… in Iraq and Afghanistan, using Russian software Skygrabber,
Insurgents Hack U.S. Drones
$26 Software Is Used to Breach Key Weapons in Iraq; Iranian Backing Suspected
Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.
Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter.
Iraq, Afghanistan, but possibly also Pakistan, Yemen, and Somalia
Some of the most detailed evidence of intercepted feeds has been discovered in Iraq, but adversaries have also intercepted drone video feeds in Afghanistan, according to people briefed on the matter. These intercept techniques could be employed in other locations where the U.S. is using pilotless planes, such as Pakistan, Yemen and Somalia, they said.
Drones are inherently vulnerable:
Gen. Deptula, speaking to reporters Wednesday, said there were inherent risks to using drones since they are remotely controlled and need to send and receive video and other data over great distances. “Those kinds of things are subject to listening and exploitation,” he said, adding the military was trying to solve the problems by better encrypting the drones’ feeds.
The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn’t know how to exploit it, the officials said.
Why weren’t drone communications encripted in the first place?
To answer your last question; it’s more expensive and not as reliable a signal.
MCPO, shouldn’t the signal be encripted, too?
One thing not mentioned in the article is that some of the drones are capable of recognizing such attempts and can locate them if within range. They in turn could call for an attack against those listening.
Why not go to the expense and trouble of protecting the drones’ signals?
Because it’s easier not to. And because
a pure oxygen environment on the launch pad is easier and cheaper than a nitrogen-oxygen environment and
even though it’s below freezing those O-rings will be OK and
they’re just hijackers. They’ll just fly the plane to Cuba or somewhere like that.
The first thing that came to mind was if I can intercept the visual transmission, what would it take to intercept and highjack the controls?
I’m sure someone is diligently working on a solution to loose a hellfire on a school or mosque.
“Why weren’t drone communications encripted in the first place?”
The only possibilities I can think of that are rational are that they had limited bandwidth, and possibly had a proprietary video signal (that’s a guess) and didn’t worry about it. These are pure guesses, BTW, but the bandwidth thing I know is an issue period, even before you worry about encryption; the US can only get so many drones in the sky specifically because of this bandwidth limitation. They try to alleviate it with a really, really criminally ugly King Air turboprop that’s got more protrusions than a pissed off porcupine, but from what I understand, whatever remote technology was designed into the Predator simply lends itself to limited bandwidth.
Let’s keep in mind that there’s a realtime element with drone communications that’s not an issue with regular internet use. If your streaming video lags, you merely get upset at the worst; if a communications stream between a drone and controller lags, you might lose the drone, or worse, kill someone on the ground you don’t intend to kill. Yes, the stream should be encrypted, but encryption eats bandwidth and introduces latency, even with powerful hardware decrypting the signal. So I can see a manufacturer (and the military) facing a dilemna in balancing the need for signal security with a need for fast communications (if a drone gets shot at, you don’t want any lag in the control communications at all; ditto if you’re flying low over rugged terrain). What I can’t see, though, is the military saying “no encryption” at all. That surprises me, completely. I don’t understand that at all. Light encryption, and maybe some other attempts to make things difficult. Not this Anyone-can-Watch silliness. I don’t get that at all.
We have to be missing something here. I wonder what the possibility is that this is actually an “accident” aimed at making insurgents think they’ve outsmarted the US. I know there’s no evidence for that, and plenty for the military just effing up, but still… there are people in the military who understand the importance of signal and data security. Why none was exercised with these drones is inexplicable to me.
Further info:
Post at Blackfive. It’s the comments section that I really want to point out here; some folks with a little experience in the field explain a few things.
Also: Slashdot’s story. Here’s an interesting post:
“Simple explanation here.
Back in the early days of this design, someone designated drone-originated video as unclassified. Otherwise there’s no way in hell it would be unencrypted.
This isn’t an oversight – there’s guaranteed a loooong paper trail going back to a conscious decision regarding the classification level of the drone video here, and following conscious decisions regarding the design.
If you use encryption in a military system that is not NSA Type 1 approved, there’s a LOT of paperwork required to prove that your encryption is not being used to protect classified information.
Type 1 approved crypto is a royal pain in the ass. – http://en.wikipedia.org/wiki/Type_1_encryption [wikipedia.org]
It often proves significantly easier in terms of cost and paperwork to not encrypt than to prove that your encryption isn’t being used to protect classified information. Security guys ask, “If it’s unclassified, why are you encrypting it?”, with “It’s good design practice.” resulting in massive beancounter agro.”
> Why weren’t drone communications encrypted in the first place?
I would put my money on a very high degree of sheer, dumbfoundingly overwhelming incompetence.
> To answer your last question; it’s more expensive and not as reliable a signal.
ANNNK. Sorry, sir, as someone with 30 years of experience in the computer industry, it’s a matter of cheap electronics to do fairly simple encryption and there are ample means for dealing with “reliability” in the field of error correction.
To make it really, really secure, sure — it might not be worth doing. But the real fact is that these electronics in the drones have been there for over 20 years, and probably, if not rather blatantly, haven’t been upgraded as they should have.
The enemy — no matter who they are — is not a fixed value. They are updating their abilities just the same as we are. The electronics in these things should have been set for an encrypted upgrade sometime in the early part of the last decade, pure and simple, since cheap median-level encryption electronics and software (search “public key encryption”) have both been available for at least that long.
> a pure oxygen environment on the launch pad is easier and cheaper than a nitrogen-oxygen environment and
Right idea, wrong element. Oxy-Helium was the environment being excluded for cost reasons. Nitrogen has its own problems as an environment in a de/pressurized space.
> What I can’t see, though, is the military saying “no encryption” at all. That surprises me, completely. I don’t understand that at all. Light encryption, and maybe some other attempts to make things difficult. Not this Anyone-can-Watch silliness. I don’t get that at all.
Precisely. There are cheap techniques which can make the signal sufficiently unreadable by the tech available (or even predictably available 20 years ago) which make real-time access useless. And for something like a drone, that’s probably sufficient. Who cares about what a drone saw five days ago on THEIR side? That might be useful for our intel, I don’t think theirs is likely to use that knowledge.
> If you use encryption in a military system that is not NSA Type 1 approved, there’s a LOT of paperwork required to prove that your encryption is not being used to protect classified information.
Ah, the brilliance of “one size fits all” rules…
As long as you Follow The Rules, common sense isn’t needed…
:-/