_____                   _                  _____            _____       _ 
  |     |___ _____ ___ _ _| |_ ___ ___ ___   |  _  |___ ___   | __  |___ _| |
  |   --| . |     | . | | |  _| -_|  _|_ -|  |     |  _| -_|  | __ -| .'| . |
  |_____|___|_|_|_|  _|___|_| |___|_| |___|  |__|__|_| |___|  |_____|__,|___|
  a newsletter by |_| j. b. crawford               home archive subscribe rss

>>> 2023-02-17 something up there pt II (PDF)

As we discussed previously, the search for UAP is often contextualized in terms of the events of 2017: the public revelation of the AATIP and alien-hunting efforts by Robert Bigelow and Tom DeLonge. While widely publicized, these programs seem to have lead to very little. I believe the termination of the AATIP (which lead to the creation of TTSA) to be a result of the AATIP's failure to address the DoD's actual concern: that UAP represented a threat to airspace sovereignty.

I just used a lot of four- and five-letter acronyms without explaining them. These topics were all discussed in the previous post and if you are not familiar with them I would encourage you to read it. Still, I will try to knock it off. Besides, now there is a new set of four- and five-letter acronyms. The end of the AATIP was not the end of the DoD's efforts to investigate UAP. Instead, military UAP research was reorganized, first into Naval intelligence as the UAP Task Force, and later in the cross-branch military intelligence All-Domain Anomaly Resolution Office, or AARO.

It is unclear exactly what the AARO has accomplished. As a military intelligence organization, the DoD will not comment on it. Most of what we know comes from legislators briefed on the program, like Sen. Gillibrand and Sen. Rubio. In various interviews and statements, they have said that AARO's work is underway but hampered by underfunding---underfunding that is, embarrassingly, a result of some kind of technical error in defense appropriation.

Administratively confused as they may be, the DoD's UAP efforts have lead to creation of a series of reports. Issued by the Director of National Intelligence (DNI) at the behest of congress, the June 2021 unclassified report appeared to be mostly a review of the same data analyzed by AATIP. The report was short---9 pages---but contained enough information to produce a lot of reporting. One of the most important takeaways is that, up to around 2020, the military had no standardized way of collecting reports of UAP. Later reporting would show that even after 2020 efforts to collect UAP reports were uneven and often ineffective.

Much of the reason for this is essentially stigma: advocates of UAP research have often complained that through the late 20th century the military developed a widespread attitude of suppressing UAP incidents to avoid embarrassment. As a result, it's likely that there are many more UAP encounters than known. This is particularly important since analysis (including that in the 2021 report) repeatedly finds that the majority of UAP reports are probably explainable, while a few are more likely to result from some type of unknown object such as an adversarial aircraft. In other words, the signal to noise ratio in UAP reports is low. Taken one way this might discourage reporting and analysis, since any individual report is unlikely to amount to anything. The opposite is true as well, though: if most UAP encounters are not reported and analyzed, it's likely that the genuinely troubling incidents will never be discovered. The 2021 report broadly suggests that this is exactly what was happening for many years: so few UAP incidents were seriously considered that no one noticed that some of them posed real danger.

The 2021 report briefly mentions that some UAP incidents were particularly compelling. For example, in 18 incidents the UAP demonstrated maneuvering. This doesn't mean "shot into the sky as if by antigravity," but rather that the objects appeared to be navigating towards targets, turning with intention, or stationkeeping against the wind. In other words, they are incidents in which the UAP appears to have been a powered craft under some type of control. Even more importantly, the report notes that in a few cases there were indications of RF activity. The military will never go into much detail on this topic because it quickly becomes classified, but many military aircraft are equipped with "electronic warfare" systems that use SDR and other radio technology to detect and classify RF signals. Historically the main purpose of these systems was to detect and locate anti-aircraft radar systems, but they have also been extended to general ELINT use.

ELINT is an intelligence community term for "electronic intelligence." Readers are more likely to be familiar with the term SIGINT, for signals intelligence, and the difference between the two can be initially confusing. The key is that the "electronic" in ELINT is the same as in "electronic warfare." SIGINT is about receiving signals in order to analyze their payloads, for example by cryptologic means. ELINT is about receiving signals for the sake of the signals themselves. For example, to recognize the chirp patterns used by specific adversarial radar systems, or to identify digital transmission modes used by different types of communications systems, thus indicating the presence of that communications system and its user. A simple and classic example of ELINT would be to determine that an adversarial force uses a certain type of encrypted digital radio system, and then monitor for transmissions matching that system to locate adversarial forces in the field. The contents don't matter and for an encrypted system may not be feasible to recover anyway. The mere presence of the signal provides useful intelligence.

