Drones virus
Thread Starter
Drones virus
I spotted this and thought you guys would be interested
Exclusive: Computer Virus Hits U.S. Drone Fleet | Danger Room | Wired.com
Exclusive: Computer Virus Hits U.S. Drone Fleet | Danger Room | Wired.com
Join Date: Dec 2010
Location: New York & California
Posts: 414
Likes: 0
Received 0 Likes
on
0 Posts
Great and now the government will use this as another crisis to justify cyber security programs that will be used mostly for domestic surveillance and data-mining.
Join Date: May 2011
Location: Malkin Tower
Posts: 847
Likes: 0
Received 0 Likes
on
0 Posts
looks like the muppets were using pen drives to transfer data around. Guaranteed route to infection
Eight or nine months ago I had a really good example of this. Chap asked me to clean his machine of viruses - I found it had the Stuxnet (which attacks / manipulates / controls SCADA control systems)
I wiped the machine (no messing around with this thing) and asked where he'd got contaminated. The answer was, "after he'd used a pen drive to copy an engineering drawing to the ships computer";
I asked a bit more - "what ship?"
Reply: "just a Libyan oil tanker, a big one.....".
I nearly choked on my coffee. The thought of Stuxnet loose on a full supertanker is just too disturbing for words. It could kick in and kill the ships control systems (including the infrastructure controls) at any time.
I asked what had been done about disinfecting the ship's system. The answer? Nothing. It wasn't seen as important. People, even those in positions of seniority, simply don't take computer security as being a serious matter
Eight or nine months ago I had a really good example of this. Chap asked me to clean his machine of viruses - I found it had the Stuxnet (which attacks / manipulates / controls SCADA control systems)
I wiped the machine (no messing around with this thing) and asked where he'd got contaminated. The answer was, "after he'd used a pen drive to copy an engineering drawing to the ships computer";
I asked a bit more - "what ship?"
Reply: "just a Libyan oil tanker, a big one.....".
I nearly choked on my coffee. The thought of Stuxnet loose on a full supertanker is just too disturbing for words. It could kick in and kill the ships control systems (including the infrastructure controls) at any time.
I asked what had been done about disinfecting the ship's system. The answer? Nothing. It wasn't seen as important. People, even those in positions of seniority, simply don't take computer security as being a serious matter
So the "ship's computer"? Sounds as alarmist as this article! Unless the Command and Control (C2) computers are infected, then so bloody what? I happen to know that the computer infection talked about in the article was on a workstation in the ground control station that is not connected to the C2 of the aircraft- but that would not sell papers and increase the readership, would it? 
Alarmist bunkum...
We also need to remember that the only really secure computer is one that is lead lined and wrapped in concrete with no wires in or out!
LJ
Alarmist bunkum...
We also need to remember that the only really secure computer is one that is lead lined and wrapped in concrete with no wires in or out!
LJ
James
If you're talking about the remotely piloted aircraft's C2 system being infected - NO IT WASN'T (sorry to shout).
If you're talking about the super tanker's C2 system - then why on earth would you keep a ship's schematic on the C2 system and then have a non-locked down USB portal. Isn't that just asking for trouble?
LJ
If you're talking about the remotely piloted aircraft's C2 system being infected - NO IT WASN'T (sorry to shout).
If you're talking about the super tanker's C2 system - then why on earth would you keep a ship's schematic on the C2 system and then have a non-locked down USB portal. Isn't that just asking for trouble?
LJ
Join Date: Feb 2006
Location: essex
Age: 76
Posts: 73
Likes: 0
Received 0 Likes
on
0 Posts
If the only worm he had was Stuxnet then I think you are making a lot more fuss than is neccesary, Stuxnet only attacks Siemens industrial equipment running windows 7 and has fairly limited reproductive capabilities, It is suspected that it was developed by the US government (who of course deny all knowledge) to trash IRAN's uranium enrichment equipment, now if there were other viruses and worms well that's a different matter!
Last edited by mikip; 9th Oct 2011 at 08:08. Reason: correct some spelling errors
Join Date: Feb 2007
Location: Creech
Posts: 11
Likes: 0
Received 0 Likes
on
0 Posts
A potential lack of definition perhaps?
There might need to be some delineation as to what Command and Control means here...
Different organisations, companies, militaries and academia have different interpretations of C2 WRT UAS.
C2 could be interpreted as:
The Aircraft's Link and Comm network (Thru the Comm infrastructure contractors) - that actually provides the bandwidth and infrastructure to allow crews to communicate with their aircraft.
The Aircraft's own on-board system (ie its AP/Nav, systems management and infrastructure Health checking/reporting systems).
The GCS, and its software to manage the AV, maps, routes, Emergency Missions, overlays, autopilot commands, weapon inventory and health.
The Secure system (SiprNet) that actually provides the communication of the crew with the world, other UAS, and its customers.
The UAS intra-comm system (Skynet)
Frankly this forum is not the one that needs to clarify journalists interpretation of Command and Control of RPAs...it is a little more compex than that. However, a virus in any of the above infrastructure is a big deal....
Different organisations, companies, militaries and academia have different interpretations of C2 WRT UAS.
C2 could be interpreted as:
The Aircraft's Link and Comm network (Thru the Comm infrastructure contractors) - that actually provides the bandwidth and infrastructure to allow crews to communicate with their aircraft.
The Aircraft's own on-board system (ie its AP/Nav, systems management and infrastructure Health checking/reporting systems).
The GCS, and its software to manage the AV, maps, routes, Emergency Missions, overlays, autopilot commands, weapon inventory and health.
