How Terrorists Are Turning Robots Into Weapons

predator-system.gif

Terrorists and college kids already have hacked into government drones. It's time to rethink security with the rise of robotics. 
Their missions varied from intelligence collection to “kinetic operations against high value targets” such as launching Hellfire missiles against insurgents.  The drone pilots remotely carrying out these operations seven thousand miles away in the Nevada desert intently watched live video feeds of their targets as they navigated their UAVs in pursuit of their quarry. As it turns out, they weren’t the only ones watching.
Shia militants had figured out a way to hack the American flying robotic fleet and capture its live video feeds. Using a $26 piece of Russian hacker software known as SkyGrabber, commonly sold in the digital underground to steal satellite television signals, the insurgents were able to intercept the video footage emanating from the classified Predator drones. Thus as the Americans were watching the insurgents, the insurgents were watching back, providing them with a tactical advantage and vital intelligence on coalition targets. If the militants saw their house coming into close video focus, they knew it was definitely time to rapidly consider alternative housing options.
The students carried out their attack by successfully spoofing the drone’s GPS and changing its coordinates, all using hardware and software they had built at school for under $1,000. 
Unsurprisingly, others have taken notice, including the Iranians, who successfully used the same technique to jam the communication links of an American RQ-170 Sentinel drone overflying their country, forcing it into autopilot mode. The drone followed its programming and returned to base in Afghanistan, or so it thought. In reality, the Iranians had successfully spoofed the UAV’s GPS signals, flying the robotic soldier right into the hands of the Islamic Revolutionary Guard Corps. The capture of the drone and its classified technology was a significant intelligence coup for the Iranians and provided yet further evidence that the day of robo-hacking has arrived.
But in this day and age, we not only have to worry about drones themselves being hacked. Terrorists are turning to robots as weapons, and they aren’t limited to consumer-grade UAVs with small payloads. In both Iraq and Afghanistan, terrorists have deployed VBIEDs  (vehicle-borne improvised explosive devices), commonly known as car bombs, to destroy multiple buildings and rock entire neighborhoods, with some vehicles’ containing up to seven thousand-pounds of explosives. 
Importantly, the rise of the criminal UAV is also completely incompatible with our current security paradigms. Prisons use tall, sharp, often electric fences to isolate criminals for reasons of public safety, a system that worked relatively well for hundreds of years. But our security and defense mechanisms were meant to protect us from offending human criminals, not robotic ones. 
It’s time to rethink that since drones can circumvent not only prison fences but, any fence, including those protecting your backyard, office building, or even national borders. In other words, the cyber threat is morphing from a purely virtual problem into a physical world danger.
DefenseOne: http://bit.ly/1JbRdQg

 

« IBM Watson is 'Moonshot' in Healthcare
Largest U.S. Data Breaches in the Last 10 Years »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Indelible Data

Indelible Data

Indelible Data is an established information security and technology consultancy and a Cyber Essentials Certification Body.

European Cybercrime Training and Education Group (ECTEG)

European Cybercrime Training and Education Group (ECTEG)

The primary aim of ECTEG is to enhance the coordination of cybercrime training, by identifying opportunities to build the capacity of countries to combat cybercrime

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

Wilson Sonsini Goodrich & Rosati (WSGR)

Wilson Sonsini Goodrich & Rosati (WSGR)

WSGR is the premier provider of legal services to technology, life sciences, and growth enterprises worldwide. Practice areas include cybersecurity and data protection.

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium was created to encourage use-inspired research, training and technology awareness in cybersecurity.

InfoWatch

InfoWatch

InfoWatch solutions allow you to protect data and information assets that are critically important to your business.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

InnoSec

InnoSec

InnoSec is a software manufacturer of cyber risk management technology.

SANS CyberStart

SANS CyberStart

SANS CyberStart is a unique and innovative suite of tools and games designed to introduce children and young adults to the field of cyber security.

Red Snapper Recruitment

Red Snapper Recruitment

Red Snapper Recruitment is a market leading staffing services provider to the law enforcement, cyber security, offender supervision and regulatory services markets.

Fortalice

Fortalice

Fortalice provide customizable consulting services built on proven methodology to strengthen your business cyber security defenses.

boxxe

boxxe

boxxe create flexible IT infrastructures, collaborative global workspaces and data clarity, all underpinned by world-leading security.

Qrypt

Qrypt

Qrypt has developed the only cryptographic solution capable of securing information indefinitely with mathematical proof as evidence.

Palitronica

Palitronica

Palitronica build cutting-edge hardware and breakthrough software that revolutionizes how we defend critical infrastructure and key resources.

Neosoft

Neosoft

Néosoft is an independent digital transformation consulting group with expertise in Consulting & Agility, Cybersecurity, Data, DevOps, Infrastructure & Cloud and Software Engineering.

Graphiant

Graphiant

Graphiant’s Data Assurance service gives businesses end-to-end control and visibility into how data travels throughout the entire business network.