Blogs

Some High-End Police Drones Can Be Hacked Using $40 Kits

Posted by Olivier on March 4, 2016 at 1:23pm

3689683436?profile=original

Affected drones can't be patched, researcher says

Mar 4, 2016 14:34 GMT  ·  By Catalin Cimpanu

At this year's RSA security conference in San Francisco, Dutch security researcher Nils Rodday, currently working for IBM, has revealed a method of hacking high-end drones using cheap custom-built hacking kits that cost around $40 (€36.5).

Rodday conducted his research in this field as a student at the University of Twente in Holland, when a UAV (Unmanned Air Vehicle) manufacturer approached the university to have its products tested.

The UAVs that Rodday got to play with weren't your run-of-the-mill drones, but actual high-end quadcopters sold to police forces, fire departments, and government agencies, for prices ranging from $35,000 to $40,000 (€32,000 to €36,500).

Full article here ...

Also  this Wired magazine article:

---------------

Some  over sensationalism and old news, in my opinion, given most telemetry protocols so far have not been designed to be secure in the first place. (e.g. HopeRF radios, Mavlink). So sort of like announcing that some  houses with no door locks can be broken into: 1. Locate a door. 2: Push open the door. That said it appears there was at least Wifi WEP at play here, along with Xbees ...

Also a  bit difficult to  understand how that  "police drone"  could have been sold for $30,000-$35,000. Looks like run of the mill,  Tarot type frame, motors, etc ... X8, $2,000 or so at most?

Eagerly anticipating the great work being done on Mavlink2 at DroneCode!

E-mail me when people leave their comments –
Follow

You need to be a member of diydrones to add comments!

Join diydrones

Comments

  • David Drysdale March 7, 2016 at 6:09am

    Even more shocking with extensive research I have determined you can break into some  fire trucks and police cars. Apparently the locks are easy to break and sometimes aren't even engaged. Everyone feel free to  panic now.

  • technicus acityone March 6, 2016 at 10:01pm

    Hmmm...

    "Rodday found that the UAV he studied has two serious security oversights: First, the Wi-Fi connection between its telemetry module and a user’s tablet uses weak “WEP” or “wired-equivalent privacy” encryption, a protocol long known to be crackable in seconds. That would allow any attacker in Wi-Fi range to break into that connection and send a so-called “deauth” command that kicks the drone’s owner off the network."

    breack telemetry flow as drone control way? lol =)))))))

    Breaking WEP in Under a Minute - Schneier on Security
  • Jon March 6, 2016 at 4:51pm

    Anyone who spent 35k on a drone with Xbee got ripped off. 

  • Rob_Lefebvre March 5, 2016 at 9:30am

    Headline:  "Robbers discover it's easy to break into houses with unlocked doors.  Details within!"

  • Greg Nuspel March 5, 2016 at 5:03am

    Remember a lot of "high end" drones are consumer drones wrapped in the emperor's new clothes.

This reply was deleted.