Students Hack Unmanned Drone

 Pages 1 2 NEXT
 

Students Hack Unmanned Drone

image

A research team has exposed a glaring flaw in domestic drone technology.

By this point, most of us are habituated to the American military's fondness for using unmanned aerial vehicles (UAVs, between you and me) in far-flung combat zones. As the technology that powers these machines advances, private companies are becoming increasingly interested in possible domestic applications for the de-fanged, person-friendly cousins of the military's UAVs. With that in mind, a team from the University of Texas at Austin's Radionavigation Lab this week demonstrated the potential weakenesses of such systems by hacking a domestic UAV using "spoofing" tech that cost less than $1,000 to build.

Led by Professor Todd Humphreys, the team of researchers and students took control of the drone by "spoofing" its GPS system into believing that their team was supposed to be in charge of it, effectively hijacking the witless machine from the ground. They didn't block control signals or anything; they just used their $1000-worth of radio gadgetry to fool the drone into recognizing them as its true masters. With this system in place, they were able to take complete control of the drone.

You'll be glad to hear, I hope, that military UAVs are protected from this kind of interference by virtue of their encrypted GPS systems. However, the researchers are concerned that without similar protections, domestic drones could be used to wreak havoc within the United States (at the same as providing plot fodder for the technophobic narrators from Call of Duty: Black Ops II's publicity).

Speaking to Fox News, team leader Humphreys laid out his concerns. "What if you could take down one of these drones delivering FedEx packages and use that as your missile? That's the same mentality the 9-11 attackers had," he said. "In 5 or 10 years you have 30,000 drones in [U.S.] airspace...Each one of these could be a potential missile used against us."

The Federal Aviation Administration (FAA) and Department of Homeland Security (DoHS) are interested in this spoofing development, with representatives from both agencies having reportedly invited the Austin team to repeat their trick under supervision. While the DoHS has been working on two anti-jamming systems in preparation for the advent of domestic drones, the department is apparently unprepared to deal with spoofing attacks at this moment in time.

Based on the agencies' reaction this demonstration, it'd be nice to imagine that by the time Congress allows FedEx et al to pepper the skies with de-fanged UAVs, the DoHS will have spent rather more time than it has presently working on ways to protect said UAVs from terrorists, students, and remote-control hobbyists. Who said your school's science project couldn't help protect the nation? Way to go, University of Texas.

Source: Fox News via Scientific American

Permalink

Hevva:
Source: Fox News

Move along people, nothing to see here. I know that this actually happened, but it's only a matter of time until Bill O'Reilly gets his hands on it and any and all truth will be lost.

I was under the impression that most of the time when a security hole is exposed by a third party, said party is fined or thrown in jail for their trouble instead of asked to help with the problem.

I'm pleasantly surprised to see an example of sanity.

Gearhead mk2:

Hevva:
Source: Fox News

Move along people, nothing to see here. I know that this actually happened, but it's only a matter of time until Bill O'Reilly gets his hands on it and any and all truth will be lost.

Heh. I was impressed that they went for "terrorists" in the headline though. No messing around in Fox Towers.

Can't wait to here how this is Obama's Fault...
Still, Fair Play to the Students and I think its about time someone made a RC UAV :P

Good for the students. They have done a great service too America protecting our future Domestic drones from Terrorists.

For the record, there is no Sarcasm in this post. I mean this seriously.

Gilhelmi:
Good for the students. They have done a great service too America protecting our future Domestic drones from Terrorists.

For the record, there is no Sarcasm in this post. I mean this seriously.

That's very sad, seeing as those drones are all made in China. They are already compromised by the secret control chip built into them.

假设直接控制
(Assuming Direct Control)

PS: Google translate for the Chinese.

Hevva:
[A] team from the University of Texas at Austin's Radionavigation Lab this week demonstrated the [...] weakenesses of such systems by hacking a domestic UAV using "spoofing" tech that cost less than $1,000 to build.

Led by Professor Todd Humphreys, the team of researchers and students took control of the drone by "spoofing" its GPS system into believing that their team was supposed to be in charge of it, effectively hijacking the witless machine from the ground. [...] they just used their $1000-worth of radio gadgetry to fool the drone into recognizing them as its true masters. With this system in place, they were able to take complete control of the drone.

