Everything is dual-use…
Technology in the 21st century is shaping statecraft, warfare and lawfare in ways that it simply has not for hundreds of years. The last time we saw technology at parity between civilians and the military (in a decisive way) was the American Revolutionary War in the 1700s. America was able to rapidly field effective militias, because at the time, there was little difference between the firearms used on the frontier and on the battlefield. Although American frontiersmen lacked cannon, they did have the Kentucky long rifle, which was equal or superior to the firearms used by the British and the Hessians. In the intervening centuries, military equipment has rapidly evolved away from its civilian counterparts.
Was this image captured by a multi-billion dollar reconnaissance system designed to hunt Russian BTGs or a $700 drone operated by a teen-ager? Why does it matter?
We are now seeing a massive blurring of civilian and military tech on the battlefield of Ukraine, and there has been essentially zero media coverage of this. No one is discussing this. No one is thinking about this. Journalists and civil society are at extreme risk for being targeted by pervasive new high-tech weapons (by both sides), and no one seems to even be aware of the risk, much less finding solutions to it. Similarly, technology is leveling the intelligence landscape, with civilian tech now roughly equal to nation-state capabilities.
Drones, including commercial-off-the-shelf (COTS) camera drones, have become decisive resources, not just for militaries at the squad level, but also at the theater level. All sides are providing COTS camera drones to their military units. The TB2, although an offensive tank-killing military drone, is really a collection of off-the-shelf civilian components, including its data link. The Russian Orlan-10 has 4 camera payloads and 3 signals intelligence payloads, and it is also nothing more than a collection of COTS parts combining components from hobby RC aircraft and COTS electronics. Russia has deployed hundreds of these drones across the entire theater. They are fundamentally evolving indirect weapons (such as classical artillery) into essentially direct-fire precision weapons. They are also being used to hunt anyone with a cell phone near the field of battle, because they cannot differentiate between civilians and members of the military.
Cellular networks are now one of the primary sources of intelligence, not just for voice intercepts, but also for tracking military units, individuals, and resources. Although telephone intercepts are hardly new, tracking battalion tactical group (BTG) movements via cell phones is quite recent. In fact, the first the world knew about the invasion was by a group of researchers that noticed traffic congestion on Google Maps (Android phones serve as traffic monitors and don’t allow users to opt out of this feature).
Starlink, although still in development, is being used equally by civil society and military groups It is now being explicitly targeted by Russia, while at the same time being funded and distributed by USAID.
COTS radios are being used extensively by both sides, because they are easier to use and typically have much better battery life, better clarity, and range equal to or exceeding military units, while also weighing substantially less.
COTS software-defined radios (SDRs) are a continual source of intercepts of military communications by amateurs. The most common of these are widely available because their origin is as TV tuners for HDTV (they are just USB drives). Many cost less than $30, yet they provide capabilities available only to the NSA just 15 years ago.
COTS SDRs also allow sophisticated jamming and attacks via trivial “replay attacks.” The second any side makes use of a new jamming attack, it can quickly be captured, refined and turned against the originating source if the two sides use similar tech or systems. Hackers can now engage in tactics available only to military signals intelligence units just a decade ago.
Encryption is now pervasive, but the term crypto now colloquially refers to new monetary systems. Sadly, this term is now displacing discussions of privacy, communications security, and end-to-end encryption within civil society and especially within NGOs. Things are better now than when I first engaged the NGOs providing aid in Darfur in 2005, but not much better. At that time they argued that they should not use cryptography to secure their communications because it was “too military.” Disinformation is a massive threat to NGOs and civil society, but few are effectively addressing the use of secure communications and continue to believe it is not necessary to address this problem.
Malware and defenses against it are largely the realm of civil society. US financial institutions have consistently had better defenses than the US Federal Government, including the DOD. Leading offensive malware is largely a creation of criminal syndicates, not nation-state military and intelligence organizations. In fact, few can even decisively determine who is doing what. It is alleged that the GRU leads many of these efforts, but it is just as likely that nationalistic hackers with no backing are running most of the operations. Certainly attacks against Russia are being led by such hackers “in the name of Ukraine.”
The RTL-SDR is about twice the size of most USB memory sticks, costs just $30, and offers astonishing capabilities.
I am not arguing that both sides are exploiting “dual-use” technologies, quite the opposite: I am arguing that at this point in human history, virtually everything in tech has dual-use capabilities. More importantly, because everyone in this conflict is using the tech, it is virtually impossible to tell the difference between civilians and the uniformed military, especially at distance and at scale. Even if Russia immediately switched to solely using precision weapons, I do not believe we would see much decrease in civilian deaths because of this fact.