BLD Red Teaming – Case Study from World Cup 2022

Blue Lights Digital is delighted to let visitors to the Security & Policing 2023 event know that our very own UAS specialist call sign, Gratis, will be at the show all week. Come and see us at stand D113, if you would like to discuss UAS, Counter UAS alongside SteelRock, our partner on the stand, or our upcoming training on UAV field triage, Digital and HSA forensics along with the professionalisation of usage of CUAS in public places. Here is an extract from Mission 1, Sorties 1 and 2 of the Unmanned Aerial Systems & Counter Unmanned Aerial Systems (CUAS) Red Teaming exercise of the 2022 FIFA World Cup in Qatar from the exercises Red Team Commander, Gratis.

UAV case study Qatar 2022After a daily 7 am day brief in the hotel. We waited out the heat of the day going over plans, testing equipment and going through checklists. At 1 pm we all met up at Stadium 974, named after the international dialling code of @Qatar.

By the time security was cleared, orders had been issued, and Blue and Red were in place, it was 4 pm. This was mission 1 of 3 to take place from a set of 10 scenarios of three serials. This was the beginning of the end of a 12-month process.

Sortie 1 was Scenario 4: “They are watching you”. Take off (TO) 15:32. Good light.

This was a pop-up sortie. Part of our testing was to ensure the Venue Operations Centre (VOC) could see some of our drones. The task waspretty simple. Set an altitude and pop up with a radio call for detection acknowledgement from the VOC. Confirm landing and then end the sortie. This also acted as a flight-worthiness check for the UAVs for more complex and difficult sorties later in the day or night.

Sortie 2. Scenario 7: “We cannot attack a herd. This one is alone.” Take off (TO) 16:00. Light fading.

As the radio crackled to the sound of “Helsinki in position”, followed by “Rome in position”, the mission was on. Only 2.2 kilometres of water to clear flying at 30ft above the light waves. Wind direction was 5 knots westerly across the flight vector, so drift was a manual flight correction by Gratis. Risks identified and planned for on these sorties were drift on effect to the east of 974.

This risk planning is critical to getting CAA and event permissions to fly and essential that the pilots know how to recover and deal with these risks. Red Teaming is 95% planning and 5% doing.

The Red Team commander, call sign Gratis, from BLD relayed the following commands through the observer from Interpol. “Get on comms please and say the following”. “Doc Receiving”, The observer call sign Reykjavik pushed the Tetra radio button to speak “Doc receiving” the radio bleeped. A reply came through shortly after: “Doc receiving. Go ahead”. Gratis then went into mission mode. Holding the radio now “All pilots in position, All test flights complete. Seeking permission to fly on Sortie 2”. He handed the radio back to the observer. Gratis had his personal drone, Yoda, ready with thumbs on sticks. The moment was here to Red Team or in other words, attack, what would be in a month’s time one of the most famous places on earth, playing out the FIFA World Cup 2022.

At last, after three hours of 40-plus degrees Celsius in the direct sun without shade on a spit of land still under development in the Cruise Liner docks, we were about to launch a purpose-built TBS Discovery drone at a stadium across the water, brimming with counter UAV technology. We had tested three drones to fly, but two (Chewy and R2) were unable as they were DJI off-the-shelf and the international airports, both within 3 km, had no flight zones in place with DJI. So, the TBS built by Gratis and known as Yoda was the only long-range drone left in the toolkit to do the job on this vector. The other pilots’ call signs: Rome, Doha and Helsinki, had their drones near the stadium. One belonged to the Police which we used to confuse at the rear where the Police pilots were. One small UAS known as Devil, which had limited detection on the CUAS systems, was to harass from a hotel attached by a beachfront to the stadium, and then Yoda coming in low and fast from the sea. There was also a trick (allowed in the Rules of Engagement) that we deployed too; however, we’ll keep that one to ourselves. That trickery had the call sign Ghost.

UAV case study Qatar 2022Gratis was in position at 25°18’20.3″N 51°33’09.3″E.

This was decided many days before on a recon. The recon involved some tradecraft in gaining access to an international port without detection. We have a driver provided by the MOI to thank for access. The port had a clear line of sight to the 974 stadium. The flight vector or flight corridor was between two flight paths into airports. There was water to obfuscate the UAV from detection and enough land to get the UAV back to avoid a Nemo (when the UAV is lost to effectors or kinetics and goes in the water).

This RTH instruction was part of the Rules of Engagement (RoE) set by the Qatar authorities. Part of the complexity of Red Teaming is the constraints.

UAV case study Qatar 2022

• Our sorties had to stay within localised regulations and legislation.
• We must have open comms with the Blue Team who will be given one of our radio sets.
• We must meet CAA rules and have Return to Home (RTH) pre-set for safety on all UAVs that fly.
• We also had to fly within common Radio Frequency spectrums used on UAVs.

