Heightened Drone Threats Over Sensitive U.S. Military Installations During the Iran Conflict
U.S. officials raised security alerts after unidentified drones were detected over highly sensitive domestic military sites during the opening phase of the conflict with Iran. One report says drones were spotted over Fort Lesley J. McNair in Washington, where senior officials including Secretary of State Marco Rubio and Defense Secretary Pete Hegseth reside, prompting emergency White House discussions, consideration of relocating officials, and broader force-protection measures including FPCON Charlie at some bases and increased security for diplomatic missions.
Separately, U.S. Northern Command said forces used a new counter-drone Flyaway Kit to detect and defeat a small unmanned aircraft threat over an undisclosed strategic U.S. installation shortly after the start of Operation Epic Fury. The incident was cited by Gen. Gregory Guillot as evidence that rapidly deployable counter-sUAS capabilities are becoming an operational tool for defending domestic installations, amid a wider rise in drone incursions over U.S. bases and critical infrastructure. The two reports align on the broader story of elevated concern over drone surveillance or attack risks against sensitive U.S. government and military locations, though they do not confirm the same exact installation or single incident.
Timeline
Mar 24, 2026
Northcom says multiple drone incursions hit strategic base
On or before March 24, 2026, U.S. Northern Command said its Flyaway Kit had been deployed at an undisclosed U.S. military base and used against several drone incursions since Operation Epic Fury began. Officials said the system employed jamming protocols but had not determined nefarious intent or identified the drones’ source.
Mar 19, 2026
Northcom publicly discloses thwarted drone incident to Senate
On March 19, 2026, Gen. Gregory Guillot told the Senate Armed Services Committee that Northcom had recently detected and defeated a drone threat over a strategic U.S. installation. He presented the case as evidence that rapidly deployable counter-drone kits are becoming an important domestic defense capability.
Mar 19, 2026
U.S. raises force protection and issues wider security alerts
Amid concerns over possible retaliation and drone-related threats, the U.S. military reportedly increased alert measures, including raising protection levels at several bases to FPCON Charlie. A global security alert was also reportedly issued for U.S. diplomatic missions.
Mar 19, 2026
White House convenes emergency meeting after McNair drone incident
Following the reported drone sightings over Fort McNair, the White House held an emergency meeting to address the security implications. Officials also internally considered relocating Rubio and Hegseth, though no move had been confirmed.
Mar 19, 2026
Unidentified drones spotted over Fort Lesley J. McNair
Unidentified drones were reportedly observed over Fort Lesley J. McNair in Washington, D.C., a sensitive U.S. Army installation where Secretary of State Marco Rubio and Defense Secretary Pete Hegseth reside. At the time of reporting, U.S. officials had not determined the drones’ origin.
Feb 28, 2026
Northcom defeats drone threat over strategic U.S. installation
Shortly after Operation Epic Fury began, U.S. Northern Command said a Flyaway Kit detected and defeated a drone threat over an undisclosed strategic U.S. military installation. Officials did not identify the base, the drone platform, or the origin of the threat.
Feb 28, 2026
Operation Epic Fury begins against Iran
Operation Epic Fury began on Feb. 28, 2026, creating heightened concern about possible Iranian or proxy retaliation against U.S. military installations and other assets. This broader conflict context shaped subsequent force-protection decisions and drone threat assessments.
