Fausta's Blog

American and Latin American Politics, Society, and Culture

December 17, 2009 By Fausta

Iran-backed terrorists hack US drones

… in Iraq and Afghanistan, using Russian software Skygrabber,
drone
Insurgents Hack U.S. Drones
$26 Software Is Used to Breach Key Weapons in Iraq; Iranian Backing Suspected

Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter.

Iraq, Afghanistan, but possibly also Pakistan, Yemen, and Somalia

Some of the most detailed evidence of intercepted feeds has been discovered in Iraq, but adversaries have also intercepted drone video feeds in Afghanistan, according to people briefed on the matter. These intercept techniques could be employed in other locations where the U.S. is using pilotless planes, such as Pakistan, Yemen and Somalia, they said.

Drones are inherently vulnerable:

Gen. Deptula, speaking to reporters Wednesday, said there were inherent risks to using drones since they are remotely controlled and need to send and receive video and other data over great distances. “Those kinds of things are subject to listening and exploitation,” he said, adding the military was trying to solve the problems by better encrypting the drones’ feeds.

The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn’t know how to exploit it, the officials said.

Why weren’t drone communications encripted in the first place?

Share

Filed Under: Afghanistan, Iran, Iraq, Pakistan, technology, terrorism, Yemen Tagged With: Fausta's blog

Comments

  1. MCPO Airdale says

    December 17, 2009 at 10:50 am

    To answer your last question; it’s more expensive and not as reliable a signal.

  2. Fausta says

    December 17, 2009 at 10:52 am

    MCPO, shouldn’t the signal be encripted, too?

  3. Pat Patterson says

    December 17, 2009 at 1:02 pm

    One thing not mentioned in the article is that some of the drones are capable of recognizing such attempts and can locate them if within range. They in turn could call for an attack against those listening.

  4. Nolanimrod says

    December 17, 2009 at 2:53 pm

    Why not go to the expense and trouble of protecting the drones’ signals?

    Because it’s easier not to. And because

    a pure oxygen environment on the launch pad is easier and cheaper than a nitrogen-oxygen environment and

    even though it’s below freezing those O-rings will be OK and

    they’re just hijackers. They’ll just fly the plane to Cuba or somewhere like that.

  5. ewetender says

    December 17, 2009 at 4:11 pm

    The first thing that came to mind was if I can intercept the visual transmission, what would it take to intercept and highjack the controls?
    I’m sure someone is diligently working on a solution to loose a hellfire on a school or mosque.

  6. E.M.H. says

    December 17, 2009 at 8:56 pm

    “Why weren’t drone communications encripted in the first place?”

    The only possibilities I can think of that are rational are that they had limited bandwidth, and possibly had a proprietary video signal (that’s a guess) and didn’t worry about it. These are pure guesses, BTW, but the bandwidth thing I know is an issue period, even before you worry about encryption; the US can only get so many drones in the sky specifically because of this bandwidth limitation. They try to alleviate it with a really, really criminally ugly King Air turboprop that’s got more protrusions than a pissed off porcupine, but from what I understand, whatever remote technology was designed into the Predator simply lends itself to limited bandwidth.

    Let’s keep in mind that there’s a realtime element with drone communications that’s not an issue with regular internet use. If your streaming video lags, you merely get upset at the worst; if a communications stream between a drone and controller lags, you might lose the drone, or worse, kill someone on the ground you don’t intend to kill. Yes, the stream should be encrypted, but encryption eats bandwidth and introduces latency, even with powerful hardware decrypting the signal. So I can see a manufacturer (and the military) facing a dilemna in balancing the need for signal security with a need for fast communications (if a drone gets shot at, you don’t want any lag in the control communications at all; ditto if you’re flying low over rugged terrain). What I can’t see, though, is the military saying “no encryption” at all. That surprises me, completely. I don’t understand that at all. Light encryption, and maybe some other attempts to make things difficult. Not this Anyone-can-Watch silliness. I don’t get that at all.