[...] domestic drones could be used to wreak havoc within the United States [...].

[...] you could take down one of these drones delivering FedEx packages and use that as your missile [... ]That's the same mentality the 9-11 attackers had," he said. "In 5 or 10 years you have 30,000 drones in [U.S.] airspace...Each one of these [is] a potential missile used against us."

[...] the DoHS [...] is apparently unprepared to deal with spoofing attacks [...]

This article has just been Fox news'd. Now that's mass hysteria.

Well this shows the value of wide spread testing before commercial development. A good lesson for any commercial product. Also, lol at the guys who came here trying to make a joke related to FOX news but found an actual okay story.

It's DUMB that they didn't encrypt the GPS signal, they should know that all information sent wireless should be encrypted, pretty damn cool though!

Twilight_guy:
Well this shows the value of wide spread testing before commercial development. A good lesson for any commercial product. Also, lol at the guys who came here trying to make a joke related to FOX news but found an actual okay story.

It's not the story it's how they like to sensationalize every thing. Look how they put terrorist in the headline. The way in which they call up the specter of 9/11. These things are not important to the core of what the story is.

Hevva:

Speaking to Fox News, team leader Humphreys laid out his concerns. "What if you could take down one of these drones delivering FedEx packages and use that as your missile? That's the same mentality the 9-11 attackers had," he said. "In 5 or 10 years you have 30,000 drones in [U.S.] airspace...Each one of these could be a potential missile used against us."

Cars? Model load bearing planes? Bikes? We're already in countries that are full of these "missiles".

LordFish:
It's DUMB that they didn't encrypt the GPS signal, they should know that all information sent wireless should be encrypted, pretty damn cool though!

The GPS signal is encrypted by the satellites not drone. Seeing that the encrypted GPS signal where originally designed for the exclusive use of strategic nuclear weapons back in the 80s, its not that surprising that the access to the crypto gear is unavailable for non military use.

LordFish:
It's DUMB that they didn't encrypt the GPS signal, they should know that all information sent wireless should be encrypted, pretty damn cool though!

Unfortunately, with a little more expertise and funding even encrypted systems could be "spoofed" or "hacked". Nothing in the world of computers is immune, even isolated networks are at risk through human interference.

I wouldn't be surprised if Black Ops 2's storyline turns out to be a fictional exaggeration of an event that could happen in the future, especially if our infrastructure, militaries and daily lives are becoming more and more dependant on computers.

Bvenged:

Unfortunately, with a little more expertise and funding even encrypted systems could be "spoofed" or "hacked". Nothing in the world of computers is immune, even isolated networks are at risk through human interference.

I wouldn't be surprised if Black Ops 2's storyline turns out to be a fictional exaggeration of an event that could happen in the future, especially if our infrastructure, militaries and daily lives are becoming more and more dependant on computers.

The encryption on GPS satellites is the highest grade millairty encodeding, similar to the encryption used to send the launch orders for nukes. Understandably this far stronger than anything seen in the day to day encryption by computers. This is also why the drones are not allowed access to the GPS encrypted channels, not even all NATO members are allowed access to it.

You know its seems that students are always finding out better ways to things than the people trained to them. Maybe we should start sending students to the front line. call it "hands on learning".

albino boo:

LordFish:
It's DUMB that they didn't encrypt the GPS signal, they should know that all information sent wireless should be encrypted, pretty damn cool though!

The GPS signal is encrypted by the satellites not drone. Seeing that the encrypted GPS signal where originally designed for the exclusive use of strategic nuclear weapons back in the 80s, its not that surprising that the access to the crypto gear is unavailable for non military use.

YES, sorry, major DERP, GPS is a passive system... I guess I wasn't really thinking, however how did they then control the drone? the most I thought they could do was spoof its position...

Bvenged:

Unfortunately, with a little more expertise and funding even encrypted systems could be "spoofed" or "hacked". Nothing in the world of computers is immune, even isolated networks are at risk through human interference.