Jan 1, 2025
Counter-drone Flyaway Kit validated during Global Thunder at Minot AFB
In 2025, U.S. Northern Command validated a newly fielded counter-small unmanned aerial system Flyaway Kit during a deployment to Minot Air Force Base as part of U.S. Strategic Command’s Global Thunder exercise. The test informed later expansion of layered domestic counter-drone defenses.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Sources
Related Stories
US Military Expands Counter-Drone Defenses After Base Incursions and Middle East Threats
U.S. military leaders said small unmanned aircraft are increasingly threatening both domestic installations and overseas operations, prompting a broader push to improve counter-drone defenses. Gen. Gregory Guillot told lawmakers that **350 drone detections** were reported over the past year across **100 U.S. military installations**, with the primary concern being surveillance of sensitive capabilities by known and unknown actors. He said existing authorities under `Title 10, Section 130i` are too narrow because only about half of installations are covered and commanders often cannot act against drones flying just outside base perimeters. NORTHCOM and NORAD have since established a dedicated counter-drone operations branch, and the Pentagon designated NORTHCOM as the lead coordinator for counter-small UAS efforts in the continental United States and Alaska. At the same time, the Pentagon is continuing to send counter-UAS systems to the Middle East through **Joint Interagency Task Force 401** as regional tensions and an unstable ceasefire sustain demand for air defense. JIATF-401 said it committed more than **$600 million** in counter-drone defenses for Operation Epic Fury and domestic missions, including about **$350 million** in roughly 30 days for CENTCOM. Officials and outside experts said the threat now spans Iran-backed drone activity, lessons from the Russia-Ukraine war, unauthorized flights over bases such as **Barksdale Air Force Base**, southern border operations, and security planning for major events including the **2026 FIFA World Cup**. The Defense Department is also testing commercially available systems through Falcon Peak exercises to detect, track, identify, and defeat low-emission and no-emission drones.
5 days ago
Cyber and information operations intensify amid US-Israel strikes on Iran under “Operation Epic Fury”
US and Israeli military action against Iran under **“Operation Epic Fury”** has been accompanied by heightened cyber activity and public acknowledgment of offensive cyber operations. Reporting indicated a surge of pro-Iranian activity including **DDoS attacks**, attempted compromises, and targeting of **critical infrastructure**, with researchers warning that Iranian state-linked actors tied to the **IRGC** and **MOIS**, as well as aligned hacktivists, are likely to sustain retaliatory operations aimed at economic, reputational, and potentially physical disruption. Separately, reporting alleged Israeli intelligence conducted long-running surveillance by compromising **Tehran traffic cameras**, exfiltrating encrypted video and telemetry to servers outside Iran to build “pattern of life” intelligence on senior leadership movements. The Pentagon also elevated the visibility of cyber as a warfighting domain, with the Chairman of the Joint Chiefs describing coordinated **space and cyber** effects used to “disrupt, degrade, and blind” Iranian communications and sensor networks, though without operational detail. In parallel but unrelated to the Iran conflict, Russia’s internet regulator **Roskomnadzor** and the Russian Defense Ministry reported a “complex multi-vector” **DDoS** incident that temporarily disrupted multiple government sites, with traffic attributed to botnets and servers across several countries and continued user-reported instability after initial containment.
1 months ago
Operation Epic Fury Escalation Drives Heightened Iranian-Linked Cyber Risk Warnings
Arctic Wolf reported that **Operation Epic Fury**—a U.S. campaign coordinated with Israel against Iran involving air, missile, naval, and **cyber** strikes on Iranian military and nuclear targets—has increased the likelihood of retaliatory and spillover cyber activity affecting organizations beyond the immediate conflict zone. The advisory warned that organizations in **North America, the Middle East, the Schengen Area, and the Indo-Pacific** should expect elevated risk, particularly in sectors historically targeted by Iranian threat groups: **energy, defense, transportation, healthcare, and government**. It also highlighted potential **collateral impacts** via interconnected systems and third-party dependencies, including possible internet-service disruption and **supply-chain** compromise. The same reporting emphasized that Iranian-linked operations have historically included **destructive wiper malware**, **DDoS**, and targeted intrusions—especially against energy and utility environments—and may at times be indiscriminate, impacting countries not directly involved (including prior activity affecting U.S. water/wastewater and industrial control environments). Other items in the set were largely **leadership/career commentary, awards, and general risk-management or workforce pieces** and did not provide additional substantiated details on Operation Epic Fury or specific, attributable cyber incidents tied to the escalation.
1 months ago