The Wall Street Journal reports that enemy
insurgents have been able to use a commonly available piece of
software to intercept
the unencrypted feeds that the drone uses between the aircraft
and ground control. The software used by the insurgents to capture
the video feeds was a $26 app available online called Sky
One of the developers of the Sky Grabber software
told the WSJ in an email, "It [Sky Grabber] was developed
to intercept music, photos, video, programs and other content that
other users download from the internet -- no military data or other
commercial data, only free legal content."
claims that there is no indication that he insurgents were able to
take control of the drones or interfere with their flight in any way.
However, some fear that the ability to capture the live video feeds
will allow the insurgents to track the position of the drones to
better avoid attack and surveillance. The big fear is that
intercepted feeds could be used to discover allied troop surprise
attacks and lead to the death of allied soldiers.
interception of the video feeds from the aircraft was apparently not
a onetime occurrence. In the summer of 2009, the WSJ reports
that the military found "days and days and hours and hours of
proof" that the video feeds were being intercepted on a laptop
that was recovered from a Shiite militant.
A defense official
James Clapper was asked to assess the interception of the feeds and
concluded, "There did appear to be vulnerability. There's been
no harm done to troops or missions compromised as a result of it, but
there's an issue that we can take care of and we're doing so."
military is working on encrypting all feeds from its drone aircraft,
but adding encryption to the feeds requires not only updates be added
to the drones, but updates to the control systems on the ground as
well. The U.S. first learned of the flaw in unencrypted
drone feeds in Bosnia during the 1990s, but the Pentagon assumed that the
insurgents wouldn't know how to exploit the vulnerability.
the evidence of feeds found was most prolific in Iraq, there is
evidence that the feeds have been intercepted in Afghanistan as well.
"There was evidence this was not a one-time deal," said a
person close to the matter.
Fixing the security gap in the
drones during the program development would have added delays
according to former security officials and would have added to the
cost of the drones. Even the new generation of drones called Reaper
have feeds that are unencrypted.
It's unclear whether the successor to
the Reaper called the Avenger
will suffer from the same issue with unencrypted security feeds.
quote: Shouldn't the contractor be responsible to retrofit?
quote: Exactly. The contractors get requirements and must build to match them. Simple as that. Someone probably said encryption would cost an additional $1 million in development or something and somebody in the govt said to scrap it.