I put to you AES256 hard-coded public key encryption, my college prof said until they invent (if they invent) quantum computers, uncrackable. Yes if the system is designed with flaws than the encryption can be circumvented, but never encrypted data cracked. Just look at the financial sector, hackers can't log into their bank accounts and give themselfs millions of pounds... at least, I hope they can't :P

Eric the Orange:

Twilight_guy:
Well this shows the value of wide spread testing before commercial development. A good lesson for any commercial product. Also, lol at the guys who came here trying to make a joke related to FOX news but found an actual okay story.

It's not the story it's how they like to sensationalize every thing. Look how they put terrorist in the headline. The way in which they call up the specter of 9/11. These things are not important to the core of what the story is.

Do I need to go out and start looking up news stories from the Escapist that do the same thing to drum up attention? Aside from that, people coming in here just to note that 'OMG, its from fox news' as opposed to saying something about the content of the story is also, ironically, posting something sensational (sort of) rather then talking directly about the story. As such, I find them to be funny people who try so hard to decry FOX news that they begin to become that which they hate.

I don't know what I find more frightening: The fact that our UAVs could be hacked so easily, or the fact that Scientific American is using Fox News as a credited source.

Twilight_guy:
Also, lol at the guys who came here trying to make a joke related to FOX news but found an actual okay story.

image

Captcha: Cheese burger
I just finished my second one today!

Old news, they did this a week ago, and it was on the BBC without the fear content. They DID hypothesize (in the form of quotes), but not to the extent as FOX.

Really Escapist. Can we have the news a little faster? And from more reliable sources? It's not like you are doing research into this, you are copying from another site.

Twilight_guy:
Well this shows the value of wide spread testing before commercial development. A good lesson for any commercial product. Also, lol at the guys who came here trying to make a joke related to FOX news but found an actual okay story.

Truth. Fox News sucks, but when they aren't writing a political centered spiel strawman story, these come along.

I stopped reading at "FedEX Delivery" because that's too awesome to conceive. My new GFX card brought to me by quadrotor!

How would it ring my bell?

marurder:
Old news, they did this a week ago, and it was on the BBC without the fear content. They DID hypothesize (in the form of quotes), but not to the extent as FOX.

Really Escapist. Can we have the news a little faster? And from more reliable sources? It's not like you are doing research into this, you are copying from another site.

The BBC article, from Friday, quoted the Fox News story as its sole source. Regardless of how we might feel about Fox sometimes, in this case, they broke the story. They got the video footage with the Austin team, they get put as the source. Nothing unreliable about their reporting in this case (as far as I can see, anyhoo). Thanks for your input, though.

Military UAVs aren't protected from this... that drone that went down in Iran months back? That thing was possessed by a guy with no more than $20 worth of equipment.

Furthermore, they've got a lot of nerve to throw around the word "terrorist" with regards to people hacking drones. These drones have no business flying around, spying on citizens anyway, especially not when WE have to pay for it!

ArianaUO321:
Military UAVs aren't protected from this... that drone that went down in Iran months back? That thing was possessed by a guy with no more than $20 worth of equipment.

Furthermore, they've got a lot of nerve to throw around the word "terrorist" with regards to people hacking drones. These drones have no business flying around, spying on citizens anyway, especially not when WE have to pay for it!

This poster speaks truth.

I LOVE how they insinuated the 'defanged' UAVs would be coming to a sky near you and THEN suggested a commercial service (YEAH RIGHT). Not sure if clever rouse to incite 'big brother' panic or cover up real potential uses however.

1337mokro:

Gilhelmi:
Good for the students. They have done a great service too America protecting our future Domestic drones from Terrorists.

For the record, there is no Sarcasm in this post. I mean this seriously.

That's very sad, seeing as those drones are all made in China. They are already compromised by the secret control chip built into them.

假设直接控制
(Assuming Direct Control)

PS: Google translate for the Chinese.

haha good post, I laughed out loud at that.

OT: Usually I'm interested and all for technology, but no...just no, this could go wrong in just about a bajillion ways, not to mention how easy it would be to not get caught if you control it from a random location. (ever hear of war drivers? kind of like that.)

Fear not citizens. The aerial division of the panopticon is still on track.

