Slashdot Mirror
New Attack Can Seize Control of Drones
A new radio transmitter "seizes complete control of nearby drones as they're in mid-flight," reports Ars Technica:
From then on, the drones are under the full control of the person with the hijacking device. The remote control in the possession of the original operator experiences a loss of all functions, including steering, acceleration, and altitude... Besides hijacking a drone, the device provides a digital fingerprint that's unique to each craft. The fingerprint can be used to identify trusted drones from unfriendly ones and potentially to provide forensic evidence for use in criminal or civil court cases...
Hijacks could allow law-enforcement officers to safely seize control of vulnerable drones that are endangering or interfering with first responders. The hacks could also provide ordinary citizens with a less-draconian way of disabling a drone they believe is impinging on their property or privacy... A patchwork of federal and state laws makes it unclear if even local authorities have the legal authority to shoot or hack an aircraft out of the sky.
XKCD once proposed solving the problem with butterfly nets, but instead this new attack is exploiting unencrypted DSMx radio signals.
Hijacks could allow law-enforcement officers to safely seize control of vulnerable drones that are endangering or interfering with first responders. The hacks could also provide ordinary citizens with a less-draconian way of disabling a drone they believe is impinging on their property or privacy... A patchwork of federal and state laws makes it unclear if even local authorities have the legal authority to shoot or hack an aircraft out of the sky.
XKCD once proposed solving the problem with butterfly nets, but instead this new attack is exploiting unencrypted DSMx radio signals.
If they use the same protocol.
This is not a magic hack that lets you take over ANY drone; somebody figured out the frequency hopping sequence and OTA protocol for a common protocol used in toy drones. This is going to allow you to take overjust those toys, not MQ-9 Reapers. And somewhere between the tricky but doable hack of a toy spread-spectrum based protocol and the military grade encryption used in the Reapers' ARC-210 transceiver there is probably an economical level of protection that is good enough for police use.
My brother-in-law was asking about the Dyn DDOS attack last week; he wanted to know why the devices used to launch the attack weren't secure. The answer is simple: because they're sold to people who wouldn't pay $0.05 more for a secure device. So it follows that some police departments will use hobby drones and those will certainly get hacked.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.