The concept of ELINT becomes important in several different ways when discussing UAP. First, the 2021 DNI report's mention that several UAP were associated with RF emissions almost certainly refers to ELINT information collected by intelligence or electronic warfare equipment. These RF emissions likely indicate some combination of remote control and real-time data reporting, although a less likely possibility (in my opinion) is that it reflects electronic warfare equipment on the UAP engaged in some type of active countermeasure.

It's meaningful to contrast this view of the matter with the one widespread in the media in 2017. A UAP that maneuvers and communicates by radio is not exactly X-Files material, and almost by definition can be assumed to be an sUAS---small unmanned aerial system, commonly referred to as a drone. Far from the outlandish claims made by characters like Tom DeLonge, such a craft is hardly paranormal in that we know such devices exist and are in use. What is a startling discovery is that sUAS are being spotted operating near defense installations and military maneuvers and cannot be identified. This poses a very serious threat not only to airspace sovereignty as a general principle but also to the operational security of the military.

Perhaps the component of the report that generated the most media interest is its analysis of the nature of the reported UAP. In the vast majority of cases, in fact all but one, the DNI report states that it was not possible to definitively determine the nature of the UAP. This was almost always because of the limited information available, often just one or two eyewitness accounts and perhaps a poor photo and radar tracks. Most of these incidents presumably do have explanations within the realm of the known that simply could not be determined without additional evidence. On the other hand, the report does state that there are some cases which "may require additional scientific knowledge" to identify.

It is not entirely clear how dramatically this statement should be taken. It's possible, even likely, that the phrase mostly refers to the possibility that new methods of evidence collection will need to be developed, such as the new generation of radar systems currently emerging to collect more accurate information on sUAS with very low radar cross section due to their small size. It's also possible that the phrase reflects the fact that some reported UAP incidents involve the UAP behaving in ways that no known aerial system is capable of, such as high speeds and maneuvers requiring extreme performance. Once again, there is a temptation to take this possibility and run in the direction of extraterrestrial technology. Occam's razor at the very least suggests that it's more likely that some adversarial nation has made appreciable advancements in aviation technology and kept them secret. While perhaps unlikely this is not, in my mind, beyond reason. We know, for example, that both Russia and China have now made more progress towards fielding a practical hypersonic weapons system than the United States. This reinforces the possibility that their extensive research efforts have yielded some interesting results.

Following the 2021 UAP report, Congress ordered the DNI to produce annual updates on the state of UAP research. The first such update, the 2022 report, was released a few months ago. The unclassified version is quite short, but it is accompanied by a significantly longer and more detailed classified version which has been presented to some members of Congress. The unclassified document states that the number of known UAP incidents has increased appreciably, largely due to the substantial effort the military has made to encourage reporting. To provide a sense of the scale, 247 new reports were received in the roughly 1.5 years between the preliminary and 2022 reports. A number of additional incidents occurring prior to the 2021 report also came to the attention of military intelligence during the same period, and these were analyzed as well.

Perhaps the most important part of the 2022 report is its statement that, of the newly analyzed incidents, more than half were determined to be "unremarkable." In most cases, it was judged that the incident was probably caused by a balloon. While these are still of possible interest, they are less interesting than the remainder which are more difficult to explain. Intriguingly, the report states that some UAP "demonstrated unusual flight characteristics or performance capabilities." This supports the more dramatic interpretation of the 2021 report, that it is possible that some incidents cannot be explained without the assumption that some adversary possesses a previously unknown advanced technology.

While it already attracted a great deal of media attention, this entire matter of DNI reports was only the opening act to the spy balloon. The airspace sovereignty aspect of the UAP reports is not something that attracted much discussion in the media, but it has become much more front of mind as a UAP of the first kind drifted across the United States. This UAP was not unidentified for long, with the military publicly attributing it to China---an attribution that China has both formally and informally acknowledged.

Balloons are not new in warfare. Indeed, as the oldest form of aviation, the balloon is also the oldest form of military aviation. The first practical flying machine was the hot air balloon. While the technology originated in France, the first regular or large-scale example of military aviation is usually placed at the US Civil War. Hot air balloons were routinely used for reconnaissance during the Civil War, and the slow movement and long dwell times of balloons still make them attractive as reconnaissance platforms.

Military ballooning in the United States is not limited to the far past. During World War II, the Japanese launched nearly 10,000 balloons equipped with incendiaries. The hope was that these balloons would drift into the United States and start fires---which some of them did, although a concerted press censorship program largely prevented not only the Japanese but also Americans learning of the campaign. Ultimately the impact of the balloon bombs was very limited, but they are still often considered the first intercontinental weapon system. They might also be viewed as the first profound challenge to US air sovereignty, as the balloons required no nearby support (as aircraft of the era did) and the technology of the time provided no effective means of protection. Indeed, this was the calculus behind the press censorship: since there was no good way to stop the balloon bombs, the hope was that if the US carefully avoided any word of them being published, the Japanese might assume they were all being lost at sea and stop sending them.

