Dr. Currie Myers Interview of Morgan Wright, Cybersecurity and Cyberterrorism Analyst
"Our adversaries are watching how we handle this and will exploit flaws in future attacks or espionage operations." - Morgan Wright
I had the privilege to interview Morgan Wright this week regarding the drone activity that has increased in the last month or so in the United States, but particularly on the East Coast. Morgan is an internationally recognized expert on cybersecurity strategy, cyberterrorism, national security, and intelligence. He is a Senior Fellow at The Center for Digital Government, Chief Security Advisor for SentinelOne, and the chief technology analyst for Fox News and Fox Business. Morgan's landmark testimony before Congress on Healthcare.gov changed how the government collected personally identifiable information. Previously, Morgan was a Senior Advisor in the US State Department Antiterrorism Assistance Program, the Senior Law Enforcement Advisor for the 2012 Republican National Convention, taught behavioral analysis interviewing at the National Security Agency and spent a year teaching the FBI how to conduct internet investigations. In addition to 18 years in state and local law enforcement as a highly decorated state trooper and detective, Morgan has developed solutions in defense, justice, and intelligence for the largest technology companies in the world, including Cisco, SAIC, Unisys, and Alcatel-Lucent/Bell Labs.
Dr. Myers: Morgan, what are the main challenges in accurately identifying drones versus manned aircraft or other objects?
Mr. Wright: Training and technology. Only a small number of private citizens who have no formal military, intelligence, or law enforcement training could accurately identify manned vice unmanned aircraft. That’s not to say an average person couldn't detect a hobby or commercial drone. However, getting to the level of assessing and identifying state-sponsored purpose-built craft is challenging for highly trained personnel. The Chinese spy balloon exposed the limits of our technology. The airspace it operated in (a domain awareness gap) exploited NORAD's early warning and detection capabilities. Only after a civilian aboard an airliner spotted the balloon could the DoD go back and reconstruct the flight path.
Dr. Myers: Why do you think there has been an increase in drone sightings along the Northeast U.S. seaboard?
Mr. Wright: I believe some of the first sightings were legitimate. But then, ‘herd mentality’ took over. It’s similar to the Baader-Meinhof phenomenon called frequency illusion. Once you have decided on something (like buying a specific car), you pay more attention to it because it’s more relevant (selective attention). Then confirmation bias kicks in, and suddenly, you see the car you’re interested in everywhere. Or, Occam’s Razor suggests maybe it’s because there are actually more drones.
Dr. Myers: Could these sightings result from advances in drone technology, such as improved stealth capabilities?
Mr. Wright: During a classified briefing on Tuesday, 17 December, the DoD categorically denied any of the drones were their assets. If the drones were meant to operate clandestinely, it doesn’t seem operationally sound to have blinking lights all over them. However, I say that to say this: Stealth technologies are designed to make craft undetectable by radar—not the human eye. We can still see the B-2 Stealth Bomber. But its cross-section on radar resembles a hummingbird. One plausible explanation is that drone flights are designed to test radar detection against human observation. If the eyes could see it but not the radar, that would be a big problem.
Dr. Myers: How do factors like weather, human error, or environmental conditions affect drone detection?
Mr. Wright: Human error is likely the primary cause of misidentification. As a former Kansas state trooper stationed in southwest Kansas, I know that tornado season spawned many citizen reports of tornados, but not all of them were accurate. That’s where the advances in radar detection helped vector in trained spotters to confirm the radar output. If the weather is challenging for civilian aircraft to operate in, it would be rare that a hobby drone would be operating. More advanced drones can fly in inclement weather, making their detection by eye nearly impossible and by radar all the more challenging.
Dr. Myers: What national security risks are associated with unidentified drones in heavily trafficked areas?
Mr. Wright: Several things come to mind: terrorism, criminal activity, espionage, activism, and curiosity. We’ve already seen how the cartels are using drones for smuggling, surveillance, and even attacks using weaponized drones. In Ukraine, drones are used to attack armor and soldiers. Terrorist groups have also used weaponized drones for attacks, in addition to surveillance, disruption, and targeted assassinations (think Venezuelan President Nicolás Maduro).
Dr. Myers: How might drones be used for industrial espionage or surveillance along the seaboard?
Mr. Wright: The targeting of major ports, naval bases, and sensitive installations is all made easier with drones. These areas also have a high volume of air and ship traffic, and the ability to blend in with the crowded airspace would be pretty trivial. Also, many areas (like drilling rigs, ports, utilities, etc.) use drones for daily operations. If I were an adversary, I would ensure my activities look as mundane as possible. However, sensitive installations are also refining their defensive measures for drones. The ability to stand off and loiter is more difficult in military and national security areas than in commercial ones.
Dr. Myers: Could drones potentially disrupt commercial aviation or maritime traffic, and how serious is that risk?
Mr. Wright: Very serious for aviation. The news is replete with reports of civilian and military airfields halting flights due to drone activity. The movie Miracle on the Hudson is about the crash of US Airways flight 1549 into the Hudson after a bird strike took out their engines. Imagine a swarm of drones.
Dr. Myers: Are there known instances where drones have been used for illegal activities like narco-trafficking, and could that be a factor here?
