The Drone and UAP Threat to Critical Infrastructure and Sensitive Sites
Unclassified. Cleared for publication. Prepared to the Project Instruction standard. Dated 30 June 2026. A living assessment, revised against the record.
Key judgments
We assess that unauthorized drone activity over critical infrastructure and sensitive sites is a present, material, and rising risk, and that the primary exposure sits by default with the facility owner. Confidence: high.
The threat is dominated by the mundane and is dangerous at the mundane end alone. Most incursions resolve to hobbyist, careless, or commercial operators, and a small commercial drone needs no exotic capability to surveil a plant, disrupt its operations, or carry a damaging payload. Confidence: high.
Intent to attack US energy infrastructure with a modified commercial drone is documented, not hypothetical. A federal intelligence bulletin assessed a 2020 incident as the first known case of a modified drone used to specifically target US energy infrastructure. Confidence: high.
The defining operational problem is the attribution gap. Across military and civilian sites, the operator and often the government cannot reliably identify what is in the airspace, who is flying it, or where it originated, and a residual of genuinely unattributed incursions persists even at hardened national-security installations. Confidence: high.
The authority to respond is fragmented and, for a private operator, largely absent. Detection and attribution are what a private critical-infrastructure operator can lawfully do today. Active mitigation remains reserved to federal parties, pending legislation now in motion. Confidence: high.
A genuinely unexplained residual exists within the reporting, and we do not read it as evidence of anything beyond the terrestrial. A facility's exposure does not depend on the origin question, and the two should not be conflated. Confidence: high that the risk is origin-independent. The residual itself remains unresolved by design.
The controllable lever is narrow and clear. See and attribute before anyone else, keep the response inside the law, and treat the information environment around any incident as part of the risk. Confidence: high.
Scope and method
This assessment addresses the risk that unauthorized or unidentified aerial systems pose to critical infrastructure and sensitive private-sector facilities in the United States: power generation and transmission, oil and gas, data centers and technology campuses, nuclear sites, ports, and sensitive research. It is written for the owner or operator of such a site and for the risk professionals and boards accountable for it.
The method is the firm's standard. Every claim is tiered by source, the ordinary explanation is argued first and the exotic one entertained only if it clears a stated bar, and verdicts are withheld where the evidence does not support them. Two questions are kept strictly apart. The first is operational: what is the risk to a given site, and what reduces it. The second is the origin question: what the small body of genuinely unexplained cases actually is. This assessment answers the first and bounds the second, because a facility's exposure is real and actionable however the origin question resolves, and letting the second contaminate the first is the error that has kept this subject un-serious.
The threat
The threat is a set of overlapping actor classes rather than a single one, and the ordinary classes carry most of the volume. Hobbyist and careless operators account for the bulk of sightings, and the default reading of any single incursion is one of them. Criminal use is established and growing, from contraband delivery to the modified attack drone treated below. Adversary-state surveillance is a demonstrated capability and a real subset of the record. A small number of incursions resist all of these explanations and remain unattributed. These classes are not mutually exclusive, and the hard problem is that at the moment of an incursion a facility usually cannot tell which one it is looking at.
The documented baseline is large and rising. NORAD has recorded more than 600 drone incursions at US military installations since 2022. The Commander of US Northern Command stated in late 2025 that DoD installations were seeing between one and two incursions per day, and that reported incursions had risen by roughly 82 percent year over year, while noting candidly that he could not say whether the problem itself was worse or the detection had improved. The sustained mystery incursions over Joint Base Langley-Eustis in December 2023 pulled the issue into open congressional attention, and the operators were never publicly identified. In late 2024, thousands of drone reports across New Jersey and the Northeast produced a federal investigation that resolved most sightings to lawful commercial, hobbyist, and law-enforcement drones, manned aircraft, and misidentified stars and planets, while the Pentagon separately confirmed a concurrent pattern of genuine unauthorized incursions over Picatinny Arsenal and Naval Weapons Station Earle that it could not attribute. Along the southern border, US forces tracked roughly 34,000 drones in 2025, many attributed to Mexican cartels. Over US power generation sites, more than 13,000 incursions were recorded in 2024.
