How Equipment Left In Afghanistan Will Expose US Secrets

Taliban fighters atop a Humvee vehicle take part in a rally in Kabul on August 31, 2021

Taliban fighters atop a Humvee vehicle take part in a rally in Kabul on August 31, 2021 Photo by HOSHANG HASHIMI/AFP via Getty Images

Even rendered inoperable, equipment now in the hands of the Taliban will yield troves of information about how the U.S. builds weapons and uses them.

The ultimate winner of two decades of war in Afghanistan is likely China. The aircraft and armored vehicles left behind when U.S. forces withdrew will give China—through their eager partners, the Taliban—a broad window into how the U.S. military builds and uses some of its most important tools of war. Expect the Chinese military to use this windfall to create—and export to client states—a new generation of weapons and tactics tailored to U.S. vulnerabilities, said several experts who spent years building, acquiring, and testing some of the equipment that the Taliban now controls. 

To understand how big a potential loss this is for the United States, look beyond the headlines foretelling a Taliban air force. Look instead to the bespoke and relatively primitive pieces of command, control, and communication equipment sitting around in vehicles the United States left on tarmacs and on airfields. These purpose-built items aren’t nearly as invincible to penetration as even your own phone. 

“The only reason we aren’t seeing more attacks is because of a veil of secrecy around these systems,” said Josh Lospinoso, CEO of cybersecurity company Shift5. “Once you pierce that veil of secrecy…it massively accelerates the timeline for being able to build cyber weapons” to attack them. 

Lospinoso spent ten years in the Army conducting penetration tests against radios, small computers, and other IT gear commonly deployed in Afghanistan. 

Take the radios and communications equipment aboard the Afghan Air Force C-130 transport plane captured by the Taliban. The Pentagon has assured that the equipment was disabled. But if any of it remains on the plane an adversary with time and will could pick those apart one by one. 

“You now have some or all of the electronic components on that system and it's a representative laboratory; it’s a playground for building, testing, and iterating on cyber-attacks where maybe the adversary had a really hard time” until he obtained actual copies of the gear, Lospinoso said. “It is the playground for them to develop attacks against similar items.”

Georgianna Shea, who spent five years at MITRE helping the Pentagon research and test new technologies,  said the loss of key equipment to the Taliban “exposes everything we do in the U.S., DOD: our plans of action, how we configure things, how we protect things. It allows them unlimited time and access to go through and find vulnerabilities that we may not be aware of.”

“It’s not just a Humvee. It’s not just a vehicle that gets you from point A to point B. It’s a Humvee that’s full of radios, technologies, crypto systems, things we don’t want our adversaries getting a hold of,” said Shea, now chief technologist at the Foundation for Defense of Democracies’s Transformative Innovation Lab. 

Of particular concern are the electronic countermeasures gear, or ECMs, used to detect improvised explosive devices.

“Imagine the research and development effort that went into develop those ECM devices that were designed to counter IEDs,” said Peter Christensen, a former director of the U.S. Army’s National Cyber Range. “Now, our adversaries have them. They’re going to have the software and the hardware that goes with that system. But also develop capabilities to defeat or mitigate the effectiveness of those ECM devices.”

Gear that has been “demilitarized” or “rendered inoperable,” as U.S. officials described the planes and vehicles left behind, can still reveal secrets, Shea said.

“In some cases, this equipment was fielded with the assumption we would have gates and guards to protect it. When it was developed, no one thought the Chinese would have it in their cyber lab, dissecting it, pulling it apart.”

Once an attacker has physical control of a device, little can stop her from discovering its vulnerabilities—and there are always vulnerabilities, Shea said.

Under current acquisition practices, most new defense gear is not tested for vulnerabilities until late in the design process. Testers often receive far too little time to test comprehensively. Sometimes they get just two weeks, she said, and yet “they always find something. Always.” 

“Regardless of the previous testing that’s been done on compliance, they always find something: always… “They’re very backlogged and don’t have an unending amount of resources,” she said. So you have to schedule development with these testers. There’s not enough resources to test it to the depth and breadth that it should be to understand all of the vulnerabilities.” 

Plans to fix newly discovered vulnerabilities “were often inconsistent or inadequate,” Christensen said. 

Lospinoso, who spent years conducting such tests for the Army, still performs penetration testing for the U.S. military as a contractor. He says a smart hacker can usually find useful vulnerabilities  in hardware “within hours.” 

When such a network attack disables a radio or a truck, troops are generally not trained to do anything about it. They may not even realize that they have been attacked, and may chalk up problems to age or maintenance problems.

“Every time we run an attack against a system, knocked out a subcomponent or have some really devastating effect that could cause loss of an asset—every time, the operator in the cockpit says, ‘We do not have operating procedures for what you just did,’” Lospinoso said. 

Little of this is new. In 2017, the Government Accountability Office highlighted many of these concerns in a blistering report.

More than just insight into network vulnerabilities, the abandoned vehicles and gear will help China understand how U.S. forces work with partner militaries, said N. MacDonnell Ulsch, the CEO and chief analyst of Phylax Analytics. 

“If you were to take all of the technology that was currently deployed in Afghanistan by the [United States] and you made an assessment of that, you have a point in time and a point in place reference of what the status quo is; what technology is being used, how much it costs, what’s it capable of doing and you realize it’s going to a developing nation,” Ulsch said.

China can use the knowledge to develop their weapons and tactics, but also to give their arms-export sales team an edge, he said. The Taliban have highlighted their nascent partnership with China as perhaps their most important foreign diplomatic effort. China, meanwhile, has already begun giving millions in aid to the new regime.

Whatever vulnerabilities China does discover will likely imperil U.S. troops for years to come, Lospinoso said. 

 “There is a zero percent chance we will go back and re-engineer” all of the various systems with serious cyber vulnerabilities, he said. “We are stuck with billions and billions in weapon systems that have fundamental flaws.”


Don't miss:

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.