Mr. Wright: Two major cartels - Jalisco New Generation Cartel (CJNG) and Sinaloa Cartel - both have been documented using commercial drones for smuggling. CJNG has used drones modified with explosives for attacks. I don't believe that is a cause of the recent drone sightings. Insofar as it affects the US, their activity is mainly along the southern border.
Dr. Myers: What are the risks associated with drones being weaponized for domestic or international terrorism?
Mr. Wright: Anybody could make one, and they’re difficult to detect and stop. Nuclear weapons are not DIY, but IEDs are. Counter-drone technology (C-UAS) is getting better. However, it’s still limited to military operations, which opens the door for domestic activity to overwhelm the ability of federal, state, and local authorities to mitigate and respond to attacks. The current situation shows how difficult it is to respond to only ‘reports’ of drones.
Dr. Myers: How likely is it that drones could be equipped with electronic warfare tools, such as signal jammers or hacking devices?
Mr. Wright: Already happening. The US Army is currently testing the Multi-FunctionElectronic Warfare-Air Large (MFEW-AL), intended to integrate with the MQ UAV platforms. Coyote Block 3 is thought to have a high-powered microwave to take out enemy drones.
Dr. Myers: Could these drones be used to deploy malware or disrupt critical infrastructure systems?
Mr. Wright: Absolutely. You go after power and water to bring a nation to its knees. One explosive-laden drone taking out a substation would be a game-changer. In 2022, a drone was discovered on the roof by a US firm that was outfitted with network intrusion devices that targeted unsecured networks. Drones can also become mobile hacking platforms, attacking other drones and infecting them with malware.
Dr. Myers: What steps can be taken to prevent drones from delivering harmful payloads in urban or industrial areas?
Mr. Wright: This is the $64,000 question. Radar can detect it, but you’ll need RF jammers or GPS spoofers to prevent it. That entails a host of legal restrictions because of the potential to interfere with other systems. Physical interception countermeasures are available, but they are not widely deployed or used.
Dr. Myers: Does the lack of electronic detection of the reported sightings suggest technological inadequacy in existing monitoring systems?
Mr. Wright: Yes and no. Yes, from a commercial perspective. We haven’t yet been able to distinguish a bird from a drone effectively and consistently. Now, from a military standpoint, it’s no. These systems are orders of magnitude better, but their power (and the law) prevents their deployment in civilian areas.
Dr. Myers: What role does regulatory oversight play in managing drone activities, and where are the gaps in current laws?
Mr. Wright: It’s very similar to the wiretap laws. The original statutes never envisioned the internet or Voice Over IP. Laws always lag technology, sometimes by ten years. The FAA has much to say about it but cannot investigate and enforce violations effectively. Someone intent on evading the law will modify their drone to avoid the technological restrictions imposed by the government on the manufacturer. Like the explosion of devices on the internet, the number of new drones operating makes for a challenging regulatory environment.
Dr. Myers: Should the U.S. government adopt stricter controls on drone usage or impose more robust monitoring in key areas?
Mr. Wright: Yes, to both. However, if there are no teeth in the law, more laws won't solve the problem. We need better monitoring and response in key critical infrastructure and sensitive installation areas. But detection alone doesn't solve the bigger issue - how to deter and prevent malicious or state-sponsored activity. There is an idea to use a version of OnStar embedded inside drones so that they can be shut down or manipulated if the need arises (but that comes with its own inherent set of problems). This won’t weigh down state-sponsors or criminal enterprises.
Dr. Myers: How can federal, state, and local agencies collaborate more effectively to address drone threats?
Mr. Wright: We need more structured reporting systems. Much of this currently tends to be reporting to local law enforcement, which is expected to flow the reports to the FAA regional centers. Fusion centers may have new requirements, but that is still limited. Not every area of the country is affected the same. More transparency and better technology are the starting points.
Dr. Myers: What technologies or methodologies should law enforcement prioritize to improve drone detection and mitigation efforts?
Mr. Wright: Detection capabilities will come long before mitigation. The National Institutes of Justice has researched the impact of contraband and drones in correctional facilities. This will help develop broader strategies.
Dr. Myers: How can private industry, particularly in IT security, contribute to identifying and neutralizing drone-related threats?
Mr. Wright: DHS should provide standardized training for critical infrastructure at a minimum. Advanced research projects (whether DARPA or HSARPA) must collaborate with the private sector to understand requirements and develop commercially viable solutions. Private industry shouldn’t wait for the government to act. When President Clinton signed PDD-63 in 1998, the financial services sector created the first ISAC, Information Sharing Analysis Center, which started in 1999.
Dr. Myers: If the reports are not adequately investigated or resolved, what are the long-term implications for public safety, trust in government agencies, and national security?
Mr. Wright: Trust in government is already at an all-time low. Right now, the worst thing that could happen is to disparage or minimize the public reporting. To them, what is perceived is real. We could end up with the government ignoring the valid concerns of the public, only to find out there was actually a ’there’ there. The public must be able to trust what the government tells us, especially in times of crisis. Our adversaries are watching how we handle this and will exploit flaws in future attacks or espionage operations.
Dr. Myers: Morgan, my friend, it’s always a pleasure to catch up with a fellow former Kansas Trooper and to get your thoughts and opinions on these important technology issues of the day! Appreciate our work!
To keep up with Morgan Wright’s published works, opinions and interviews you can visit Insight and Analysis - Morgan Wright.