Operation Spiderweb – why telecom networks are the new Trojan Horse

By Philip Butterworth-hayes

Was Operation Spiderweb, the June 1 drone strike into Russian territory by the Security Service of Ukraine (SBU), an important step in the evolution of military drone tactics, a watershed moment in the history of warfare or a spectacular one-off? How should military planners recalibrate their systems and tactics to deal with such attacks?

Despite many claims to the contrary, Operation Spiderweb was a relatively low-tech operation –audacious and brilliantly planned but in technology terms relatively simple. There was no AI coordinated drone swarm attacks nor autonomous flight control.

Ukraine has for two years been researching ways to nullify Russia’s long-range cruise-missile strike capabilities, which have done so much damage to Ukraine, especially when loosely coordinated within a wider surface-to-surface missile, loitering munitions and short-range drone strikes.

The solution developed by its military planners was to exploit Russia’s mobile network as a key communications tool for Ukrainian drone strikes. SBU planners focused on the widespread use of the ESP32 cell-phone sim which allows controllers to manage drone flights over the LTE network, integrating both W-Fi and Bluetooth. The Ukrainian drones that attacked the airbases were controlled used Ardupilot over mobile network 4G/LTE comms, a methodology which has been used widely in the past in Ukraine and beyond. For example, a recent attack on an Indian airport by a grenade-carrying drone is understood to have used a similar technique.

The use of this LTE technology, rather than some of the more esoteric artificial intelligence (AI) based techniques which have been claimed for the operation, is both good news and bad for the world’s military forces wondering how they are to protect their vital assets from similar kinds of future strikes.

One of the lessons of the attack – beyond the obvious need to better defend critical infrastructure with layered air defence networks – will be that security agencies, aviation regulators and industry the world over will need to develop more robust ways of first identifying when un-licensed and/or hostile drone operators are using legacy telco networks for controlling drone flights – and then finding ways to mitigate this.

But in the military sector this is only partially worthwhile because by the time policies are in place to allow for this, the drone world will have advanced to an era of autonomy where there will be no telco messages to identify and block.

We are, for the moment, back in a world where the only real robust response against a new drone threat is to strengthen the last-ditch defences.

(Image: Shutterstock)

Share this:
D-Fend advert. Click for website