The Secure system (SiprNet) that actually provides the communication of the crew with the world, other UAS, and its customers.
The UAS intra-comm system (Skynet)
Frankly this forum is not the one that needs to clarify journalists interpretation of Command and Control of RPAs...it is a little more compex than that. However, a virus in any of the above infrastructure is a big deal....
I don't know if the US have the same muppets looking after computer security as we have in the UK military? The UK's Military Police are given the role of looking after computer security - most of them can't even spell computer! Computer and IT Security should have been given to the CIS Eng and TG4 branches to look after - the "tech heads" that actually understand the systems, but because it had "security" in the title it was deemed Police business rather than Engineer's business
The chaps at Cheltenham, Vauxhall and Thames don't use the local Police to run their computer and IT security - so why should on earth should we?
Finally, I have also heard that this virus was on a system that manipulates collected data from a sensor - totally unconnected from the main control software/hardware for the aircraft and weapons system. The integrity of the C2 system is the main effort and not a standalone work station - hence it went undetected for some time?
"Storm in a teacup" comes to mind other than how did it get on that workstation in the first place - was it there after the factory delivered the equipment or before? That is probably why the US is so tight lipped about this as there are probably wider questions to answer.
iRaven
The chaps at Cheltenham, Vauxhall and Thames don't use the local Police to run their computer and IT security - so why should on earth should we?
Finally, I have also heard that this virus was on a system that manipulates collected data from a sensor - totally unconnected from the main control software/hardware for the aircraft and weapons system. The integrity of the C2 system is the main effort and not a standalone work station - hence it went undetected for some time?
"Storm in a teacup" comes to mind other than how did it get on that workstation in the first place - was it there after the factory delivered the equipment or before? That is probably why the US is so tight lipped about this as there are probably wider questions to answer.
iRaven
Join Date: Feb 2011
Location: Great Britain
Age: 51
Posts: 340
Likes: 0
Received 11 Likes
on
5 Posts
Yes, this reminds me of the idiot Police that got in a tizzy about using a laptop to generate coordinates to program a PCMCIA card for a large aircraft's Flight Management System (FMS). The fact that you can use the civilian Jeppersen Jet Plan to generate the coords seemed to completely elude them; let alone the fact that the aircraft's FMS uses a completely different Operating System (OS) to the Windows on the laptop. Finally, the crew cross-check the coords on the FMS before flight to make sure they are correct. Reprogramming the whole FMS through the in/out data-fields is impossible as it does not have links into the main OS.
Lack of understanding was a complete understatement, I would have been better off talking to their Police dogs trying to explain it!
CPL Clott
Lack of understanding was a complete understatement, I would have been better off talking to their Police dogs trying to explain it!
CPL Clott
*A senior Air Force source with knowledge of the drone program and familiar with the virus that was caught in recent weeks told*FoxNews.com that*Wired’s story was “blown out of proportion”*and “vastly overwritten.”
LJ
Concern
I find this stuff quite alarming for a couple of reasons:
1) I am aware that a virtue has recently been made of using COTS computer platforms - specifically Microsoft Windows which happen to be the target of very widespread efforts to defeat security.
2) This software has a history of intrinsically poor design from the point of view of security because convenience overrode security considerations for so much of its history and for so much of the history of the applications that run on it - in my opinion, of course.
3) The only real response to security problems is to enable very rapid updates. i.e. prevention would be nice but perfect defence is impossible therefore being able to repair is essential.
4) Change worries IT departments so they try not to do it and I am sure that defence IT systems are even more like this. All software is full of bugs and it will never cease to be the case - if it's working for you then you're just lucky that the bugs aren't coming up in your day-to-day usage. So in other words the ability to respond rapidly is questionable because people fear that something that's "ok right now" might stop working if anything gets touched.
If it were me, I'd want to:
a) Write software in layers - the stuff that flies the plane should not be running on windows but the map display might be perhaps.
b) use less common platforms whose tradeoffs favoured secure operation above all - force attackers to spend money specifically attack me rather than being able to call on a huge library of attacks developed by others.
c) Have a mix of platforms - harder for one attack to kill them all. Tie everything together with standards just as HTTP/HTML tie the web together.
d) Write my software to be portable so that I can change platforms if needed.
1) I am aware that a virtue has recently been made of using COTS computer platforms - specifically Microsoft Windows which happen to be the target of very widespread efforts to defeat security.
2) This software has a history of intrinsically poor design from the point of view of security because convenience overrode security considerations for so much of its history and for so much of the history of the applications that run on it - in my opinion, of course.
3) The only real response to security problems is to enable very rapid updates. i.e. prevention would be nice but perfect defence is impossible therefore being able to repair is essential.
4) Change worries IT departments so they try not to do it and I am sure that defence IT systems are even more like this. All software is full of bugs and it will never cease to be the case - if it's working for you then you're just lucky that the bugs aren't coming up in your day-to-day usage. So in other words the ability to respond rapidly is questionable because people fear that something that's "ok right now" might stop working if anything gets touched.
If it were me, I'd want to:
a) Write software in layers - the stuff that flies the plane should not be running on windows but the map display might be perhaps.
b) use less common platforms whose tradeoffs favoured secure operation above all - force attackers to spend money specifically attack me rather than being able to call on a huge library of attacks developed by others.
c) Have a mix of platforms - harder for one attack to kill them all. Tie everything together with standards just as HTTP/HTML tie the web together.
d) Write my software to be portable so that I can change platforms if needed.