How To Hack a Military Drone

Uploaded on 2015-05-07 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW

System-Aware-Secure-Sentinel.jpg

Recently published research has given hackers a manual for breaking into unmanned systems, according to an Israeli defense company. 
A downing of a CIA stealth drone by Iranians occurred a month after one such paper was published (entitled - The Requirements for Successful GPS Spoofing Attacks) noted Esti Peshin, director of cyber programs for Israel Aerospace Industries, a major defense contractor. In December 2011, the Christian Science Monitor reported that Iran navigated a CIA unmanned aerial vehicle safely down to the ground by manipulating the aircraft’s GPS coordinates. 
The 2011 study, co-authored by Nils Ole Tippenhauer of ETH Zurich and other ETH and University of California academics, detailed how to mimic GPS signals to fool GPS receivers that aid navigation. “It’s a PDF file… essentially, a blueprint for hackers,” Peshin said.
Peshin said she does not know whether the CIA drone was overtaken using GPS spoofing or even whether the attacker read the study. But she underscored how easily available the publication is online.  
In the study, the researchers explained where an attacker must be located to generate fake signals capable of fooling GPS receivers. They also described ways to replace legitimate signals with an attacker’s bogus signals, so the target ends up ”losing the ability to calculate its position.” 
The authors of the Swiss study offered some advice on how to neutralize GPS deception, for instance, by hiding the exact positions of GPS receivers. Their intention was not to aid and abet terrorists, but rather to highlight “effective receiver-based countermeasures, which are not implemented yet in current standard GPS receivers,” the researchers said.
While the academics did not mean any harm, hackers could have quickly exploited their instructions before vendors had time to fortify satellite-guided vehicles, Peshin said. 
The Pentagon is currently working to insulate UAV navigation and surveillance from outside interference. Specifically, special software on a forthcoming hacker-proof Boeing Little Bird helicopter drone would shield communications from tampering. 
DefenseOne: http://bit.ly/1IvdbzW

« Will Cyber Insurance Providers Reward Good Security?
US Is Still the Biggest Source of Surging Malware Attacks »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Onapsis

Onapsis

Onapsis is a pioneer in cybersecurity and compliance solutions for cloud and on-premise ERP and business-critical applications.

Flashpoint

Flashpoint

Flashpoint is a globally trusted leader in risk intelligence for organizations that demand the fastest, most comprehensive coverage of threatening activity on the internet.

Netrix

Netrix

Netrix is a Mexican company specialized in IT Security, with more than 18 years of experience in Managed Services, Professional Services and Turnkey Solutions related to Security.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

North European Cybersecurity Cluster (NECC)

North European Cybersecurity Cluster (NECC)

NECC promotes information security and cybersecurity-related cooperation and collaboration in the Northern European region in order to enhance integration into the European Digital Single Market.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

Evolution Equity Partners

Evolution Equity Partners

Evolution Equity Partners is an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies.

Brookcourt Solutions

Brookcourt Solutions

Brookcourt Solutions delivers cyber security, network monitoring technologies and managed security services to help secure and protect your organisation’s critical infrastructure.

Communications & Information Technology Regulatory Authority (CITRA)

Communications & Information Technology Regulatory Authority (CITRA)

CITRA is responsible for overseeing the telecommunications sector, monitoring and protecting the interests of users and service providers, and regulating the services of telecomms networks in Kuwait.

Quantropi

Quantropi

Quantropi is bound to be the standard for quantum-secure data communications – forever unbreakable, no matter what.

GM Sectec

GM Sectec

GM Sectec is the world's largest independent Cyber Defense and Fraud Prevention firm laser focused on payment security.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

Neo Auth

Neo Auth

Neo Auth is an identity and access management solution to help organizations optimize their cybersecurity processes.

XeneX

XeneX

XeneX Cloud Security Services address enterprise-class security challenges by enabling DevOps and Security teams to access a shared source of truth.

Locket Cybersecurity

Locket Cybersecurity

Locket’s certified students provide pro-bono security audits for small and medium-sized businesses in the Chicagoland area.