading messages algorithms that allow a number of activities including control.
A Kuwaiti newspaper wrote that “Russian experts are studying why the two state-of-the art Russian-built radar systems in Syria did not detect the Israeli jets entering Syrian territory. Iran reportedly has asked the same question, since it is buying the same systems and might have paid for the Syrian acquisitions.”
I find it a little surprising that your could commercialize an exploit like this. I’ve done enough security software work to know that it’s not surprising that any system engineered in the last 50 years would have vulnerabilities. Thanks to the ongoing wars over security on the Internet, in fact, our ability to “crack” into systems seems to be growing at a rapid pace.
That being said, when an exploit is discovered, typically a patch is quickly produced. For example, if they find a serious exploit tomorrow in a common piece of networking equipment, like a Linksys home router, typically a software patch would be quickly released to block that exploit.
As a result, if an exploit like this existed in serious military systems, you’d think that a patch would be quickly released to block it. The lead times to produce military systems in volume would seem to preclude commercializing an exploit the way this article describes.
Then again, I guess the exploit would have two things going for it:
1) The exploit would not be used frequently, making it hard for the enemy to “simulate” or understand the exploit well enough to produce a patch.
2) Not everyone keeps up-to-date with their security patches… do you?
It would be a fascinating turn of events if the next-generation military advantage did not depend on speed, munition strength, or even targeting & accuracy. Instead, the real advantage could go to the force who could most rapidly disable and coopt enemy systems.
2 thoughts on “Electronic Warfare: Israel’s Syria Bombing Raid”
> Instead, the real advantage could go to the force who
> could most rapidly disable and coopt enemy systems.
Anyone who’s seen the first few episodes of Battlestar Galactica could tell you that. The more you rely on tech, the more open you are to its exploitation.
On the other hand, this is nothing new. As long as warfare has existed, the spoils have gone to those who best exploited the chinks in their opponents defenses. Those exploits are just getting more sophisticated as the technologies does likewise.
“As a result, if an exploit like this existed in serious military systems, you’d think that a patch would be quickly released to block it. The lead times to produce military systems in volume would seem to preclude commercializing an exploit the way this article describes.”
The patch isn’t always quickly available, since many of vulnerabilities discovered by security researchers aren’t reported to directly to the vendors who can release a patch. These 0-day vulnerabilities are a perfect way to compromise enemies’ systems which may appear to be embedded devices, but in fact run operating systems like Windows/Linux/Solaris variants. At this point, it’s fair to assume that countries like China, USA, Russia (and others with strong focus in CS) are finding new vulnerabilities, using them for defense purposes and eventually letting the primary software vendors know them after they become less useful from penetration perspective.
Comments are closed.