backtop


Print 116 comment(s) - last by jimhsu.. on Dec 22 at 10:16 PM

Officials say there is no evidence that flight control systems were compromised

The U.S. military makes heavy use of UAVs in many areas of the world for reconnaissance duties. The UAV is widely used in Iraq and Afghanistan as well as in Somalia and other locations. The drones are used to track and sometimes attack targets when needed.

The Wall Street Journal reports that enemy insurgents have been able to use a commonly available piece of software to intercept the unencrypted feeds that the drone uses between the aircraft and ground control. The software used by the insurgents to capture the video feeds was a $26 app available online called Sky Grabber.

One of the developers of the Sky Grabber software told the WSJ in an email, "It [Sky Grabber] was developed to intercept music, photos, video, programs and other content that other users download from the internet -- no military data or other commercial data, only free legal content."

The military claims that there is no indication that he insurgents were able to take control of the drones or interfere with their flight in any way. However, some fear that the ability to capture the live video feeds will allow the insurgents to track the position of the drones to better avoid attack and surveillance. The big fear is that intercepted feeds could be used to discover allied troop surprise attacks and lead to the death of allied soldiers.

The interception of the video feeds from the aircraft was apparently not a onetime occurrence. In the summer of 2009, the WSJ reports that the military found "days and days and hours and hours of proof" that the video feeds were being intercepted on a laptop that was recovered from a Shiite militant.

A defense official James Clapper was asked to assess the interception of the feeds and concluded, "There did appear to be vulnerability. There's been no harm done to troops or missions compromised as a result of it, but there's an issue that we can take care of and we're doing so."

The military is working on encrypting all feeds from its drone aircraft, but adding encryption to the feeds requires not only updates be added to the drones, but updates to the control systems on the ground as well. The U.S. first learned of the flaw in unencrypted drone feeds in Bosnia during the 1990s, but the Pentagon assumed that the insurgents wouldn't know how to exploit the vulnerability.

While the evidence of feeds found was most prolific in Iraq, there is evidence that the feeds have been intercepted in Afghanistan as well. "There was evidence this was not a one-time deal," said a person close to the matter.

Fixing the security gap in the drones during the program development would have added delays according to former security officials and would have added to the cost of the drones. Even the new generation of drones called Reaper have feeds that are unencrypted.

It's unclear whether the successor to the Reaper called the Avenger will suffer from the same issue with unencrypted security feeds.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: **Shakes head**
By drycrust3 on 12/18/2009 1:29:27 AM , Rating: 3
If you think about it, just because there is no evidence that the enemy aren't actually intercepting the live broadcast feed doesn't mean they aren't, nor does it mean they aren't using the information. All it means is you haven't got any evidence to suggest a link.
If you look at what the British did in WW2, basically once you were "in" on the Ultra secret, you weren't allowed out. So, if the insurgents were using the information, and the believed it was very valuable, then it makes sense that no hint of it would reach the Americans because those in the know simply wouldn't be allowed to be involved in any activity that had the slightest chance of them ending up in an American jail.
In addition, one of the ways used to crack the Enigma code was to take a message that wasn't encrypted or used a low level encryption and to use that as a means to crack the code for that day.


“Then they pop up and say ‘Hello, surprise! Give us your money or we will shut you down!' Screw them. Seriously, screw them. You can quote me on that.” -- Newegg Chief Legal Officer Lee Cheng referencing patent trolls

Related Articles
Air Force Debuts New Jet-powered UAV
April 29, 2009, 12:00 PM













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki