In what we can only hope are unrelated news stories, Wired Magazine is reporting a virus infestation of Reaper and Predator ground control systems, and sUAS News is reporting the crash of a Reaper UAV in a training accident on friday.
As an information security professional, dealing with Malware is a topic I can speak about with some authority. Well-meaning techies will, no doubt, raise all the same talking points, "why are we running critical ground control systems on Windows?" "How did this virus get onto classified systems?" "If they were running OSX/Linux/OpenBSD, they would not have this problem!"
Let's address these general statements once so that we can talk about what is important here for commercial and hobbyist UAV operators. Yes, malware creators tend to target Windows more than other platforms, for a number of reasons, and yes, not running Windows for critical (if not all) computer tasks is a common strategy used by many information security professionals and amateurs alike to limit the impact of malware on their daily lives. However, malware is a fact of life in computing systems, and the stuff you know about, or detect on your computer with antivirus software, is childsplay compared the current generation of commercial and military grade goods.
Some Useless Talk
Typical malware discussions deal with personal identifying information theft, credential harvesting, and stealthed online banking wire transfer. They involve that other form of high-tech "drone", the millions of zombie PCs, controlled with a different form of CnC server than we use to cut our quadcopter plates. These are used to knock Websites and networks off line as part of political statements or as part of a poorly-reported, fifteen year history of extortion schemes committed by individuals and highly organized criminal enterprises alike.
I do not want to talk about any of that today. Keeping your financial data and health records private is not of any direct interest to the UAV community. Furthermore, this community is organized around a principle of sharing, with open source code and hardware, so there isn't really any value in deploying malware to "steal" our UAV technologies. Some of you develop and sell commercial products, but you can look out for your business interests like everyone else, by hiring someone like me to take care of it.
What I would like to reflect upon here is the one area of the traditional security "CIA" model - that is "Confidentiality, Integrity, and Availability" - that most concerns the hobbyist UAV builder/operator, availability.
Is this Cyber Stuff Really a Problem?
There is no information to suggest that the viruses and key loggers mentioned by Wired Magazine caused a crash of the UAVs in question. The crash on Friday of a Reaper in a training accident did not need to be helped by malware. UAVs crash just fine on their own, or with operator assistance. However, there is ample reason to be concerned. Consider the Telegraph report of the grounding of French Fighter Jets, the ultra-high tech Navy vessel crippled during early sea trials by a virus in the early part of the last decade, and, far more tragic, the 2008 crash of Spanair flight 5022, in which malware played a significant role, that killed 154 people. Make no mistake, this is not a Hollywood script, it is increasingly a very really, very serious business. Even if certain companies (I'm looking at you, Adobe) do not get it.
With thousands of dollars and thousands of hours invested in our UAVs, even if they are not putting lives on the line, we each have a vested interest in keeping our ground control systems fully functional.
No Malicious Intent
In fact, malware need not even be involved. A month ago, I was using Mission Planner to assist with a backyard flight test when, without warning, Windows "discovered" a new device, and installed a mouse driver ... in place of my FTDI driver. Two hours and twelve attempts to reload the FTDI driver failed before I pulled out my secret weapon, a move I should have used from the start. But I am getting ahead of myself.
The Every Man
So what can an operator do? If patching, removing Adobe products from our computers, using an alternative browser, and running current antivirus is not enough (and it is not, but it is a good start) and if we use Windows because the excellent Mission Planner was written for Windows, how can anyone expect to be certain of a clean, functional ground control system without a professional hacker helping out?
A Simple Answer
Virtualize. Using technologies like VMWare, Paralleles, and Virtual PC, you can keep a minimal operating system of your choice, Linux, Mac OSX, even Windows, to control the hardware on your laptop. If possible, avoid using it to surf the Web, manage your finances, or watch online videos in flash about Chinese UAV competitions. Maybe you prefer a Mac, but cannot live without Michael Obornes wonderful Mission Planner. Install Parallels and run Windows in a window. Load all the software you need, patch up, fight with the FTDI drives once, and then make a "snapshot". If your virtualized ground control system experiences a failure for any reason, a virus, spyware, or a driver conflict, you can "roll back" in 20-30 seconds to a known-good configuration.
Here is a tip for advanced users: remap your Mission Planner "logs" directory to a shared directory with your host operating system; keep a copy of the latest MP, FTDI drivers, and perhaps your Arduino code directory in another shared directory.
From time to time, burn a DVD of the latest snapshot of your virtual ground station and keep it with your Parallels (VMware, Virtual PC, etc) install software. When you decide to upgrade your PC hardware, when your five year old son uses his milk to "wash" your keyboard, when that Adobe PDF file demonstrates the classic Odysseus stratagem, when your OS decides FTDI means "Forget This Driver Immediately," or when your beautiful Macbook Air fails to live up to its name after it is propelled off your table at 4 meters a second by a 170lb human dodging the angry blades of an unintentionally attacking quadcopter .. well, you'll be glad you did.
Even if your computer is completely destroyed while you are visiting your uncle's family in North Dakota, 300 miles from the nearest Best Buy and 2 hours drive from the nearest Internet connection, you can keep on flying ... just borrow cousin Jimmy's MacBook, install Parallels (if he isn't already using it) and you'll be flying again in about ten minutes.