Just remember our motto: To constantly watch over you, we need to constantly watch you.

Sleep well.

Anyone concerned about this needs to stop taking pictures with their phones that record exact location and uploading to social websites that contain all personal information that is constantly sold to corporate and government interests for tracking and advertizing purposes.

"private companies are becoming increasingly interested in possible domestic applications for the de-fanged, person-friendly cousins of the military's UAVs"

Yeeeea...

image

Good for the students for doing this project, and good for the government for actually listening to them.

As for the danger of these unfanged drones, anything is a potential threat. Banning drones isn't the answer; moderate regulation is a better idea, as there are benefits to using drones for domestic purposes. Make sure they are properly secure, respect people's privacy, and that the companies that decide to use these drones are fully held accountable.

I feel like the English Parliament is responsible for this.

I was watching the English Parliament talking with Prime Minister Cameron on C-SPAN and I thought it was a parody. They get quite exited.

Interestingly enough, Iran claimed to have done this to an actual military drone a few months back, although the US government denied it, claiming the drone must have just crashed instead.

http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer-Video

http://www.msnbc.msn.com/id/45701847/ns/technology_and_science-security/t/iran-didnt-hack-us-drone-experts-say/#.T_FEErVYt2C

Biodeamon:
You know its seems that students are always finding out better ways to things than the people trained to them. Maybe we should start sending students to the front line. call it "hands on learning".

If they don't train the students, they will try to make peace and forfeit military goals.

If they do train the students... it'd just be the current situation again, wouldn't it?

Diablo1099:
Can't wait to here how this is Obama's Fault...
Still, Fair Play to the Students and I think its about time someone made a RC UAV :P

Wait... isn't every RC plane a UAV... :/

I was also under the impression that the Military RPAS were protected against that kind of thing. Anti-Jammers exist... Also as GPS was originally made for the military they use a more encrypted, more accurate version than Civvi GPS devices, they also have the ability to just turn the GPS off around the whole world in an instant and restrict it to Military use only.

Also, even if you do 'hack' it under your control with GPS jamming you won't be able to see the video feeds so you would have to be in Line of Sight of the aircraft at all time... A reaper/predator/globalhawk flying at 30,000ft is already practically invisible, and you definately wouldn't be able to accurately fly it...

ArianaUO321:
Military UAVs aren't protected from this... that drone that went down in Iran months back? That thing was possessed by a guy with no more than $20 worth of equipment.

Furthermore, they've got a lot of nerve to throw around the word "terrorist" with regards to people hacking drones. These drones have no business flying around, spying on citizens anyway, especially not when WE have to pay for it!

Wooo... a conspiricy nut! For the record; this is bullshit... They don't spy on civillians and it wasn't taken out by a peasant with a transistor radio... Fact.

insanelich:

Biodeamon:
You know its seems that students are always finding out better ways to things than the people trained to them. Maybe we should start sending students to the front line. call it "hands on learning".

If they don't train the students, they will try to make peace and forfeit military goals.

If they do train the students... it'd just be the current situation again, wouldn't it?

The students are very welcome to take the jobs of UAV development or military science... they just tend not to... in fact it annoys me when students are put on some pedastal like this... The people who do develop the UAV's, and work in the industries were students at one point, and most have got masters degrees in the subject. It doesn't prove that the students are more clever, only that a mass of trained people with a lot of resources and no particular focus on their research tend to eventually come up with stuff like this. Working in the industry where you have restraints on what you can research, and which direction to research in limits this!

LordFish:

YES, sorry, major DERP, GPS is a passive system... I guess I wasn't really thinking, however how did they then control the drone? the most I thought they could do was spoof its position...

I suspect the drone flies down a preprogrammed flightpath. If you alter where its think it is it will try and correct back to the flight path, thus giving you effective control of hight and direction. My guess is that speed is also calculated by GPS so you could even get control of the throttle.

The easiest way to guard against this attack is to fit an inertial navigation gyro and compare the results. A sudden massive change in GPS position could then be ignored.

I'm a little disappointed to see the Escapist going along in American 'anything could be used for terrorism' paranoia.

 Pages 1 2 NEXT

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Registered for a free account here