portland independent media center  
images audio video
newswire article reporting global

imperialism & war

20 June 2019: Iran Shoots Down U.S. Military Drone Over Persian Gulf

A United States military unmanned aerial vehicle (UAV aka 'drone') has been shot down by an Iranian surface-to-air missile (SAM) over the Persian Gulf.

Iran has claimed that the drone was flying over Iranian territorial waters, but the Pentagon has released a map showing the full flight path of the Navy-operated drone along with its point of destruction. Iran claims that during a 'second pass' of its flight, the drone violated their territorial airspace and waters where they engaged it with the SAM battery.

The unmanned aircraft shot down was a version of the Northrop Grumman RQ-4 designated BAMS-D (Broad Area Maritime Surveillance-Demonstrator) — this is a pre-production test series of only 4 vehicles, built since 2012, for medium- and high-altitude ocean surveillance by the United States Navy. (The fully operational, production version of the BAMS drone is called the MQ-4C Triton; these aircraft have begun production but are not scheduled to be deployed by the Navy in this area until later this year.)

From Naval Support Activity Bahrain, Task Force 57 provides airborne maritime patrol and reconnaissance using BAMS drones and other assets throughout the U.S. 5th Fleet area of operations including the Arabian Gulf, Gulf of Oman, Red Sea and parts of the Indian Ocean.

India (Iran's second largest petroleum customer after China) has deployed some of its naval vessels and maritime surveillance aircraft to the Gulf region in response to the latest actions.
An Indian Navy spokesperson stated that the deployments are to provide "security" for Indian-flagged ships traversing the waters between Iran, Oman and Saudi Arabia.

homepage: homepage: http://en.wikipedia.org/wiki/Northrop_Grumman_MQ-4C_Triton

Pentagon-released map of drone flight path & shoot-down over Persian Gulf 20.Jun.2019 21:41



Strait of Hormuz location and territorial waters — 20.Jun.2019 22:19


At its narrowest, the strait is just 21 nautical miles wide, and ships passing through it must enter the territorial waters of Iran and Oman. Under the rule of the shah in 1959, Iran extended its territorial waters to 12 nautical miles and declared it would recognize only "innocent passage" through the area, essentially excluding warships engaged in activities deemed hostile. Oman also claimed a 12-mile territorial limit in 1972 and later demanded that foreign warships obtain permission to pass through its waters. The United States does not recognize any restrictions on transit through the strait.

Pentagon secretly struck back against Iranian cyberspies targeting U.S. ships 21.Jun.2019 17:35

[Yahoo News]•June 21, 2019

Jenna McLaughlin, Zach Dorfman and Sean D. Naylor

WASHINGTON — On Thursday evening, U.S. Cyber Command launched a retaliatory digital strike against an Iranian spy group that supported last week's limpet mine attacks on commercial ships, according to two former intelligence officials.

The group, which has ties to the Iranian Revolutionary Guard Corps, has over the last several years digitally tracked and targeted military and civilian ships passing through the economically important Strait of Hormuz, through which pass 17.4 million barrels of oil per day. Those capabilities, which have advanced over time, enabled attacks on vessels in the region for several years.

Though sources declined to provide any further details of the retaliatory cyber operation, the response highlights how the Gulf has become a staging ground for escalating digital--as well as conventional--conflict, with both the United States and Iran trying to get the upper hand with cyber capabilities.

The retaliatory cyber response follows several weeks of mounting tension in the region, which appeared set to boil over after last week's attacks on two oil tankers in the Gulf. U.S. officials blamed Iran for the attacks and threatened to strike back if U.S. interests in the region were harmed. Then, on Thursday, Iranians shot down a $240 million U.S. spy drone.

In response, President Donald Trump initially authorized--but then decided against--targeted military strikes on Thursday night. He said in a series of tweets Friday morning that he pulled back before any missiles were launched when he learned 150 Iranians might die.

Meanwhile, multiple private U.S. cyber intelligence firms have reported attempts by Iranian hackers in recent weeks to infiltrate U.S. organizations. U.S. officials told the Wall Street Journal they fear heightened escalations not only in physical space but in cyberspace as well.

The National Security Council declined to comment on the Iranian cyber group or the U.S. Cyber Command response. The National Security Agency, U.S. Central Command and the Navy all directed Yahoo News to U.S. Cyber Command for comment. Cyber Command did not immediately respond to a request for comment. Heather Babb, a Pentagon spokeswoman, told Yahoo News that "as a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence or planning."

Iran's cyber capabilities are not the most sophisticated, at least compared to the United States, but they are getting better. Tehran's ability to gather information and unleash offensive operations have developed significantly in the last decade or so, particularly after Iranian centrifuges at the Natanz uranium enrichment plant were struck by a malicious computer worm created by U.S. and Israeli intelligence and first revealed in 2010.

"After the Stuxnet event, Iran really cranked up its capability," said Gary Brown, who served as the first senior legal counsel for U.S. Cyber Command and is currently a professor on cyber law at the National Defense University. Brown cited Iran's cyber attacks on global financial institutions, Saudi Aramco, and Sands Casino. While unfamiliar with current activities, Brown told Yahoo News Cyber Command has long been interested in Iranian cyber capabilities and "undoubtedly they're continuing to track them," he said.

