Vermin, Terriers and Transformers
Vermin, Terriers and Transformers
San Francisco Bay. Tuesday Morning. 4:47 AM.
The containers start surfacing a half-mile off Crissy Field.
They’ve been on the ocean floor for three years, dropped from a cruddy no-name fishing vessel that never raised suspicion. Pressure-sealed. Ambient cold keeping battery self-discharge near zero. Waiting for an encrypted acoustic trigger that arrived sixteen seconds ago.
The first wave breaks the surface at 4:47. By 4:52, there are dozens of drones in the air, flying low, heading for the Marina District. They’re not fast. They don’t need to be. They settle onto rooftops, into heavy vegetation, onto the flat gravel of parking structures. Solar panels kick on. They wait.
This scene has been repeating itself, up and down both coasts, for almost six months. Thousands and thousands of drones. Undetected.
The next morning, they hop again. Inland. Presidio. Pacific Heights. Some make it to SoMa.
They move in short bursts. Five minutes of flight, maybe ten. Maybe a whole hour. Then, hours and sometimes days of waiting and recharging. They don’t show up on air defense radar because they’re small, and they’re not flying high enough, fast enough, or continuously enough to trigger acquisition thresholds calibrated for cruise missiles and aircraft.
By Thursday, there are drones perched on rooftops in the Financial District. The Transamerica Pyramid. Salesforce Tower. UCSF Medical Center.
The rest of this cohort have moved farther and farther inland. They’re using landmarks, maybe not even GPS. Navigating by sight. Some of them make it over the mountains.
A few weeks later, a handful from this group are as far as Idaho.
No shots have been fired. No war has been declared. The enemy force is already physically present inside the defensive perimeter, and the first anyone knows about it is when they decide to act.
Their target isn’t hospitals or schools. Those are terror targets. This is worse. It’s Large Power Transformers (LPTs) at electric grid substations. These transformers are massive (300+ tons), custom-built, and mostly imported. There is no strategic reserve of spares. If they blow up one, it takes weeks to replace. If they blow up 50 simultaneously, the manufacturing lead time is years. If they blow up a few hundred of them, the USA will instantly revert to 1800s era technology. For a decade. The result is that the United States of America will have been conquered without firing a single shot, or killing a single person, and by spending less than 100 million dollars.
This isn’t science fiction, folks.
I haven’t invented anything here, just connected the (terrifying) dots.
Upward Falling Payloads
In 2013, DARPA launched something called “Upward Falling Payloads.” The idea is to pre-position dormant assets on the ocean floor near adversary coastlines, trigger them years later, and watch them rise. The original program focused on sensors and communications nodes. Infrastructure for future conflicts, “hidden in plain sight” at the bottom of the sea.
But we’re in droneville now (thanks, Ukraine). Stir in some AI, some autonomy. Add swarms. Add hopper navigation and solar recharge.
The horrific scenario I just described is a logical extension of public, non-classified information. The technology exists. The strategy is obvious. The only question is whether someone has already done it.
And here’s what keeps me up at night: we have no defense.
The traditional playbook, the “Rule of Steel”, collapses against this threat. Let me show you why.
Every Current Strategy Fails
Kinetic (Shoot It Down)
You’re firing weapons over the Marina District. A Patriot missile doesn’t care that there’s a preschool downrange. Neither does the debris from the drone you just exploded. “We successfully defended Salesforce Tower but also killed 135 people in North Beach” is not a press release anyone wants to write.
Kinetic defense assumes a front line. A perimeter. Somewhere “over there” where engagement is acceptable. When the “phone call is coming from inside the house”, that’s way different.
Electronic Warfare (Jam It / Fry It)
These drones are HOLO, or Human Out of the Loop. Not FPV. No operator. No command link to jam. No GPS to spoof. They navigate by sight, make decisions on-board, and execute pre-programmed missions. Your jammers are screaming at nothing.
And even if they were RF-connected, the FCC has opinions about flooding the spectrum over downtown San Francisco. Strong opinions. Only DOD/DHS/DOJ have statutory authority to operate jammers domestically. The power company cannot legally do this. Neither can the hospital, or SalesForce tower, or a packed-to-capacity football stadium.
Nets (and Other Clever Low-Tech Solutions)
“Just put nets around everything.”
I mean, it’s not the worst idea.
But you’re not netting the Transamerica Pyramid. You’re not netting 200,000 miles of power transmission lines. And a net doesn’t stop a contact-fused payload. It just gives the attacker a predictable detonation point directly above your asset.
Point-Targeted Directed Energy Weapons
The defense wonks will say: “Modern DEWs are surgical. Point-targeted. Not cones of death.”
Sure. In a desert. In a theater of war, with military authorization.
