Hijacking of drones/UAVs?
Thread Starter
Join Date: Jan 1998
Location: Where the job is!
Posts: 451
Likes: 0
Received 0 Likes
on
0 Posts
Hijacking of drones/UAVs?
In August the US Navy lost control of an unmanned helicopter. This flew towards the US capital. According to reports, after about 20 minutes the operators regained control. Did they just lose control or was control taken over by someone else for a limited time as a test?
Some time ago I was watching a Canadian Pacific train pass by. It had four engines, two at the front, one about two thirds of the way along the train and one at the rear. The two crew members ride in the front engine. One drives this and there are wired connections to control the adjoining engine. Apparently the ones cut into a train or at the rear are controlled by radio from the front engine.
Thinking of the chaos at radio control model aircraft and car meets if frequencies are not carefully allocated I wondered if CPR trains ever suffer from radio interference or temporary black-outs. Worse still, would it be possible for somebody to use a pirate radio set to take over the remote controlled engines and deliberately give opposite control inputs? The train would not climb the hill too well if two of the engines are in reverse or applying the brakes.
Then I wondered the same about drones. It seems highly likely to me that possible enemy states and terrorist organisations are monitoring the signals to American (and other) drones and working on ways to take control of them, possibly even to turn them against their owners. Have others wondered about this possibility? Have there been instances of unauthorised control of drones? Was the August US Navy helicopter incident an example?
Some time ago I was watching a Canadian Pacific train pass by. It had four engines, two at the front, one about two thirds of the way along the train and one at the rear. The two crew members ride in the front engine. One drives this and there are wired connections to control the adjoining engine. Apparently the ones cut into a train or at the rear are controlled by radio from the front engine.
Thinking of the chaos at radio control model aircraft and car meets if frequencies are not carefully allocated I wondered if CPR trains ever suffer from radio interference or temporary black-outs. Worse still, would it be possible for somebody to use a pirate radio set to take over the remote controlled engines and deliberately give opposite control inputs? The train would not climb the hill too well if two of the engines are in reverse or applying the brakes.
Then I wondered the same about drones. It seems highly likely to me that possible enemy states and terrorist organisations are monitoring the signals to American (and other) drones and working on ways to take control of them, possibly even to turn them against their owners. Have others wondered about this possibility? Have there been instances of unauthorised control of drones? Was the August US Navy helicopter incident an example?
Join Date: Apr 2007
Location: Here, there, everywhere
Posts: 251
Likes: 0
Received 0 Likes
on
0 Posts
You raise valid points, though a little bit of a conspiracy theory regarding the AWOL UAV.
Imagine the risks if they ever go to 'wireless' flight controls....
This has been muted before. IMHO you cannot beat the pulleys n cables!
Imagine the risks if they ever go to 'wireless' flight controls....
This has been muted before. IMHO you cannot beat the pulleys n cables!
Join Date: Jul 2010
Location: SYD
Posts: 2
Likes: 0
Received 0 Likes
on
0 Posts
I do not know about UAV's, but most R/C transmitters these days work off a digital signal. The Reciever and transmitter are 'bound' by way of each signal sent carrying an identifier tag so that the reciever knows which signals are intented for it.
In order to take over such a system one would need to know the identifier signal.
In order to take over such a system one would need to know the identifier signal.
Join Date: Feb 2009
Location: Jungles of SW London
Age: 77
Posts: 354
Likes: 0
Received 0 Likes
on
0 Posts
Skycatcher69
In order to take over such a system one would need to know the identifier signal.
Did the wayward UAV not simply loose signal - for whatever reason - and wander off on its own, which happened to be toward Washington DC?
Roger.
Join Date: Oct 2005
Location: USA
Posts: 3,218
Likes: 0
Received 0 Likes
on
0 Posts
In August the US Navy lost control of an unmanned helicopter. This flew towards the US capital. According to reports, after about 20 minutes the operators regained control. Did they just lose control or was control taken over by someone else for a limited time as a test?
Join Date: Aug 2007
Location: London, UK
Posts: 184
Likes: 0
Received 0 Likes
on
0 Posts
You can do lots of processing with the signal in terms of encryption. Regarding the 'playback attack' you can do something by timestamping the signal so when the drone decrypts the attackers higher strength pre-recorded message it recognises the disparity. The 'playback' attack is a very basic attack even on something as basic as Windows Logon and is therefore fairly well understood by both sides.
Join Date: May 2007
Location: Banished (twice) to the pointless forest
Posts: 1,558
Likes: 0
Received 0 Likes
on
0 Posts
Thread drift
SKYCATCHER TOUCHES ON THE BASIS OF THE FOLLOWING MANTRA:
[If wireless networking was safe, computer companies would use it.]
People are sold wireless routers and BT home Hub devices with talk of Encryption and it seems to work, for the sales people anyway.
Think about this for a second, the password is requested, or offered, (blind) and then accepted, so any handshake, needs to be in the clear and therefore can be monitored.
I don't suppose, given the shambles (of the cctv downlink and no encryption) in recent years, that taking control is impossible.
[If wireless networking was safe, computer companies would use it.]
People are sold wireless routers and BT home Hub devices with talk of Encryption and it seems to work, for the sales people anyway.
Think about this for a second, the password is requested, or offered, (blind) and then accepted, so any handshake, needs to be in the clear and therefore can be monitored.
I don't suppose, given the shambles (of the cctv downlink and no encryption) in recent years, that taking control is impossible.
Join Date: Jun 2009
Location: Canada
Posts: 464
Likes: 0
Received 0 Likes
on
0 Posts
People are sold wireless routers and BT home Hub devices with talk of Encryption and it seems to work, for the sales people anyway.
Think about this for a second, the password is requested, or offered, (blind) and then accepted, so any handshake, needs to be in the clear and therefore can be monitored.
