United States military and intelligence agencies are increasingly relying on unmanned aerial vehicles but these military drones have long been an attractive target for hackers. And lately, it seems as though the hackers are gaining entrance more easily. How is this possible?
In 2011 a CIA drone was captured by Iranian hackers who managed to force the drone to land inside hostile territory so they could seize it and reverse-engineer its technology. A group of University of Texas at Austin students discovered how to hack and take control of Homeland Security drones used to patrol the U.S./Mexico border. The students tried to inform the USDHS, but were initially met with resistance until they arranged a demonstration. Both of these groups managed to scramble the drone’s GPS signals and feed it false location data to make it think it was somewhere it wasn’t.
With self-driving vehicles (which are really land-based drones) on the horizon and the FBI warning terrorists could use them to deliver car bombs in the future, these vulnerabilities have the potential for major disasters. Some cars are already vulnerable to hacking attacks. In 2010 researchers from the University of California and University of Washington demonstrated they could hack into a vehicle and disable the brakes.
Even if a hacked drone isn’t captured, tapping into its camera feed could give enemy forces tactical advantages. In 2009 Iraqi militants were able to intercept drone footage, giving them insight into information available to military intelligence.
The problem is by their nature drones are remote-controlled and rely on wireless signals from outside. The programming languages used to write software for most military drones were not created specifically for the military. They have known vulnerabilities which makes the software easier for hackers and engineers to crack. There are even “how-to” manuals for drone hackers freely available online.
Most of the information originally came from NATO research and studies. One of these studies was published just a month before the Iranian drone hijacking and could have played a part in the attack. It’s also not difficult to get the hardware and software necessary. The students were able to build their hijacking device for under $1,000. The Iraqi hackers used Russian software that’s normally used to steal satellite TV and available for just $26.
The United States Department of Defense is trying to counter these vulnerabilities by developing a new “unhackable” programming language from scratch. The new language is named Ivory and is expected to go into production on the Boeing Little Bird H-6U helicopter drone by the end of 2017. A test flight for the new software using a Little Bird is scheduled for this summer.