An RQ-4 Global Hawk unmanned aircraft. (Photo: U.S. Air Force/Bobbi Zapka/Reuters)

The Persian Gulf and the Strait of Hormuz, the narrow bodies of water separating Iran from the United Arab Emirates and Bahrain, which is home to the U.S. Navy's 5th Fleet, are obvious intelligence targets for Iran.

"Frankly it's going to be standard ops for them to track who's going in and out of the Gulf, to track all U.S. and allied warships going through, whether it's the aircraft carriers or whatever, they're going to track that very, very closely," said retired Army Maj. Gen. Mark Quantock, who was Central Command's director of intelligence from 2016 to 2017.

How Iran managed to gather that information, given its lack of traditional military resources, at least compared to the West, has been relatively creative. In recent years, according to John Hultquist, the director of intelligence for threat intelligence firm FireEye, Iranian cyber spies have targeted U.S. Navy sailors, particularly those in 5th Fleet, to gather information.

One method those operators used was to assume false personas on social media for "honey-potting" or catfishing operations. "They use social media to look for vulnerable sailors on ships ... our Navy ships and probably other people's navy ships too," said James Lewis, a cyber expert at the Washington, D.C.-based Center for Strategic and International Studies.

The Iranians would pretend to be attractive young women looking to connect with a "lonely seaman" to gather intelligence about ship movements, according to three former U.S. intelligence officials familiar with the operations. The attempts weren't limited to Facebook; some of the efforts extended to Pinterest and other niche social networking sites.

There were "many" successful examples of these Iranian cyber-honeypot operations, said one former intelligence official. "They were doing it at scale."

Naval personnel would divulge information of various levels of sensitivity—such as when and where they were traveling—while ignorant of the true identity of their interlocutors, said the former official. In addition to helping the Iranians track the movement of U.S. ships and personnel, these operations also helped them build out organizational charts of U.S. military units, the former official said.

Iran's targeting efforts in this area became notably more sophisticated in recent years, according to the former intelligence official. Cruder past efforts--featuring profile pictures of women in bikinis, who would immediately ask U.S. military personnel for information on when they were coming to port--gave way to a subtler, more time-consuming approach. The Iranians employed pictures of attractive, but fully clothed, women who would strike up online conversation with American servicemen over weeks, developing the fictitious relationships in order to nudge them into volunteering the desired intelligence.

"There was a pretty substantial campaign going all the way up to [U.S. Navy] leadership at one point," said Hultquist. FireEye has analyzed one Iranian group it calls Newscaster which has frequently used fake social media profiles to gather information, and has been tied to at least one destructive attack, he told Yahoo News.

The Department of Justice revealed a similar Iranian intelligence gathering method in its recent indictment against former Air Force Special Agent and counterintelligence officer Monica Witt, who defected to Iran in August 2013.

After Witt defected, Iranian officers targeted current and former U.S. government officials using "fictitious and imposter personas" created on Facebook and through email, according to the indictment. Improvements to Iran's targeting programs over social media coincided roughly to Witt's defection, and her insights into U.S. practices almost certainly helped catalyze some of these changes, said two former officials.

Still image from a U.S. military handout video purports to show Iran's Revolutionary Guard removing an unexploded limpet mine from the side of the Kokuka Courageous on June 13. (Photo: U.S. military/handout via Reuters)

However, social media was not the only way the cyber spies used to keep track of ships in the region. For example, they also would track U.S. naval movements in the region by hacking into ship tracking websites, according to one former intelligence officer.

Iranian intelligence officers are also capable of hijacking digital systems used in drones, and potentially even in ships, to spoof the GPS location of the device and plug in false coordinates. "They've been thinking a lot about drone capture because we've been flying drones over them for years," said Lewis.

In 2011, Iran claimed to have achieved this capability and said it redirected an American drone to Iran's shores. Two former intelligence officials confirmed Iran is capable of doing this and noted that this tactic could be useful in fooling a ship's automatic tracking system.

Iran collects intelligence on ships passing through the Strait of Hormuz not just to identify their locations, but also to enable attacks, if necessary, according to multiple former intelligence officials. "If I have tactical information about when that ship is coming, I can launch a rocket attack," said a former intelligence official.

Iran's cyber operatives facilitated intelligence gathering used in multiple ship attacks over the last several years, including in 2017 when Houthi rebels attached bombs to remote-controlled boats targeting vessels belonging to the UAE and Saudi Arabia, according to multiple former intelligence officials interviewed by Yahoo News.

For Iran, projecting strength into the Strait and keeping a close eye on maritime targets is of utmost importance.

"It doesn't entirely surprise [me] to find out that there's yet another way in which Iran is trying to find ways to flex its muscles, in particular regarding shipping in the Gulf," said Matthew Levitt, director of the counterterrorism program at the Washington Institute for Near East Policy.

"Iran is trying to respond to the U.S. maximum pressure campaign, in particular, now that still tougher measures have been taken to constrict the amount of oil Iran is able to ship and the amount of money it can get for it."