But in a city, even surgical beams have a “downrange”. What’s behind the drone you’re targeting? Buildings full of electronics. People with pacemakers. Airliners on approach to SFO. And even if you fry it cleanly, it still falls. Ten-pound brick, tumbling out of the sky, over a crowded sidewalk.
Hope
This is the current strategy for most civilian infrastructure. Cross your fingers and assume the bad guys haven’t figured out how cheap drones are.
Spoiler: they figured it out.
The Vermin Problem
I hope that somewhere in a Pentagon briefing room, there’s a slide deck with the word “Vermin” on it.
Not “enemy combatants.” Not “hostile actors.” Vermin.
It’s a silly analogy, fine. But it’s not that far off.
I hope our military has started using pest control language to describe drone swarms, because that linguistic shift tells you something vital. When your adversary costs $500 and your countermeasure costs $3,000,000, you don’t have a defense problem. You have an infestation problem.
The math doesn’t math. You can’t shoot million-dollar missiles at thousand-dollar drones and call it a strategy. That’s not defense. That’s bankruptcy with extra steps.
But there’s another way to think about this. We can’t kill the infection by amputating the limb. The body doesn’t work that way. The body has an immune system.
I’ll come back to that in a moment. First, a word from our sponsor: drone technology.
How Drones Actually Work
Before I explain how to break these things, let me explain how they work.
A quadcopter is wicked (and inherently) unstable. Four rotors, four chances to die. Unlike an airplane, which glides (more or less) if you cut the engine, a quadcopter has the aerodynamic profile of a bag of poo. The only thing keeping it airborne is math. There’s a PID control loop running on the flight controller, adjusting motor speeds hundreds of times per second.
Miss a few cycles? “Drone, meet ground.” Physics doesn’t negotiate.
This creates a brutal engineering constraint: speed over everything. The flight controller has to complete its loop thousands of times per second. Every component must deliver data in microseconds.
“Traditional” (and especially safety-critical) software uses memory protection. Each process gets its own walled-off space. Great for security. Also slow. Context switching costs microseconds (or milliseconds), and those compound at 8,000 per second.
So bad-actor drone firmware architects make a choice. A reasonable choice given the constraints. A choice that is also, from a security perspective, objectively bonkers.
They strip out the protection and cut corners so there are fast DMA channels, zero-copy buffers. No bounds checking or slow checksumming. The code trusts that whatever writes to it will play nice.
The drive for performance creates a vulnerability not found in commercial aviation systems, anything that carries humans, or milspec systems. But it WILL be present in Bad Guy Drone Swarms.
Cognitive Kill #1: The RF Vector
Not all drones are HOLO. The cheap ones (the Alibaba swarm, the hobbyist-grade FPV racers repurposed for mayhem) still squawk on radio frequencies. Radio links sending telemetry, listening for commands.
That RF chatter is an attack surface.
You don’t need to jam the spectrum. You need to whisper poison directly into the drone’s nervous system. A malformed packet. A buffer overflow. A carefully crafted signal that exploits the zero-copy architecture.
The flight controller doesn’t know it’s under attack. It just… stops working. FC and ECS get out of sync. Up becomes down. Etc. Blue screen of death at 200 feet. Gravity handles the rest.
This is cognitive kill. Not kinetic. Not jamming. Induced software failure.
The cheaper and faster they build them, the more vulnerable they become. Milspec drones have hardened firmware, AS9100 risk assessment, RTOSs, maybe with actual memory protection. They cost $500,000 and they’re built like it.
The $500 drone has the attack surface the size of a barn door.
Cognitive Kill #2: The Visual Vector
But the HOLO units, the AI-driven drones that erupted from San Francisco Bay, they probably don’t chatter. No RF link to exploit. No command channel to corrupt.
They navigate by sight.
Visual Simultaneous Localization and Mapping or VSLAM. Onboard cameras building a 3D model of the world. Edge AI running object detection, obstacle avoidance, target identification. All on a Jetson Nano burning through a LiPo battery.
Here’s the dirty secret: that edge AI is shitty.
It’s a technical description. To run neural networks on embedded hardware, you have to make brutal compromises. Quantization. Pruning. Distillation. You take a model trained on cloud GPUs and squeeze it until it fits on hardware that costs less than a nice dinner.
The result is fast. Impressively fast!
The result is also trash from a robustness perspective.
You don’t need sophisticated attacks. You just need to fool their squeezed front-end computer vision system. That’s easy.
Adversarial patterns. A printed sticker that makes a neural net see something that isn’t there. The same vulnerability that makes a stop sign invisible to a Tesla.
SLAM poisoning. Project a moving pattern - like a drive-in movie for drones. The drone thinks it’s moving. Its own stabilization logic drives it into the ground.
Sensor saturation. Bright light at the right angle creates ghost artifacts the AI misclassifies.