Gratis had paced out 20 meters and set the RTH for the middle of the road to avoid Nemos on either side of the road. That was deep sea for Cruise liners to berth. An RTH that would cause some excitement later for the locals.

“Gratis Receiving”. The observer held up the radio to Gratis with push-to-talk on. “Gratis go ahead”.

Doc, who was in the Venue Operations Centre (VOC) watching over the operation as Red Team overwatch, gives the command “Permission to fly. Start Ex”. Doc was highly experienced in keeping the skies of London safe at major events. He was the Red Team’s eyes and ears inside venue operations and watching over the beating heart of the Blue Team. His role was safety and observing how the venue dealt with the pilots. He could also relay releases to the sometimes trigger-happy CUAS units on the ground.

Gratis starts the motors on Yoda with a thumbs-out on the non-standard controller and asks for the observer to hold the radio up to his mouth. “All pilots, this is Gratis. Standby to fly… Rome Launch”. Seconds later, as if on tenterhooks, “Rome, Gratis. Doha in the Air”. Doha was the call sign for the Police Drones and Pilots Rome had recruited for our cause.
“Helsinki Launch”. Again, almost instantaneously the reply over the radio “Helsinki, Gratis. Devil in the air”

Yoda’s carbon fibre blades now gave that distinctive UAS noise as it rose into the air and headed off at roughly 55 kilometres per hour accounting for cross winds at 4-5 knots.
“Helsinki, Gratis. Yoda in the air on planned bearing, relay contact when sighted”. Yoda was sent into the distance towards the stadium and Helsinki who had binoculars had to relay and assist in manoeuvring Yoda over the stadium by relaying positions if the cameras on board were affected. Reykjavik watched as Yoda flew into the distance, mouth open, listening to the radio chatter that was now picking up with Blue Teams all around 974 hunting every spec and movement in the sky.

As planned for in this situation, the radio becomes hot with reports and calls of contact and release requests, which are part of the safety RoE.

“Rome. Contact! We are affected. Doc request release at South end of 974”.
“Helsinki, Gratis. I cannot see Yoda, confirm you’re still in flight”
“This is Rome. We are still being affected. Please stop affecting! Release. Release!”.
“Gratis, Helsinki. Yoda still inbound. Still in sight of Gratis on EVLOS”
“This is Rome. Doc, please tell VOC to issue command to stop affecting Doha’.
Then the inevitable for us at the port. “Gratis, Helsinki. Yoda is affected and now BVLOS. I say again Yoda is BVLOS. We have no control. Please observe for RTH”.

With the chatter ongoing, Reykjavik observing turned to Gratis, who was looking across the horizon trying to find where Yoda was. “What now?” he asks.
“All we can do is get eyes-on and get an LZ for recovery, or wait for RTH”.

The UAV was hit by the CUAS Blue Team with their radio frequency jamming rifles set to 2.4 and 5.8 Giga Hertz. Yoda was hit over 2.3 km away from its Take Off Zone (TOZ) and was now fully autonomous near the stadium or out to sea somewhere. The sticks (controller) no longer worked, and the Drone was going to either land where it was affected, if it couldn’t get GPS back, or if the programming on the independent RTH on Yoda worked, come back home.

A few minutes later a black drone came into view at 100ft in altitude (set in RTH) and was racing towards our position. As it hovered over the spit of land, Gratis jumped out into the road in front of a bus to indicate there was an object about to appear in their view. The bus flashed its lights to get Gratis out of the road, as he pointed into the sky, and then slowed down with the passengers all now raising their phones to the windows as Yoda slowly descended into the middle of the road and landed. Gratis, wearing chinos and an Interpol T-shirt, gave a wave to the passengers and casually walked off with the drone. We wonder what stories were told that night of the strange events of the day in the port.

Yoda was brought back to the TOZ, marked out on the pavement, batteries swapped, test flight and popped up to 30 ft and landed ready for sortie 3.

About this Case study and references:

This extract is a representation of 2 sorties which had months of careful planning. A team of experienced UAV experts were brought together to build confidence, test capabilities and embed the learning from even more months of education provided by partners of the Qatar events management of the World Cup. The Interpol Stadia project was asked to develop the Red Teaming for Qatar and share the learning with their member countries. BLD was chosen to support the Capacity Building of the events UAS and CUAS already in place. Gratis was selected as the Red Team Commander due to operational UAS expertise, programme management and capacity-building frameworks previously developed with Interpol.

This Red Teaming could not have taken place without the excellent education and resilience team building by Shaun from GSDM with his expert team and accomplished Gratis hunters, TJ and Joe, along with the live event Operations Commander for CUAS, Nico, from the French Gendarmerie.

Faisal, Chris, Cassandra & Aurelie from Interpol arranged logistics, permissions and project-managed the expert groups reporting and findings.

