How To Hack a Military Drone

Uploaded on 2015-05-07 in TECHNOLOGY--Hackers, GOVERNMENT-Defence, FREE TO VIEW

System-Aware-Secure-Sentinel.jpg

Recently published research has given hackers a manual for breaking into unmanned systems, according to an Israeli defense company. 
A downing of a CIA stealth drone by Iranians occurred a month after one such paper was published (entitled - The Requirements for Successful GPS Spoofing Attacks) noted Esti Peshin, director of cyber programs for Israel Aerospace Industries, a major defense contractor. In December 2011, the Christian Science Monitor reported that Iran navigated a CIA unmanned aerial vehicle safely down to the ground by manipulating the aircraft’s GPS coordinates. 
The 2011 study, co-authored by Nils Ole Tippenhauer of ETH Zurich and other ETH and University of California academics, detailed how to mimic GPS signals to fool GPS receivers that aid navigation. “It’s a PDF file… essentially, a blueprint for hackers,” Peshin said.
Peshin said she does not know whether the CIA drone was overtaken using GPS spoofing or even whether the attacker read the study. But she underscored how easily available the publication is online.  
In the study, the researchers explained where an attacker must be located to generate fake signals capable of fooling GPS receivers. They also described ways to replace legitimate signals with an attacker’s bogus signals, so the target ends up ”losing the ability to calculate its position.” 
The authors of the Swiss study offered some advice on how to neutralize GPS deception, for instance, by hiding the exact positions of GPS receivers. Their intention was not to aid and abet terrorists, but rather to highlight “effective receiver-based countermeasures, which are not implemented yet in current standard GPS receivers,” the researchers said.
While the academics did not mean any harm, hackers could have quickly exploited their instructions before vendors had time to fortify satellite-guided vehicles, Peshin said. 
The Pentagon is currently working to insulate UAV navigation and surveillance from outside interference. Specifically, special software on a forthcoming hacker-proof Boeing Little Bird helicopter drone would shield communications from tampering. 
DefenseOne: http://bit.ly/1IvdbzW

« Will Cyber Insurance Providers Reward Good Security?
US Is Still the Biggest Source of Surging Malware Attacks »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

KPMG

KPMG

KPMG s a leading provider of professional services including information technology and cyber security consulting.

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

Cyberkov

Cyberkov

Cyberkov services include Pentesting, Vulnerability Assessments, Digital Forensics, Incident Response, Source Code Analysis and Security Training.

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

SysTools

SysTools

SysTools provides a range of services including data recovery, digital forensics, and cloud backup solutions.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

BAI Security

BAI Security

BAI Security is a Nationally Recognized Leader in IT Security. Keeping your data safe and your business compliant is our singular focus.

Future Planet Capital

Future Planet Capital

Future Planet is the impact-led, global venture capital firm built to invest in high growth potential companies from the world's top research centres.

Druva

Druva

Druva is the industry’s leading SaaS platform for data resiliency, and the only vendor to ensure data protection across the most common data risks backed by a $10m guarantee.

Illustria

Illustria

Illustria is your agent-less “watchdog” for all open source libraries. Our mission is becoming a dev-velocity company, enabled via cyber security.

CyberNut

CyberNut

CyberNut are a security awareness training solution built exclusively for schools.

SENTRIQS

SENTRIQS

SENTRIQS advanced encryption technology is engineered to defend against the most sophisticated cyber threats, keeping your operations efficient and secure.

Lyvoc

Lyvoc

Lyvoc is a premier cybersecurity integration partner renowned for its expertise in supporting its clients to accelerate and secure their digital transformation.

RESTIV Technology

RESTIV Technology

RESTIV Compliance Copilot is your partner in continuous compliance. Real-time monitoring, continuous testing, and transparent evidence—no surprises, just peace of mind.

Unified Infotech

Unified Infotech

Unified Infotech is a trusted partner for IT and software solutions dedicated to empowering businesses.

Clutch Security

Clutch Security

Clutch Security are on a mission to secure all Non-Human Identities. Everywhere.