While the Cold War presented Soviet bombers and then missiles as top concerns, it could be said that balloons have always been one of the greatest practical threats to airspace sovereignty. Despite their slow travel and poor maneuverability, balloons are hard to stop.

Balloons remain surprisingly relevant today. First, modern balloons can operate at extremely high altitudes, similar to those achieved by the U-2 spy plans. This provides an advantage both in terms of observation range and secrecy. Second, balloons are notoriously difficult to detect. While the envelope is large, the material is largely transparent to RF, resulting in a very low radar cross section. Careful design of the suspended payload can give it a very low radar cross section as well... often easier than it sounds, since the payload is kept very lightweight. The sum result of these two factors is that even large balloons are difficult to detect. They are most obvious visually, but the United States and Canada have never had that substantial of a ground observer program and the idea has not been on the public mind for many decades. Many people might see a balloon before any word reached air defense.

On January 28th, a large balloon operated by China entered US airspace over Alaska. During the following week, it drifted across the country until leaving the east coast near South Carolina, where it was shot down with a Sidewinder missile. Circumstances suggest that both the Chinese and US administrations may have intended to downplay the situation to avoid ratcheting tensions, as the US government did not announce the balloon to the public until about a day after it had initially been detected entering US airspace. Publicly, China claimed it to be a weather balloon which had unintentionally drifted off course. The New York Times reports that, privately, Chinese officials told US counterparts that they had not intended for the balloon to become such a public incident and would remove it from US airspace as quickly as possible.

Modern balloons of this type are capable of a limited but surprisingly flexible form of navigation by adjusting their buoyancy, and thus altitude, to drift in different winds. Perhaps the balloon spent a week crossing the US by intention, perhaps an unfortunate coincidence of weather created a situation where they were not able to navigate it out more quickly, or perhaps some equipment failure had rendered the balloon unable to change its altitude. I tend to suspect one of the latter two since it is hard to think of China's motivation to leave the balloon so publicly over the United States. In any case, that's what happened.

We now know more about the balloon, not so much because of analysis of the wreckage (although that is occurring) but more because the military and administration have begun to share more information collected by means including a U-2 spy plane (one of few aircraft capable of meeting the balloon's altitude) and other military reconnaissance equipment. The balloon had large solar arrays to power its equipment, it reportedly had small propellers (almost certainly to control orientation of the payload frame rather than for navigation), and it bristled with antennas.

This is an important point. One of the popular reactions to the balloon was mystery at why China would employ balloons when they have a substantial satellite capability. At least for anyone with a background in remote sensing the reason is quite obvious: balloons are just a lot closer to the ground than satellites, and that means that just about every form of sensing can be performed with much lower gain and thus better sensitivity. This is true of optical systems where balloons are capable of much better spatial resolution than satellites, but also true of RF where atmospheric attenuation and distortion both become very difficult problems when observing from orbit. Further, balloons are faster and cheaper to build and launch than satellites, allowing for much more frequent reconfigurations and earlier fielding of new observation equipment. The cost and timeline on satellites is such that newly developed intelligence technology takes years to make it from the lab to the sky... Chinese intelligence balloons, on the other hand, can likely be fabricated pretty quickly.

It's useful here to return to the topic of ELINT. First, it's very likely that ELINT was a major mission of this balloon. Sensing RF emissions from military equipment at close range is invaluable in creating ELINT signatures for equipment like radar and encrypted communications systems, which directly translates into a better capability to mount an offensive from the air. SIGINT was likely also a mission. One of the advantages of ELINT collection is that the data acquired for ELINT purposes can typically be processed to glean SIGINT information, and even provides valuable material for cryptologists attempting to break codes.

ELINT is also relevant in the detection of the balloon. While the spy balloon in the recent incident was detected by conventional means, the DoD has reported that they are now able to assert that this is at least the fifth such balloon to enter US airspace. For those not familiar with ELINT methods this might be surprising, but it makes a great deal of sense. The fact that this balloon was tracked by the military for days provided ample opportunities to collect good quality ELINT signatures of the communications equipment used by the balloon. The military possesses a number of aircraft dedicated to the purpose of ELINT and SIGINT collection, such as the RC-135---a modified C-135 Stratolifter equipped with specialized antennas and hundreds of pounds of electronic equipment. These type of aircraft could orbit the balloon for hours and collect extensive recordings of raw RF emissions.

ELINT information is also collected by ground-based and orbital (satellite) assets, including a family of satellites that deploy large parabolic reflectors to collect RF signals with extremely high gain. The data collected by these platforms is likely retained in raw form, allowing for retrospective analysis. Information collected by similar means has been publicly used in the past. And this is most likely how the first four balloons were discovered: by searching historic data collected by various platforms for matching ELINT signatures. The presence of the same digital data modem as in the recent spy balloon, in US airspace, almost certainly indicates a similar Chinese asset operating in the past.

