Vital Targets in the United States Remain Unsecure
American critical infrastructure remains compromised and defenseless against attacks. This fact has been laid out in multiple reports from the Department of Homeland Security, the Department of Energy, and the Electromagnetic Defense Task Force. U.S. Kinetic has previously analyzed these vulnerabilities. The assessments we made in previous articles regarding the threat of physical attacks against the power grid have been further confirmed by Marty Edwards, a former senior Department of Homeland Security official when he said, “All of the attention being paid to cybersecurity right now is important, but we have to remember that physical threats to the grid like this are quite real.” Now, newly uncovered documents reveal additional attacks that have taken place, targeting our power supply.
Drone Attack in Pennsylvania
A small drone, a DJI Mavic 2, with a thick copper wire attached underneath it was likely at the center of an attempted attack on a power substation in Pennsylvania last year, according to U.S. officials. The copper wire was most likely intended to cause a short circuit and damage transformers.
In their report, intelligence analysts assessed that this is the first time a drone has been used to carry out an attack against American infrastructure.
The Department of Homeland Security, Federal Bureau of Investigation, and the National Counterterrorism Center issued a Joint Intelligence Bulletin (JIB) on the incident that occurred in Pennsylvania last year.
ABC News obtained the document and released only a small portion of the report to the public. Some parts are labeled Law Enforcement Sensitive (LES) and For Official Use Only (FOUO). Other outlets have since obtained copies as well, which say that the attack took place on July 16th, 2020.
The location of the attack has been identified as an electrical substation in Hershey, Pennsylvania.
A portion of an annotated satellite image from a US Joint Intelligence Bulletin regarding a likely attempted drone attack on a power substation in Pennsylvania in 2020.
A satellite image showing the old Hershey factory in Hershey, Pa and the substation to the immediate northeast.
A closer view of the substation and the adjacent building where the drone was recovered last year.
"This is the first known instance of a modified UAS [unmanned aerial system] likely being used in the United States to specifically target energy infrastructure," the JIB states. "We assess that a UAS recovered near an electrical substation was likely intended to disrupt operations by creating a short circuit to cause damage to transformers or distribution lines, based on the design and recovery location."
The Joint Intelligence Bulletin states that this assessment is based in part on other unspecified events involving drones dating back to 2017.
The Drone Swarm Over Palo Verde
These unspecified events may partly be referencing what occurred at the Palo Verde Nuclear Generating Station in September of 2019. The Palo Verde station is the country’s most powerful nuclear power plant. On two consecutive nights, swarms of unmanned aerial vehicles were observed by the Headquarters Emergency Response Officer flying within the “protected” and “controlled” areas of the power plant.
Palo Verde Nuclear Generating Station as seen from the air.
This is the report from the first night that drones were spotted:
"Officer noticed several drones (5 or 6) flying over the site. The drones are circling the 3 unit site inside and outside the Protected Area. The drones have flashing red and white lights and are estimated to be 200 to 300 hundred feet above the site. It was reported the drones had spotlights on while approaching the site that they turned off when they entered the Security Owner Controlled Area. Drones were first noticed at 2050 MST and are still over the site as of 2147 MST. Security Posture was normal, which was changed to elevated when the drones were noticed. The Licensee notified one of the NRC resident inspectors.”
This is the report from the following night:
“Four (4) drones were observed flying beginning at 2051 MST [on Sept. 30, 2019] and continuing through the time of this report (2113 MST). As occurred last night, the drones are flying in, through, and around the owner controlled area, the security owner controlled area, and the protected area. Also, as last night, the drones are described as large with red and white flashing lights. Spotlights have not been noted tonight.”
Palo Verde Nuclear Generating Station.
The following is an overall narrative from Palo Verde security officials regarding the events:
"On 9/30/19 at approximately 2051 hours, it was reported by a Security Team Leader that Unmanned Aerial Vehicles (UAVs) were approaching the plant from the east (true east). The hours of darkness made it difficult to estimate the altitude at which the UAVs were flying. Two Security Team Leaders [redacted]. The UAVs appeared to have been launching from behind the mountain range at the intersection of Southern Ave and 361 Ave just east of the plant. Four UAVs were confirmed to have been spotted at one time flying northwest over Unit 1 and returning northeast over Unit 3. LLEA (MCSO) [Maricopa County Sheriff's Office] deputies were dispatched to the area of the mountain range with a Security Unit Team Leader in an attempt to determine the location of the UAV operators, but were unsuccessful. No other UAVs were observed after approximately 2300 hours."
"These UAVs are believed to have been the same UAVs that flew over the plant the night before on 9/29/19 at approximately 2020 hours."
The mountain range to the east of the plant. The facility is located in a desolate area roughly 24 miles from the very eastern edge of Phoenix's urban sprawl. Regardless of its lonely locale, millions live within 50 miles of the plant.
It remains unclear who was behind these unauthorized drone flights, the point of origin of the aircraft, and what their specific purpose was.
Who was Behind the Pennsylvania Attack?
The JIB also states, "To date, no operator has been identified and we are producing this assessment now to expand awareness of this event to federal, state, local, tribal, and territorial law enforcement and security partners who may encounter similarly modified UAS.”
The drone was reported to have its camera and internal memory card removed. Efforts were taken by the operator or operators to make it difficult for law enforcement to trace back the origins of the drone.
Image of the drone recovered in Hershey, PA. The green lines are nylon ropes. A copper wire was attached to the bottom ends of both lines.
Sophisticated Method of Attack
The use of a copper wire intended to cause short circuits appears to follow a similar method of attack used by the US military. During the Gulf War in 1991, Tomahawk Cruise Missiles were loaded with highly conductive carbon fiber wire and employed against Iraqi infrastructure to cause blackouts throughout the country. The US also dropped cluster bombs packed with graphite filament over Serbia in 1999, having a similar effect.
International and Domestic Drone Threats are on the Rise
The recent drone incident is a stark reminder that the threat from small, inexpensive drones will only continue to grow. They are becoming easier and more accessible for average people as well as those with nefarious intentions. We have seen terrorist organizations in the Middle East and even several drug cartels in Mexico utilize drones to employ improvised explosive devices. There have also been several cases of these weapons being used to assassinate high profile targets.
This incident in Pennsylvania last year highlights additional security concerns relating to Chinese-made small drones that are now widely available and even used within the U.S government, but not without controversy over how they may end up compromising our national defense capabilities.
DJI, Da Jiang Innovations (the maker of the drone used in Pennsylvania), is the largest Chinese drone maker selling products commercially in America today, and it has been at the center of these debates over recent years.
It is undeniable that drone threats are a reality that need to be taken seriously. As drones become more sophisticated with their capabilities for surveillance and sabotage against targets - like power plants, water treatment facilities, medical centers, etc. - we can expect these attacks will only get worse as the technology increases and the Department of Homeland Security continues to fall behind the power curve in protecting American infrastructure.