DOD Inspector General Warns Bureaucratic Confusion Leaves Major US Bases Exposed to Drone Attacks

A Pentagon watchdog report reveals that critical U.S. military installations, including Luke Air Force Base—home to 75% of the world’s F-35 pilot training—lack mandated counter-drone defenses due to bureaucratic confusion over coverage policies. The Department of Defense Inspector General found that conflicting interpretations of Section 130i authority have created startling security gaps, leaving sites vulnerable despite previous drone incursions.

Imagine a fortress with towering walls but an open, unguarded gate. According to a damning new report from the Department of Defense Inspector General (DOD IG), that’s essentially the state of drone defense at many major U.S. military bases. The issue isn’t a lack of technology, but a tangled web of bureaucratic confusion over which facilities are required to be protected, leaving even high-value targets exposed.

The report, dated January 20, highlights Luke Air Force Base in Arizona as a prime example. This is where 75 percent of the world’s F-35 pilots are trained. Yet, as stated in the report, “Luke Air Force Base… is not designated as a covered facility or asset.” Why? Because the governing statute, Section 130i of Title 10, mandates counter-unmanned aerial system (C-UAS) defenses for nine specific categories of sites—like nuclear facilities or weapons test ranges—but “training” is not on the list. “DOD officials told us that training is not covered,” the investigators wrote.

This policy confusion creates absurd and dangerous contradictions. The Air Force’s Plant 42 in Palmdale, California—a facility that produces parts for the Global Hawk drone and experienced several drone incidents in 2024—is listed by the Air Force as a covered site. However, the IG found that “Air Force officials told us that Plant 42 is not covered, while DOD officials could not tell us whether or not it is covered.” This lack of clear designation means officials on the ground may hesitate to deploy or even test counter-drone systems for fear of legal repercussions.

The problem is compounded by a sluggish and fragmented approval process. A 2020 DOD memo requires C-UAS systems to be tested operationally before formal approval, but each military service has different submission policies. “Therefore, a large percentage of installations do not have operational approval to use C-UAS capabilities,” the report concluded. Furthermore, the DOD has issued more than 20 different policies that fail to provide clear, unified guidance.

The real-world implications were underscored by a series of wargames conducted by the U.S. Army’s Joint Counter-Small Unmanned Aircraft Systems Office (JCO) and the RAND Corporation. Their research, cited in the report, found a “hodgepodge” of rules across roughly 500 U.S. bases. Some commanders have the authority to shoot down threatening drones, while others could face prosecution for the same action. The exercises “emphasized the need for a framework to integrate, local, tribal, and territorial authorities into counter-drone operations,” researchers said.

The urgency of fixing these gaps has been heightened by global events. Last year’s Ukrainian “Operation Spiderweb” attacks, which used smuggled drones to destroy Russian aircraft on their home bases, demonstrated the potent threat. Experts fear adversaries or terrorists could employ similar tactics against vulnerable U.S. sites.

In response to the IG’s findings, a key recommendation is for the newly established Joint Interagency Task Force 401 to consolidate the muddled policies into one clear directive. The task force must define clear roles, standardize the designation process for “covered” facilities, and create a streamlined approval system. Until it does, the report suggests, the front gate of American military power remains unsettlingly open to an increasingly common and capable threat.