Attribution to a hostile state is the exception in this record, and we hold it there. A senior Joint Staff official told Congress in 2025 that US adversaries are not above suspicion and have demonstrated they will use drones for unauthorized surveillance and espionage, and specific cases are prosecuted, including a Chinese national charged in December 2024 for flying a drone over Vandenberg Space Force Base during a National Reconnaissance Office launch. The same NORTHCOM commander has attributed most incidents to hobbyists. The honest reading holds adversary surveillance as a demonstrated capability, an assessed risk, and a matter of confirmed individual cases, and not as a blanket explanation for the wave.
Demonstrated intent and the attack precedent
This risk cannot be filed under nuisance, because the intent to attack US infrastructure with a modified commercial drone is on the record. In July 2020, a modified DJI Mavic 2 was recovered near a power substation in Pennsylvania. Its operator had removed the serial numbers, camera, and memory card, and had rigged the aircraft with nylon cords and a length of heavy copper wire sized to bridge substation equipment and cause a short circuit. It crashed on an adjacent rooftop before reaching the target, and the operator was never found. A joint intelligence bulletin from the FBI, the Department of Homeland Security, and the National Counterterrorism Center assessed this as the first known instance of a modified unmanned system likely used in the United States to specifically target energy infrastructure, an assessment the bulletin grounded in a review of drone incidents dating to 2017. The attack method is not improvised fantasy. The US military has used conductive filament to short out power grids in Iraq in 1991 and Serbia in 1999.
The sensitivity of the targets is matched by the persistence of the incursions. Records released under the Freedom of Information Act documented 57 known drone incursions at roughly two dozen US nuclear reactor and fuel-storage sites between 2015 and 2019, including repeated flyovers of Palo Verde, the largest US nuclear plant, after drone detection had been installed. The Nuclear Regulatory Commission marked the great majority of those cases unresolved and closed them anyway. The lethal potential of small drones is likewise established abroad, from an autonomous Kargu-2 attack reported by a United Nations panel in Libya in 2020 to a 2024 drone strike that left eight US service members injured in Syria.
The most recent escalation is domestic and current. Following the launch of Operation Epic Fury in early 2026 and the elevated risk of Iranian retaliation, swarming, highly maneuverable drones penetrated the airspace over Barksdale Air Force Base, home to B-52 bombers and nuclear weapons storage, and over Fort McNair in Washington, bypassing ground-level perimeter security in a pattern that pointed to software-coordinated control. Northern Command deployed a counter-drone kit and used its jamming protocol. Officials declined to attribute the incursions, and some analysts assessed a possible Iranian nexus. The government has not said, and may not know, where those drones came from or where they went.
The attribution gap
The reason the same phrase recurs across these episodes, that the operators were never identified, is technical and structural. Radar built to track missiles and aircraft struggles against a small, slow object flying low against ground clutter, and even capable modern systems reliably acquire a low-signature drone only at three to five kilometers, less in complex terrain. Autonomy removes the radio-frequency signature that many detection systems depend on, and a swarm multiplies the problem past the point where a single sensor or operator can hold it. The result is visible in the government's own posture: a residual of incursions over the most sensitive sites in the country that the responsible agencies cannot source, closed nuclear-plant cases marked unresolved, and a commander who cannot say whether the trend reflects more drones or more sensors. For a private facility with a fraction of that sensing, the gap is wider.
The authority gap
Even where a threat is seen, the authority to act is constrained, and for private operators it is largely absent. A private critical-infrastructure operator can lawfully run passive detection and tracking. Mitigation, meaning jamming, takeover, or kinetic defeat, is reserved to a short list of federal agencies, and a facility cannot lawfully bring down a drone over its own ground. The constraint has bound the military itself: its own counter-drone rulebook ran to roughly 130 pages before being cut to 20 for clarity, base commanders reported confusion over what they were permitted to do, and a Department of Defense Inspector General review found installations failing to meet counter-drone requirements. The government is moving to close the gap, through the designation of Northern Command as the homeland counter-drone synchronizer, the standup of Joint Interagency Task Force 401 and its physical-protection guidance, expanded fence-line engagement authority for base commanders, and legislation including the Safer Skies provisions in the fiscal 2026 NDAA and Senator Cotton's Critical Infrastructure Airspace Defense Act, which would let certified private operators mitigate credible threats at designated high-risk sites. None of the private-mitigation authority is settled law. Detection and attribution remain the near-term work, and the lawful one.