The kicker: it’s legal for civilians.
No RF emissions. No FCC jurisdiction. You’re just shining a light. A very carefully designed light.
Bring In the Terriers
Okay. So you’ve got cognitive kill layers like RF for the chatterers, and optical illusions for the silent autonomous drones. But what happens when those fail? When there’s too many? When the geometry doesn’t work?
If their swarms are vermin, we need terriers.
Small. Fast. Cheap. Autonomous. Bred specifically to hunt and kill pests.
Interceptor drones. Not “guarding” the perimeter. Hunting.
A terrier is a $200 drone with a single purpose: find thing, kill thing. Ram it. Tangle it with a trailing net. Shred it with its props. Doesn’t matter. It’s a kamikaze pointed at a kamikaze.
This will work. Why? The backstop/downrange problem is muuuch better. Terrier engages at altitude, over a controlled zone. Debris falls where you planned, not onto a crowded sidewalk.
The economics flip. Your terrier is as cheap as their vermin. $200 dog chasing $500 rat.
No legal RF issues. It’s just a drone flying into another drone. Physics.
Scales horizontally. Swarm of 50? Launch 50 terriers. They don’t need coordination. They need target assignment and the ole ultraviolence.
HOLO works for you too. Your terriers don’t need RF links. Visual acquisition, edge AI, “that thing, hit it.” The same shitty CV that makes their drones vulnerable? Good enough for a terrier to find and intercept.
Onion Defense
Cue the Shrek music. You need layers. The full stack:
- Detection. Radar, acoustic, thermal. Know what’s coming, or what’s already here, perched on a rooftop, solar-charging.
- Classification. AI-driven threat assessment. Delivery drone or threat? RF-connected or HOLO? What’s the vulnerability profile?
- Cognitive Kill (RF). For drones that are talking: protocol exploitation, malformed packets, induced crashes.
- Cognitive Kill (Visual). For drones that are looking: adversarial projection, SLAM disruption, sensor saturation.
- Terriers. Autonomous interceptors. For when cognitive kill fails or there’s no time.
- Hard kinetic. Last resort. Human-authorized. For the ones that get through everything else.
This is what an immune system looks like. Not one defense. Layered defense. Adaptive. Responsive to the actual threat.
Yes, Force Them to Get Smarter
“All you’re doing is starting an arms race. They’ll harden their systems. They’ll defeat your countermeasures.”
Yeah. That’s called defense.
By that logic: Don’t invent antibiotics “you’ll create resistant bacteria”. Don’t encrypt communications “you’ll force better codebreaking”. Don’t install locks “you’ll create better burglars”.
Every time you force the attacker to get smarter, you:
Raise their cost. That $500 drone now needs sensor fusion, hardened firmware, a reality confirmation unit. Suddenly it’s a $5,000 drone. Vermin economics break.
Shrink their talent pool. Any idiot can fly a DJI into a substation. Building a drone that defeats adversarial projection + protocol hardening + multi-spectral sensor fusion? Nation-state capability. You just eliminated 99% of threat actors.
Buy time. The grid doesn’t need to be invulnerable forever. It needs to survive long enough for the next generation of defense.
Attackers get smarter in what they are obliged to deploy. That costs money per unit.
Defenders get smarter in software and systems. One-time R&D amortized across every site.
Defense scales. Attack doesn’t.
The Commercial Imperative
Forget the military. They’ll figure this out eventually. The question is: who’s going to protect the substation? The hospital? The water treatment plant?
Duke Energy doesn’t have a counter-drone warfare division. Amazon doesn’t want to hire perception-attack specialists. The hospital system in your city can’t afford a research program in adversarial machine learning.
What they can afford is a subscription.
The first company that builds a “Digital Dome” (a layered cognitive defense system that a utility company can deploy like antivirus software) wins the next decade. Maybe the next century.
- Sensor network detects and tracks
- AI classifies threat type and vulnerability profile
- Automated response: RF kill for chatterers, visual kill for silent ones
- Terrier swarm on standby
- Full audit logging for compliance
- Monthly invoice, per-site pricing, 24/7 SOC
It’s a SaaS product.
If you want to be cute, call it the “Stripe for CUAS” The infrastructure layer that lets everyone else not think about the problem.
The Punchline
The body doesn’t fight infection with explosives. It uses skin, mucus, antibodies, T-cells, fever. Each layer raises the cost for the pathogen. Each layer buys time for the next.
If their swarms are vermin, we need terriers. If their eyes are lame-ass neural nets, we need optical illusions. If their radios are open, we need RF transmitted poison.
The front line isn’t a line anymore. There’s no “dome”, there’s no “perimeter”. It’s everywhere. It’s your city. Containers might already be on the ocean floor.
The only question is whether we build the immune system before they send the trigger.