    We have to be missing something here. I wonder what the possibility is that this is actually an “accident” aimed at making insurgents think they’ve outsmarted the US. I know there’s no evidence for that, and plenty for the military just effing up, but still… there are people in the military who understand the importance of signal and data security. Why none was exercised with these drones is inexplicable to me.

  7. E.M.H. says

    December 18, 2009 at 2:09 pm

    Further info:
    Post at Blackfive. It’s the comments section that I really want to point out here; some folks with a little experience in the field explain a few things.

    Also: Slashdot’s story. Here’s an interesting post:

    “Simple explanation here.

    Back in the early days of this design, someone designated drone-originated video as unclassified. Otherwise there’s no way in hell it would be unencrypted.

    This isn’t an oversight – there’s guaranteed a loooong paper trail going back to a conscious decision regarding the classification level of the drone video here, and following conscious decisions regarding the design.

    If you use encryption in a military system that is not NSA Type 1 approved, there’s a LOT of paperwork required to prove that your encryption is not being used to protect classified information.

    Type 1 approved crypto is a royal pain in the ass. – http://en.wikipedia.org/wiki/Type_1_encryption [wikipedia.org]

    It often proves significantly easier in terms of cost and paperwork to not encrypt than to prove that your encryption isn’t being used to protect classified information. Security guys ask, “If it’s unclassified, why are you encrypting it?”, with “It’s good design practice.” resulting in massive beancounter agro.”

  8. O Bloody Hell says

    December 18, 2009 at 5:04 pm

    > Why weren’t drone communications encrypted in the first place?

    I would put my money on a very high degree of sheer, dumbfoundingly overwhelming incompetence.

  9. O Bloody Hell says

    December 18, 2009 at 5:09 pm

    > To answer your last question; it’s more expensive and not as reliable a signal.

    ANNNK. Sorry, sir, as someone with 30 years of experience in the computer industry, it’s a matter of cheap electronics to do fairly simple encryption and there are ample means for dealing with “reliability” in the field of error correction.

    To make it really, really secure, sure — it might not be worth doing. But the real fact is that these electronics in the drones have been there for over 20 years, and probably, if not rather blatantly, haven’t been upgraded as they should have.

    The enemy — no matter who they are — is not a fixed value. They are updating their abilities just the same as we are. The electronics in these things should have been set for an encrypted upgrade sometime in the early part of the last decade, pure and simple, since cheap median-level encryption electronics and software (search “public key encryption”) have both been available for at least that long.

  10. O Bloody Hell says

    December 18, 2009 at 5:11 pm

    > a pure oxygen environment on the launch pad is easier and cheaper than a nitrogen-oxygen environment and

    Right idea, wrong element. Oxy-Helium was the environment being excluded for cost reasons. Nitrogen has its own problems as an environment in a de/pressurized space.

  11. O Bloody Hell says

    December 18, 2009 at 5:15 pm

    > What I can’t see, though, is the military saying “no encryption” at all. That surprises me, completely. I don’t understand that at all. Light encryption, and maybe some other attempts to make things difficult. Not this Anyone-can-Watch silliness. I don’t get that at all.

    Precisely. There are cheap techniques which can make the signal sufficiently unreadable by the tech available (or even predictably available 20 years ago) which make real-time access useless. And for something like a drone, that’s probably sufficient. Who cares about what a drone saw five days ago on THEIR side? That might be useful for our intel, I don’t think theirs is likely to use that knowledge.

  12. O Bloody Hell says

    December 18, 2009 at 5:18 pm

    > If you use encryption in a military system that is not NSA Type 1 approved, there’s a LOT of paperwork required to prove that your encryption is not being used to protect classified information.

