WikiLeaks revealed Project Protego, a secret CIA Missile Control System Project for fighters

The Project Protego is a PIC-based missile control system that was developed by Raytheon, one of major U.S. defence contractors, and maintained between 2014 and 2015.

The system is installed on-board a Pratt & Whitney aircraft (PWA) equipped with missile launch systems (air-to-air and/or air-to-ground).

According to the documents, it could be used to hit air-to-air and air-to-ground targets.

Protego is composed of separate micro-controller units that exchange data and signals over encrypted and authenticated channels.

The encrypted channels are:

 » On-board TWA are the ‘Master Processor’ (MP) and the ‘Deployment Box’. Both systems are layed-out with master/slave redundancy.

  » The missle system has micro-controllers for the missle itself (‘Missle Smart Switch’, MSS), the tube (‘Tube Smart Switch’, TSS) and the collar (which holds the missile before and at launch time).

Leaked documents include the projects’ scheme, description, a guide on how to configure and build Protego images, and other related data.

A missile could be launched only after the Master Processor (MP) receives three specific valid signals from a beacon (‘In Border,’ ‘Valid GPS,’ and ‘No End of Operational Period’).

“Similary safeguards are in place to auto-destruct encryption and authentication keys for various scenarios (like ‘leaving a target area of operation’ or ‘missing missle‘).” states Wikileaks.

It is unclear if the project the Protego Protego was part of the Vault 7 dump, which mostly contains malware, hacking tools, and relevant documentation. According to Wikileaks, the project was maintained between 2014 and 2015.

“The missile system has micro-controllers for the missile itself (‘Missile Smart Switch’, MSS), the tube (‘Tube Smart Switch’, TSS) and the collar (which holds the missile before and at launch time).” continues Wikileaks.

Raytheon, who was also mentioned in a previous CIA leak, it was tasked by the US intelligence agency for analyzing TTPs used by threat actors in the wild.

Likely the name Protego has been inspired from the magical Shield Charm used in Harry Potter movies, which creates a magical barrier to deflect physical entities and spells, in order to protect a certain person or area.

This means that the project Protego was mainly designed for defensive purposes.

Below the list of release published by Wikileaks since March:

• Project Protego – 07 September, 2017
• AngelFire – 31 August, 2017
• ExpressLane – 24 August, 2017
• Couchpotato – 10 August, 2017
• Dumbo– 03 August, 2017
• Imperial – 27 July, 2017
• UCL/RAYTHEON – 19 July, 2017
• HighRise – 13 July, 2017
• BothanSpy and Gyrfalcon – 06 July, 2017
• OutlawCountry – 30 June, 2017
• ELSA malware – 28 June, 2017
• Cherry Blossom – 15 June, 2017
• Pandemic – 1 June, 2017
• Athena – 19 May, 2017
• AfterMidnight – 12 May, 2017
• Archimedes – 5 May, 2017
• Scribbles – 28 April, 2017
• Weeping Angel – 21 April, 2017
• Hive – 14 April, 2017
• Grasshopper – 7 April, 2017
• Marble Framework – 31 March, 2017
• Dark Matter – 23 March, 2017

Pierluigi Paganini

(Security Affairs –  Wikileaks, Project Protego)

[adrotate banner=”5″]

[adrotate banner=”13″]