Green Berets Hijacked WiFi To Control Home Security System Then Vanish In Mock Raid

Share

U.S. Army Green Berets covertly breaching a WiFi network to disable a building’s security systems so their companions can sneak inside, complete their mission, and leave after using electronic warfare gear to conceal they were ever there sounds like the opening scene to a Mission Impossible movie or Call of Duty video game. Very real Army Special Forces soldiers executed this exact scenario during a training exercise in Sweden earlier this year. This is another example of specialized intelligence-gathering capabilities that are getting new attention as America’s special operations community shifts focus away from counter-terrorism missions to preparing for high-end fights.

Two Operational Detachment Alphas (ODA), or A-Teams, from the 10th Special Forces Group (Airborne), conducted the mock “cyber infiltration operation” during Exercise Swift Response 2024 back in May, the Army recently disclosed. The Army-led Swift Response exercises center on demonstrating the ability of U.S. and allied airborne forces to rapidly respond to potential crises.

Army Green Berets in a CH-47 Chinook helicopter prior to a military freefall parachute jump as part of the cyber-enabled mock raid during Swift Response 2024. US Army Sgt. 1st Class Tim Beery

“During the exercise, [one]… ODA team identified a target building and used a remote access device (RAD) to identify the networks coming from the facility. They were able to crack the WiFi password, enumerate the network, and run exploits on the target computer inside the building,” according to an official Army news item. “This enabled the team to manipulate security cameras, door locks, and other security systems in the building.”

“While one team was in charge of manipulating the building through cyber disruption, a second ODA team conducted an infiltration operation on the facility,” the Army news story adds. “They conducted a military free fall (MFF) jump and marched seven miles to access the building, which they were able to enter easily due to the cyber disruption. From there they placed signal jamming equipment to clear any trace of the attack and exited the premises.”

A picture the Army released, seen below, shows a Green Beret in plain clothes sitting in a truck or SUV during the initial cyber attack, suggesting that the first A-Team had conducted a mock covert infiltration of the area at the very start of the training mission.

US Army Sgt. 1st Class Tim Beery

Another picture shows a member of the second ODA using an electronic warfare system inside the target building before exiting the area. A laptop is also seen nearby with a still image from the music video for Rick Astley’s 1987 hit song “Never Gonna Give You Up” (or possibly the full video playing) on the screen. Since the late 2000s, this music video has been the centerpiece of online pranking wherein people are tricked into viewing it via bogus hyperlinks or other means, which has become known as “Rickrolling.” It is unknown whether or not Army Special Forces soldiers included this as part of their larger “cyber disruption” of the faux enemy network.

A Green Beret assigned to 10th Special Forces Group (Airborne) places signal jamming equipment inside a target building while participating in a cyber infiltration operation as part of Swift Response 24. US Army Sgt. 1st Class Tim Beery
US Army

“In a real-world situation, this would allow us to gain information in a way that we haven’t always had,” the commander of the A-Team in charge of the initial cyber intrusion, who the Army did not name, did say in a statement accompanying the recent news item. “If we have a specific target or objective we need to reach, we now have the capability to glean critical information in a way that is undetectable if we do our jobs right.”

“We are able to see what’s happening, and we know what the INFIL team is doing,” that individual added. “We have eyes on the whole scenario.”

Remotely neutralizing enemy defenses and providing added situational awareness could be valuable for various kinds of special operations missions, including recovering intelligence, rescuing captured individuals, or conducting direct action raids to kill or capture high-value individuals or neutralize critical materiel. As was demonstrated during Swift Response 2024, cyber attacks could be more directly combined with other capabilities like electronic warfare and signals intelligence systems to support whatever the mission objectives might be, as well. Man-portable localized jamming capabilities are also become increasingly commonplace, even proliferating to criminal enterprises in the United States where they have been observed in use as part of burglaries and home invasions. Drones could potentially be employed to help map out a target network.

Marine special operators, one of which has a backpack-mounted signals intelligence system (further indicated by a white arrow), during a mock raid as part of training unrelated to Swift Response 2024. USMC

The idea of integrating cyber warfare capabilities into tactical military operations, whether carried out by special operators or conventional forces, is not new. At the same time, the steady and often rapid pace of developments in computing and adjacent technologies continues to open up new opportunities on and off traditional battlefields. The increasingly networked nature of warfare globally, as well as the growing military and other governmental use of wireless networks for routine and more sensitive work, presents new potential vectors for cyber attacks.

“This capability is something that we need to train on, and keep current with,” another unnamed member of the first ODA that took part in the cyber infiltration training mission at Swift Response 2024 also said. “Because it’s evolving so rapidly, the devices we use today could be obsolete next year. It’s been five years since I first went to school for this – it’s changed so much in that time, I feel like it’s a whole new world.”

In addition, the cyber-enabled training scenario highlights the often blurry line between covert and clandestine military intelligence-gathering efforts and espionage activities more traditionally associated with intelligence agencies. Historically, intelligence organizations like the U.S. Central Intelligence Agency (CIA) have also often worked together with military special operations forces to carry out missions. Localized hijacking of WiFi networks for intelligence and other malign purposes is a specific tactic that Russian agents have been observed employing in the past. Russia, as well as China, North Korea, Iran, and other potential adversaries, have a long history of conducting cyber attacks and cyber espionage more broadly against the United States and its allies and partners.

An annotated image the Dutch Ministry of Defense released in 2018 showing WiFi hacking equipment authorities in that country found after seizing a vehicle belonging to Russian GRU agents. Dutch Ministry of Defense

For the U.S. special operations community, all of this comes amid a transition toward preparing for high-end conflicts, especially a potential one against China in the Pacific, after decades of focusing on counter-terrorism and other lower-intensity operations. As The War Zone has highlighted in the past, espionage-like capabilities employed covertly or clandestinely would be one important way that special operations forces could contribute in future major fights.

Back in 2021, the U.S. Army’s 1st Special Forces Command (Airborne) notably released a white paper that included a very relevant fictional vignette describing how Green Berets might even conduct such operations targeting major global competitors like China outside of the context of an all-out shooting war. The scenario involved Army Special Forces soldiers surveilling a Chinese construction project in a foreign country and subsequently helping local partners discreetly “recover” blueprints showing secret plans to enable the site to be used for military purposes. The revelation prompts the local government to put a halt to the construction work.

This is all very much in line with what the 10th Special Forces Group demonstrated during Swift Response 2024.

“There’s a really interesting nexus that we see emerging of how SOF [special operations forces] can… create strategic effects,” U.S. Air Force Lt. Gen. Dagvin R.M. Anderson, Director for Joint Force Development within the Joint Staff at the Pentagon, said during a panel talk on “SOF Roles in Great Power Competition” at the SOF Week convention earlier this year. “And so how do we bring that together across the spectrum and not just focus on the CT [counter-terrorism], direct action piece?”

Using localized cyber attacks to help enable covert or clandestine raids to grab key intelligence without the enemy ever knowing is certainly one example of how special operations skill sets could fit into planning for future high-end fights going forward.

Contact the author: joe@twz.com