The Red Team were Gratis of BLD, Rome and Helsinki from Drone Alert and Doc from SteelRock, on his first week in retirement from the UK’s Metropolitan Police. A special reference for the Qatar team, Capt. T, Capt. R and Mohammed: Without your leadership and resources nothing would have happened. Thanks for the arrest on the way out. Nice touch!

The planning needed for this type of event should not be underestimated. From the Learning Needs Analysis, LNA, to the issue of Standard Operating Procedures (SOPs) developed from the Concept of Operations (CONOPS) as well as the Rules of Engagement (RoE) and permission to Fly (PTF) from the CAA. As a Red Team partnership and orchestrated ecosystem, BLD and Drone Alert can supply pilots, Sec Ops, design event outcomes and train the methodologies needed to maintain security. We can fly in-spectrum or out-of-spectrum. We have advanced Digital Forensics and can build specialist UAVs. With RoE or without. We have CUAS systems, and we have Counter CUAS systems for Government use only, as well as the advanced UAS needed to test them.

If you would like to speak to Gratis. Visit BLD at S&P on stand D113.

Blue Lights Digital endorsed by the Police Crime Prevention Academy

PCPA 'Endorsed'

The Police Crime Prevention Academy announces today that it can assist police forces and other organisations in the highly specialist fields of digital forensics and digital investigations.

This follows the Academy’s endorsement of Blue Lights Digital, a UK-based provider of professional training, consultation and investigation services covering digital investigation and digital forensic products and strategies.

Academy Head, Guy Collyer, explained that this is a major milestone for the Academy, which was founded in 2017 by Police Crime Prevention Initiatives (Police CPI), a not-for-profit organisation owned by the UK Police Service which has become a ‘major catalyst for crime prevention’.

The Academy is now an established crime prevention learning and development supplier providing accredited qualifications recognised by UK employers and courses for the public and private sectors.

It also runs the ‘PCPA Endorsed’ scheme, whereby companies who are not in competition with the Academy can apply to be scrutinised in order that they can achieve the PCPA Endorsed standard. Successful applicants will be able to use the logo and will be listed on the Academy website.

Clients have included Police Forces in England and Wales, Police Scotland, the Police Service of Northern Ireland and An Garda Siochana – the police force of the Republic of Ireland, as well as security organisations like the military police, local authorities and community safety partnerships.

Courses include an Introduction to Crime Prevention; Crime Prevention for Practitioners; Designing Out Crime; Prevention of Extremism and Terrorism; and Problem Solving.

Guy explained: “Having Blue Lights Digital as a ‘PCPA Endorsed’ supplier means that if police forces want training in digital investigative skills, we can make recommendations in the knowledge that this is a fit for purpose organisation which meets our standards as well as complementing what we provide.”

Blue Lights Digital, which is based in the Officers’ Mess Business Centre, Duxford, Cambridge, has strong links to law enforcement and military.

Claire Stanley, Business Development Manager, Blue Lights Digital (BLD), said: “Our team of trainers draws on decades of experience in law enforcement combined with in-depth knowledge of an array of tools to design and deliver both certified and bespoke training courses to any audience.

“BLD trainers are able to travel throughout the UK and worldwide to schedule deliveries to suit client circumstances, or alternatively we can offer many training options remotely, to groups who may be spread geographically.”

Paul Young, Head of Learning & Futures, BLD, said: “The endorsement from PCPA is an important milestone for us in BLD. The application of digital investigation skills has evolved and should form as much a part of prevention as it does being a key enabler for investigation.

“I am hugely grateful that our services have been recognised in this way and I look forward to delivering real value, working with our existing partners and forging new collaborations.”

As a ProQual Approved Centre, the Academy offers an exclusive link to another Police CPI initiative – Secured by Design, which was set up in 1989 to work with the Police Service around the UK, to raise product security standards to deter and reduce crime in new build and refurbished homes.

The Academy maintains close working links with the National Police Chiefs’ Council and senior police officers from across the UK as well as with subject matter experts, academics and policymakers to ensure that qualification and course content is current for delivery and assessment. For more information and to see the Academy prospectus visit:
https://www.crimepreventionacademy.com/images/PCPA_PROSPECTUS_2021-22_LR.pdf

Police Crime Prevention Academy
Tel: 0208 0160 999
Email: info@crimepreventionacademy.com
Visit: www.crimepreventionacademy.com

Blue Lights Digital
Tel: 01223 919607
Email: enquiries@bluelightsdigital.com
Visit www.bluelightstraining.com

BLD Cryptocurrency Training – City and Guilds Accredited

July 2020 News Release – HancomWITH – MD-NEXT – iOS Full Filesystem (Checkm8) Extraction

August 2020 News Release – HancomWITH – Smart Folders