    Ah, the brilliance of “one size fits all” rules…

    As long as you Follow The Rules, common sense isn’t needed…

    :-/

Tweets by @Fausta
retirees_raise-2015_300x250

Pages

  • About
  • Email

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Previous Posts

  • Mrs. Maisel goes full Alinsky on Mrs. Schlafly
  • Venezuela: Did the Minister of Defense back out at the last minute?
  • You need to unfriend me
  • Go ahead and Kiss the Girl, if you dare
  • Ashamed

Recent Comments

  • John on Mrs. Maisel goes full Alinsky on Mrs. Schlafly
  • Today’s hot topics: Democrats’ collusion shift, tax-return rift, Venezuela drift, and more! – PoliticalWitchDoctor.com on Venezuela: Did the Minister of Defense back out at the last minute?
  • Today’s hot topics: Democrats’ collusion shift, tax-return rift, Venezuela drift, and more! - AmericanTruthToday on Venezuela: Did the Minister of Defense back out at the last minute?
  • Did Venezuela’s Minister of Defense Back Out At The Last Minute? on Venezuela: Did the Minister of Defense back out at the last minute?
  • Roseanne Not Back, Khan not Invited, Operaman’s back, Jobs back, Fausta’s back (but not here yet) Thoughts under the fedora – Da Tech Guy Blog on Venezuela: Did the Minister of Defense back out at the last minute?

Archives

  • 2019
    • December 2019
    • May 2019
    • January 2019
  • 2018
    • December 2018
    • October 2018
    • July 2018
    • June 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
  • 2017
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
  • 2016
    • December 2016
    • November 2016
    • October 2016
    • September 2016
    • August 2016
    • July 2016
    • June 2016
    • May 2016
    • April 2016
    • March 2016
    • February 2016
    • January 2016
  • 2015
    • December 2015
    • November 2015
    • October 2015
    • September 2015
    • August 2015
    • July 2015
    • June 2015
    • May 2015
    • April 2015
    • March 2015
    • February 2015
    • January 2015
  • 2014
    • December 2014
    • November 2014
    • October 2014
    • September 2014
    • August 2014
    • July 2014
    • June 2014
    • May 2014
    • April 2014
    • March 2014
    • February 2014
    • January 2014
  • 2013
    • December 2013
    • November 2013
    • October 2013
    • September 2013
    • August 2013
    • July 2013
    • June 2013
    • May 2013
    • April 2013
    • March 2013
    • February 2013
    • January 2013
  • 2012
    • December 2012
    • November 2012
    • October 2012
    • September 2012
    • August 2012
    • July 2012
    • June 2012
    • May 2012
    • April 2012
    • March 2012
    • February 2012
    • January 2012
  • 2011
    • December 2011
    • November 2011
    • October 2011
    • September 2011
    • August 2011
    • July 2011
    • June 2011
    • May 2011
    • April 2011
    • March 2011
    • February 2011
    • January 2011
  • 2010
    • December 2010
    • November 2010
    • October 2010
    • September 2010
    • August 2010
    • July 2010
    • June 2010
    • May 2010
    • April 2010
    • March 2010
    • February 2010
    • January 2010
  • 2009
    • December 2009
    • November 2009
    • October 2009
    • September 2009
    • August 2009
    • July 2009
    • June 2009
    • May 2009
    • April 2009
    • March 2009
    • February 2009
    • January 2009
  • 2008
    • December 2008
    • November 2008
    • October 2008
    • September 2008
    • August 2008
    • July 2008
    • June 2008
    • May 2008
    • April 2008
    • March 2008
    • February 2008
    • January 2008
  • 2007
    • December 2007
    • November 2007
    • October 2007
    • September 2007
    • August 2007
    • July 2007
    • June 2007
    • May 2007
    • April 2007
    • March 2007
    • February 2007
    • January 2007
  • 2006
    • December 2006
    • November 2006
    • October 2006
    • September 2006
    • August 2006
    • July 2006
    • June 2006
    • May 2006
    • April 2006
    • March 2006
    • February 2006
    • January 2006
  • 2005
    • December 2005
    • November 2005
    • October 2005
    • September 2005
    • August 2005
    • July 2005
    • June 2005
    • May 2005
    • April 2005
    • March 2005
    • February 2005
    • January 2005
  • 2004
    • December 2004
    • November 2004
    • October 2004
    • September 2004
    • August 2004
    • July 2004
    • June 2004
    • May 2004
    • April 2004
    • March 2004
Content Copyright Fausta's Blog

Site Developed and Managed by 300m.com