Hacker Releases Software to Hijack Commercial Drones

3689562314?profile=original

I have some real concerns about this article.  Although this article talks about commercial hijacking, I feel this could very well happen to me and other hobbyists.  And what can DIY Drones help develop to reduce this probability?

http://defensetech.org/2013/12/09/hacker-releases-software-to-hijack-commercial-drones/?comp=1198882887570&rank=4

 

 

E-mail me when people leave their comments –

You need to be a member of diydrones to add comments!

Join diydrones

Comments

  • minor flaw i found in the AR drone is when the Transmission signal from your controller device  whether its a smartphone tablet or laptop gets weak the drone will lock out until it can recover that signal again , if you clone the mac address of a another device it will attempt to connect to that new devices in a sense you just transfer command from one device to another.

    to replicate that on an RC RX and TX would require the secondary TX to replicate the signal codes coming from the original transmitter. ....Kinda like a relay game as the drone pass from one ground station to another.

  • Oliver - I am generally one who has faith that sanity will prevail and I know that, for the vast majority of us, this is a non issue.  Nor am I personally the least bit worried about ever running into someone so opposed to aerial vehicles to want to 'bring one down', or try to steal one.

    But I do ponder the above questions in general sense, as I can certainly think of a few applications where the use of an sUAS might be a point of contention, from both sides of the coin - for example:

    1. Mining Companies/Corporations might wish to establish an enforceable no fly zone above open pit mine sites, preventing Civilians/Activists from obtaining (whether it be legally, or otherwise) evidence of potential environmental mismanagement.

    2. Farmers might wish to establish an enforceable no fly zone above their farms, preventing Civilians/Activists from obtaining (whether it be legally, or otherwise) evidence of potentially sub-standard treatment of livestock.

    3. Drug growers and/or smugglers, in an effort to combat the increasing effectiveness of sUAS use to detect their illegal activities, might wish to be able to bring down any sUAS that comes within range before it has a chance to do it's job and/or return to base.

    4. Poachers, in an effort to combat the increasing effectiveness of sUAS use to detect their illegal activities, wish to be able to bring down any sUAS that comes within range before it has a chance to do their job and/or return to base.

  • @Quadzimodo

    Fear, fear, fear! Again: There is no profit in shooting down UAVs either electronically or with the old 12-guage. There are also no bragging rights, as exercising those will land the perp in jail. No new legislation is needed, an e-attack on a UAV in the air would involve a whole pile of crimes already.   And while some people may not like domestic UAVs much, very, very few people are particularly passionate about it (notwithstanding the hypocritical loon E. Schmidt). There are 300+ million people in this country. Stop worrying about the (maybe) two dozen of them who are crazy enough and competent enough (and are willing to go to jail) to be a threat to a quad. It is the very least reason you will ever crash.

  • Gary, no worries! I was simply drawing a conclusion from your comment that I think many of us potentially should - that sUAS safety and, by extension, the safe creation and passage of healthy and sane legislation by which sUAS may be allowed to share the skies at some point, pretty much starts with us.  I know you were not referencing my early mishaps, I was just channeling MJ  - when it comes to sUAS safety, the best place to point the finger is at the "Man in the Mirror".

    On the topic of building in redundancies to address serious concerns like GPS spoofing, what options are available to us?  And how much of a risk are we talking?  Are their any obvious opportunities for redundancy to be found in things like use of radar for close proximity and something like Terrestrial Guidance for long range? Seems likely that, as Thomas says, these are indeed weak points which are going to have a big impact on the ability to secure relevant insurance cover, and the cost of relevant premiums.

    Also, how easy is it to build devices capable of disrupting critical functions associated with our sUAS systems, such as the GPS and datalink?  I know that disrupting an FPV feed would be easy as anything, and this alone could lead to loss of effective control in some instances.  Is it reasonable to assume that one day (possibly even soon) that every drone hating nutcase and his dog will be able to purchase a pocket sized device capable of inducing a malfunction of some measure? Whether it be by bluntly blinding it, cleverly inducing failsafe/RTL, or perhaps sending contradicting commands by more sophisticated means?  It seems plausible that someone might see a market for such devices, and may actually find one - whether it be via ebay or otherwise. 

    Honestly, how much would it really cost to build a little handheld gun shaped device, sorta like a speedgun or IR temp gun, which throws a heap of noise in the range of targeted centre frequencies - simultaneously? (I assume that is how a jammer works) Perhaps via a of a crude Matrryoshka doll style array of highly directional helical elements (just point and shoot). I hope it is not so easy. And, if it is, perhaps there needs to be legislation put in place to prevent this from ever becoming an issue (kinda like how all lasers above a certain mW rating are banned in many countries unless for commercial purposes - for obvious reasons).

  • All of a sudden it's big scary news when some kid hacks (to use that word very loosely) into a toy's unsecured WiFi? I own a Parrot,which looks nice on the wall where it properly spends most of its time. If I'm flying it and someone were to hijack it, I would simply look around to see who it is, as they would be very, very nearby. Ridiculous.

    So right away yet another feeble publicity stunt has everyone speculating wildly, this time on the Big Bad Wolf snatching our real UAVs out of the sky. Maybe that's possible in theory, and it might even happen in the wild  someday, but it clearly won't be really easy or cheap anytime soon.There would also be a bunch of lawbreaking involved. The question is, why would anyone bother? They're not going to steal the UAV, it's simply going to end up crashing, So that leaves random vandals of the sort who flash cockpits with lasers and could never figure out how to run anything having more than one switch or trigger, and maybe a lone nutcake in Deer Park whose idea of hi-tech is a semi-auto 12 gauge. I'm sure not going to lose any sleep over these guys.

  • Moderator

    Oh sorry I did not mean to have a pop, I think its more of a reality than spoofing or hacking. I have had fly aways  and its never been much to document as its always been a mistake I have made!!! Normally resulting in walk a long ways. There has already been a GPS spoofing fatality http://www.suasnews.com/2012/05/15515/ 

  • Hey Gary - The wisdom you speak in your last comment could potentially be taken as a personal dig (or point of reflection) by just about any one of us. As I don't imagine that I am the only one who has openly documented a flyaway on this site.

  • Moderator

    I would worry more about badly setup airframes causing flyaways than anyone trying to steal a foamie. 

  • Bill - Sadly, I wholeheartedly agree with you.
    Jamie - You hit the nail on the head I reckon. If the US are unable to prevent 'rogue' nations from apparently hijacking and successfully landing a top shelf military drone containing billions of dollars worth of development secrets, then what me worry about some bloke who can connect a few ardrones in his basement.
    All - While on the topic of the RQ-170 incident on December 4th, 2011... I think the Iranians were reported to have finished decoding it back in September, earlier this year. You never know, we might find it all up on github sometime soon.
  • I stumbled across this story a few days ago and decided not to post this because I had a bad feeling it could be a publicity stunt but maybe its better people are informed just incase this is a real issue.

This reply was deleted.