Vulnerability and exposure
The exposed set is broad and soft to this specific threat. Energy generation and transmission, oil and gas, nuclear sites, data centers, ports, and sensitive research campuses were built to resist ground intrusion, and a perimeter fence is useless against an approach from the air. Substation transformers and switchgear sit in the open, a single well-placed short circuit can take them offline or start a fire, and replacement transformers are expensive and carry long lead times, which turns a cheap attack into a durable loss. High-value assets are often visible and static, as the B-52 fleet sitting in the open at Barksdale illustrates. The strategic point is that if hardened military installations cannot keep small drones out of their airspace, the civilian infrastructure that was never designed for the threat is more exposed, not less. The exposure lands on the operator, who holds responsibility for the site while lacking both the instruments to see the threat and the authority to stop it.
Likelihood
We assess the likelihood that a major critical-infrastructure facility experiences at least a surveillance-grade drone incursion over the next twelve months as high and rising, on the base rate alone: more than 13,000 recorded incursions over US power sites in a single year, one to two per day at military installations, and a year-over-year increase in the tens of percent. The barrier to entry continues to fall, and capabilities once held by states are now available to criminal groups and individuals for the price of a consumer drone. The likelihood of a deliberate physical attack on any specific facility in a given year is lower and harder to quantify, but it is not zero, it has a documented precedent, and it rises with geopolitical tension of the kind now present.
Impact
Impact runs along a spectrum, and the low end is already costly. Surveillance and mapping, including the imaging of layout and the mapping of electronic emissions, hands an adversary or competitor intelligence on a site's operations and vulnerabilities. Operational disruption follows from the response itself, as an incursion can force a shutdown, a ground-stop, or an evacuation whether or not the drone carries a payload. Physical damage is the documented tail: a short circuit or an explosive payload against a transformer, a control center, or a fuel or chemical asset can cause an outage, a fire, or a cascading failure, with a mass-casualty or wide-area-outage worst case at the far end. Beyond the physical, every incident carries reputational, legal, and continuity exposure, and the New Jersey episode is the standing example of how fast a mishandled response burns public trust and invites both panic and litigation. The economics are asymmetric throughout: the attacker spends little, and the target absorbs a loss measured in equipment, downtime, and confidence.
Scenarios
We hold four scenarios, each argued from its ordinary baseline and tiered to what the record supports.
The first and most likely is surveillance and mapping of a sensitive site by a single drone, organic in most cases and adversary-directed in a minority, of which the Vandenberg prosecution is a confirmed instance. The value to the operator is intelligence, and the harm is the quiet loss of it.
The second is a single modified drone attempting a short circuit or a small-payload strike on a substation or exposed asset. This is the documented precedent, and its bar to clear is low: a consumer drone and a length of wire.
The third is a swarm overwhelming a perimeter, which has moved from theory to observation at Barksdale and Fort McNair, where coordinated, maneuverable drones defeated ground-level security. A swarm degrades detection, saturates any single response, and is the scenario current defenses are least ready to meet.
The fourth is a panic or trust collapse driven by a mishandled incident, in which the absence of an instrumented answer and a defensive official posture produce public alarm out of proportion to the physical threat, as the Northeast saw in late 2024. In this scenario the information environment is the hazard, and it can be triggered by activity that is mostly mundane.
The unattributed residual and the origin question
A minority of cases resists every prosaic explanation, and honesty requires holding it precisely. Most reporting is mundane, and most of what looks anomalous dissolves under flight logs and sensor data. A real residual nonetheless persists, including over hardened sites and after detection was installed, and the Pentagon's own anomaly office, having resolved the bulk of its caseload to ordinary objects and flagged a small set as genuinely unexplained, states that it has found no verifiable evidence of extraterrestrial beings, activity, or technology, and no confirmed foreign-adversary breakthrough. We do not read the residual as evidence of anything beyond the terrestrial, and we do not dismiss it either. It is an open question to be instrumented, and the facility's risk does not turn on how it resolves.
