When there's hundreds of drones raining down on your civilians every day, just disabling the production has a a higher priority than being cutesy with things that might work further away into the future.
In several cases during World War II, the Allies intentionally allowed German attacks to happen (or did not act to prevent them) to avoid revealing that they had cracked German codes, particularly the Enigma cipher.
Actually, I don't think that's known to have ever happened. The Allies protected Ultra intelligence by parallel construction--coming up with other means to 'discover' the same information (principally, sending a reconnaissance flight to the known location of wolf packs).
The main claim for this myth is the sacrifice of Coventry during the Battle of Britain, but as far as I'm aware, historians are in general agreement that Ultra was unable to ascertain that Coventry was the target before the raid took place.
"In his 1974 book The Ultra Secret, Group Captain F. W. Winterbotham asserted that the British government had advance warning of the attack from Ultra; intercepted German radio messages encrypted with the Enigma cipher machine and decoded by British cryptanalysts at Bletchley Park. He further claimed that Winston Churchill ordered that no defensive measures should be taken to protect Coventry, lest the Germans suspect that their cipher had been broken."
And the Wikipedia article immediately goes on to detail refutations of that claim:
> Winterbotham's claim has been rejected by other Ultra participants and by historians. They state that while Churchill was indeed aware that a major bombing raid would take place, no one knew what the target would be.
[then follows three paragraphs of more detailed refutation]
I don't think that's comparable because the Allies hoped cracking Enigma would reveal other secrets in the future. Ukraine probably aren't worried that Russia are going to do something else more worth interrupting with their drones in the future.
You can reflash however you want for some bugs. The deal would be to make it a dormant attack not a destroy all in one go and expose the payload. There have been successful hacks where a buffer overflow was inserted in in a one off write, that was then targeted when needed. If employed carefully in special situations, this could be an important weapon. There are also deeper levels of compromise: why compromise the source code or a the firmware binary when you can permanently compromise the production in a subtle way. Working your penetration slowly so that the whole plant or even production system must be scrapped by the enemy. At the very least gather intel.
Look at successful cyber campaigns like stuxnet or an actual hardware sabotage from Israel. The attacks were dormant until they were ready for maximum effect.
Randomly disabling a production site, without a strategic context, is going to be an isolated win, or an operational victory.
I remember reading some articles about the pentagon being a bit upset at some of the strategic decisions of Ukraine's armed forces where they often push for morale boosting moments at big costs(i think 2 years ago they spent lots of resources to get a strategically irrelevant town). And honestly this is also what it looks like: You dont see a coordinated attack but spurious disconnected events. I think when you are gasping for air you hold on to anything you can, but still the goal is to win, not just look like winning.
I still think they'd work it out pretty fast. I'm sure sabotage is pretty high on the list of things the Russians would be thinking about.
It's a good idea, I just think if the goal is to stop the drones working, what better way to do that then to destroy the manufacturing capabilities as often as possible?
Even in the case you describe, you're allowing them to have drones and still do some damage.
Obviously if there was opportunity for a supply chain attack like that they would have done it in addition to wrecking the IT infrastructure. Regardless, I imagine this will impact day to day drone operation as the Russians might re-flash the firmware to a known good version whether there is a backdoor or not
They should have checked the source codes and added some changes to make drones unpredictably unreliable
"Oh this totally innocent code change? Oh look it makes the gps act weird if longitude is between a certain range how weird"