Think about this for a second, the password is requested, or offered, (blind) and then accepted, so any handshake, needs to be in the clear and therefore can be monitored.
The reason companies are reluctant to trust wireless networking is because there have been numerous attacks on early wireless algorithms which weren't designed properly, allowing either insertion of data or recovery of the key. It also allows people to attack the network from outside the building, whereas a wired network requires physical access.
Join Date: Sep 2010
Location: earth
Posts: 1,341
Likes: 0
Received 0 Likes
on
0 Posts
Heck, my company can not update FMS/EGPWS..etc etc over wireless because they can not ensure the propritary information can not be stolen. Granted, it is more legal bs than actual technical ability.
If someone can place encryption on data, it is sure that someone else can decrypt it..
If someone can place encryption on data, it is sure that someone else can decrypt it..
Join Date: Jun 2009
Location: Canada
Posts: 464
Likes: 0
Received 0 Likes
on
0 Posts
But any competently implemented encryption system today is unbreakable by any means currently known. The problem is that many encryption systems are not competently implemented, usually because they're designed by people who aren't trained cryptographers and aren't aware of previous attacks.
Join Date: Jan 2004
Location: Germany
Posts: 128
Likes: 0
Received 0 Likes
on
0 Posts
Let's rephrase that last sentence ("is unbreakable by any means currently known") to "is unbreakable by any means currently within a reasonable timeframe" which is a key addition.
Given enough time and computing power, you will eventually be able to decrypt anything (after all, its just a bunch of 1's and 0's that are sent "over the air").
But that's not going to happen in real time and as long as the relevant keys are cycled you should be on the safe side as long as the bad guys don't get access to the keys somehow...
Given enough time and computing power, you will eventually be able to decrypt anything (after all, its just a bunch of 1's and 0's that are sent "over the air").
But that's not going to happen in real time and as long as the relevant keys are cycled you should be on the safe side as long as the bad guys don't get access to the keys somehow...
Join Date: May 2007
Location: Banished (twice) to the pointless forest
Posts: 1,558
Likes: 0
Received 0 Likes
on
0 Posts
Given enough time indeed, this guy got 16 months.
This is the mess the legal system is in despite the shedloads of money spent on the national hi tech crime unit.
The right to remain silent has indeed been done away with.
So a teenager in Blackpool can keep his (whatever) a secret for months but the US Military could not protect the CCTV images from their fleet of UAV mounted cameras.
Iraqi insurgents have reportedly intercepted live video feeds from Predator drones using a $25 Windows application that allows them to track the pilotless aircraft undetected. The US military has fixed the problem, a defense official said on Thursday.
Shiite fighters in Iraq used software programs such as SkyGrabber — generally used for satellite television reception — and available for as little as $25.95 from Russian company Sky Software, reports the Wall Street Journal.
I don't think the issue is that they can't, but in fact that they won't secure it. More stuff like this will keep happening until everyone understands the principle of data security, which is that it is almost impossible to guarantee as soon as you start sharing the data.
The right to remain silent has indeed been done away with.
A teenager was jailed yesterday for refusing to hand over his computer password to police during an investigation.
Fast-food worker Oliver Drage, 19, was taken to court after police tried to search his PC after a tip-off only to find it locked with a 50-character encrypted code.
Officers investigating a child exploitation racket ordered Drage to disclose the password hoping the contents of his computer might help their inquiries - but the teenager refused. He was then prosecuted for failing to disclose an encryption key.
This is an offence covered by the Regulation of Investigatory Powers Act 2000, which came into force in 2007 to crack down on terrorists. He is the youngest person in Britain to be convicted of the charge.
Drage of Freckleton, near Blackpool, was sent to a young offender institution for 16 weeks. Police are still trying to decipher his password 17 months after they seized his computer.
Det Sgt Neil Fowler said: "Drage was previously of good character so the immediate custodial sentence handed down by the judge in this case shows just how seriously the courts take this kind of offence."
After being arrested in May 2009, Drage pleaded not guilty at Preston crown court but at a trial last month a jury took less than 15 minutes to convict him.
Fast-food worker Oliver Drage, 19, was taken to court after police tried to search his PC after a tip-off only to find it locked with a 50-character encrypted code.
Officers investigating a child exploitation racket ordered Drage to disclose the password hoping the contents of his computer might help their inquiries - but the teenager refused. He was then prosecuted for failing to disclose an encryption key.
This is an offence covered by the Regulation of Investigatory Powers Act 2000, which came into force in 2007 to crack down on terrorists. He is the youngest person in Britain to be convicted of the charge.
Drage of Freckleton, near Blackpool, was sent to a young offender institution for 16 weeks. Police are still trying to decipher his password 17 months after they seized his computer.
Det Sgt Neil Fowler said: "Drage was previously of good character so the immediate custodial sentence handed down by the judge in this case shows just how seriously the courts take this kind of offence."
After being arrested in May 2009, Drage pleaded not guilty at Preston crown court but at a trial last month a jury took less than 15 minutes to convict him.
So a teenager in Blackpool can keep his (whatever) a secret for months but the US Military could not protect the CCTV images from their fleet of UAV mounted cameras.
Iraqi insurgents have reportedly intercepted live video feeds from Predator drones using a $25 Windows application that allows them to track the pilotless aircraft undetected. The US military has fixed the problem, a defense official said on Thursday.
Shiite fighters in Iraq used software programs such as SkyGrabber — generally used for satellite television reception — and available for as little as $25.95 from Russian company Sky Software, reports the Wall Street Journal.
I don't think the issue is that they can't, but in fact that they won't secure it. More stuff like this will keep happening until everyone understands the principle of data security, which is that it is almost impossible to guarantee as soon as you start sharing the data.