It's important to understand that the RF environment is extremely busy, with a great deal of noise originating from the many radio devices we use every day. It's simply not feasible for someone in some military facility to carefully review waterfall displays of the RF data collected by numerous ELINT assets. What is much more feasible is to develop signatures and then use automation to search for instances of similar traffic. It's the practical reality of intelligence at scale.

The discovery of the recent spy balloon has had an incredible effect on air defense. I am of the general opinion, and have occasionally argued in the past, that the US government has significantly under-invested in air defense since the end of the Cold War. While we do need to move on from the hysteria of the 1970s, the lack of investment in air surveillance and defense over the last fifty years or so has lead to an embarrassing situation: our ability to detect intrusion on our airspace is fairly poor, and when we do it can take well over an hour to get a fighter in the air to investigate it. The balloon brought this problem to the attention of not only the government but the public, and so some action had to be taken.

Primary radar [1] is quite complex. Even decades into radar technology it remains a fairly difficult problem to pick objects of interest, such as aircraft, out of "clutter"---the many objects, ranging from the ground to wind-blown dust, that can produce primary radar returns. One of the simplest approaches is to ignore objects that are not large and moving fast. This type of filtering is usually adequate for detection of aircraft, but fails entirely for some objects like balloons and sUAS that may be small and slow moving.

Further, the US and Canada are very large. Integrating data from the many radar surveillance sites and presenting it in a way that allows an air defense controller to identify suspicious objects in the sea of normal air traffic is a difficult problem, and a problem that the US has not seriously invested in for decades. The information systems used by both the FAA and NORAD for processing of radar data are almost notoriously poor. In the wake of the spy balloon, officials have admitted to the press that the military is struggling to process the data from radar systems and identify notable objects.

Air defense is one of the oldest problems in computing as an industry. One of the first (perhaps the first, depending on who you ask) networked computer systems was SAGE: an air defense radar processing system. These problems are still difficult today, but we are no longer mounting cutting-edge research and development projects to face them. Instead, we are trapped in a morass of defensed contractors and acquisition projects that take decades to deliver nothing.

In response to the discovery of the spy balloon, NORAD has changed the parameters used to process radar data to exclude fewer objects. They have also made a policy change to take action on more unknown objects than they had before. This lead directly to NORAD action to intercept several balloons over the past two weeks. There are now indications that at least some of these balloons may have been ordinary amateur radio balloons, not presenting a threat to air sovereignty at all. Some will view this as an embarrassment or indictment of NORAD's now more aggressive approach, but it's an untenable problem. If China or some other adversary is sending small balloons into our airspace, we need to make an effort to identify such balloons. But currently, no organized system or method exists to identify balloons and other miscellaneous aerial equipment.

One could argue (indeed, here I am) that up to about two weeks ago NORAD was still looking for Soviet bombers, with a minor side project of light aircraft smuggling drugs. Air defense largely ignored anything that wasn't large and actively crossing a border (or more to the point an ADIZ). And that's how about four large intelligence platforms apparently wandered in unnoticed... with UAP reports suggesting that there may be much more.

My suspicion is that the coming year will involve many changes and challenges in the way that we surveil our airspace. I think that we will likely become more restrictive in airspace management, requiring more aircraft than before to have filed flight plans. Otherwise it is very difficult to differentiate a normal but untracked object from an adversarial intelligence asset.

And indications are that adversarial intelligence assets are a very real problem. China's spy balloon program is apparently both long-running and widespread, with similar balloons observed for years in other countries as well. This shouldn't be surprising---after all, reconnaissance balloons are the oldest form of military aviation. The US and allies made enormous use of reconnaissance balloons during the Cold War, sending many thousands into the USSR. It's likely the case that we only really slowed down because our modern reconnaissance balloon projects have all become notorious defense contracting failures. We're still trying, but projects like TARS have run far overbudget and still perform poorly in operational contexts.

It might feel like this situation is new, and in terms of press reporting it is. But we should have seen it coming. In an interview following a classified briefing, Senator John Kennedy said that "These objects have been flying over us for years, many years. We've known about those objects for many years."

Robert Bigelow got into UAP research because he was searching for aliens. Maybe aliens are out there, maybe they aren't, but there is one thing we know for sure: our adversaries are out there, and they possess aviation technology at least as advanced as ours. For decades we ignored UFOs as folly, and for decades we ignored potential aviation advancements by our adversaries along with them. Now those advancements are floating across the northern United States and perhaps worse---the DNI is hoping they'll find out, if they can just get people to report what they see.

[1] Radar that operates by detecting reflections or attenuation of an RF field by an object. This is as opposed to secondary radar, more common in air traffic control, that works by "interrogating" a cooperative transponder installed on the aircraft.