The disclosure controversy is a separate risk factor and deserves to be named as one. Credentialed former officials have testified on the record that the United States holds and has reverse-engineered non-human craft. Those statements are testimonial and uncorroborated by any producible primary evidence, and we carry them at exactly that tier. Their operational relevance to a facility is indirect but real: the controversy degrades the signal in the reporting, and mishandled, it feeds the panic scenario above. The serious operator treats the residual as an engineering and intelligence problem, not as a thing to be believed or ridiculed.
Mitigation posture
The posture that reduces this risk today is bounded by the authority reality, and it is still substantial. The controllable lever is detection and attribution, which a private operator can lawfully field now and which converts an unseen problem into a track, an identity, and an intent that a decision-maker can act on. Hardening follows the federal physical-protection guidance: layered perimeters, overhead protection such as nets or roofs for exposed high-value assets, reduced visibility from outside the fence, and priority protection for critical power and high-occupancy areas. Preparedness turns the capability into a response, through incident playbooks, joint procedures with authorized law enforcement, and rehearsal, the value of which the federal counter-drone tabletop program has repeatedly demonstrated. Mitigation, where it is warranted, is delivered through authorized partners, meaning state and local law enforcement operating under federal authority, federal deployment for national-security sites, and the certified private authority that pending legislation would create. Running through all of it is the information-environment discipline the New Jersey case teaches: an operator that can state, with instruments, what was over its site and what it was doing holds the one thing that prevents an incident from becoming a panic. The near-term posture reduces to five moves: instrument the airspace, attribute what enters it, harden the assets that matter, rehearse the response, and route any mitigation through partners who hold the authority.
Confidence and indicators to watch
Our confidence is high that the threat is present, material, rising, and origin-independent, and that detection and attribution are both the hard problem and the lawful near-term response. Our confidence is lower, by design, on the frequency of deliberate attacks against any specific site and on the composition of the unattributed residual, and we report those as open.
Several developments would move the assessment, and we track them. Passage of private counter-drone mitigation authority, through the Cotton bill or the Safer Skies framework, would change what an operator can lawfully do and would be reported as a dated shift. A successful rather than attempted drone strike on US infrastructure would raise the impact judgment from documented-intent to demonstrated-effect. A confirmed state attribution of an incursion campaign would move adversary surveillance from assessed risk to established fact. A step-change in swarm autonomy would raise the likelihood and the impact of the third scenario. And a disclosure through the anomaly office or the National Archives that materially altered the residual would be assessed on its evidence when it arrives, and not before.
Primary sources
FBI, DHS, and NCTC Joint Intelligence Bulletin on the 2020 Pennsylvania substation drone (28 October 2021), as reported by ABC News and CNN.
AARO Fiscal Year 2024 Consolidated Annual Report on UAP, U.S. Department of Defense and ODNI (14 November 2024). media.defense.gov; mirrored at defense.gov, aaro.mil, dni.gov.
Joint DHS, FBI, FAA, and DoD statement on reported drone sightings (17 December 2024). faa.gov newsroom. Joint DHS and FBI statement (12 December 2024). fbi.gov.
U.S. Northern Command counter-drone testimony and Falcon Peak exercise reporting (2025); NORAD figure of 600-plus incursions since 2022. Congressional testimony and defense trade reporting.
Joint Interagency Task Force 401, Guide for Physical Protection of Critical Infrastructure (approved December 2025), and the DoD Inspector General review of installation counter-drone readiness.
Counter-UAS Authority Security, Safety, and Reauthorization Act (H.R. 5061), 119th Congress. congress.gov. Safer Skies provisions, FY2026 NDAA. Critical Infrastructure Airspace Defense Act (Sen. Cotton), pending.
House hearing, Securing the Skies: Addressing Unauthorized Drone Activity Over U.S. Military Installations. congress.gov.
RAND, tabletop exercise on defending U.S. military bases against drones (March 2025). rand.org.
FOIA records on nuclear-site drone incursions, 2015 to 2019, released to the Scientific Coalition for UAP Studies.
House Oversight hearing on UAP (13 November 2024) for the testimonial disclosure claims, carried at testimonial tier.
Sourcing note: present-state claims are drawn from the records above. Where the best available source is a report rather than the originating record, the claim is held at reported standing. Testimonial and adversary-attribution claims are marked as such and carry no more weight than their tier allows.
