How To Hack a Military Drone

System-Aware-Secure-Sentinel.jpg

Recently published research has given hackers a manual for breaking into unmanned systems, according to an Israeli defense company. 
A downing of a CIA stealth drone by Iranians occurred a month after one such paper was published (entitled - The Requirements for Successful GPS Spoofing Attacks) noted Esti Peshin, director of cyber programs for Israel Aerospace Industries, a major defense contractor. In December 2011, the Christian Science Monitor reported that Iran navigated a CIA unmanned aerial vehicle safely down to the ground by manipulating the aircraft’s GPS coordinates. 
The 2011 study, co-authored by Nils Ole Tippenhauer of ETH Zurich and other ETH and University of California academics, detailed how to mimic GPS signals to fool GPS receivers that aid navigation. “It’s a PDF file… essentially, a blueprint for hackers,” Peshin said.
Peshin said she does not know whether the CIA drone was overtaken using GPS spoofing or even whether the attacker read the study. But she underscored how easily available the publication is online.  
In the study, the researchers explained where an attacker must be located to generate fake signals capable of fooling GPS receivers. They also described ways to replace legitimate signals with an attacker’s bogus signals, so the target ends up ”losing the ability to calculate its position.” 
The authors of the Swiss study offered some advice on how to neutralize GPS deception, for instance, by hiding the exact positions of GPS receivers. Their intention was not to aid and abet terrorists, but rather to highlight “effective receiver-based countermeasures, which are not implemented yet in current standard GPS receivers,” the researchers said.
While the academics did not mean any harm, hackers could have quickly exploited their instructions before vendors had time to fortify satellite-guided vehicles, Peshin said. 
The Pentagon is currently working to insulate UAV navigation and surveillance from outside interference. Specifically, special software on a forthcoming hacker-proof Boeing Little Bird helicopter drone would shield communications from tampering. 
DefenseOne: http://bit.ly/1IvdbzW

« Will Cyber Insurance Providers Reward Good Security?
US Is Still the Biggest Source of Surging Malware Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ID-SIRTII/CC

ID-SIRTII/CC

Security Incident Response Team for Internet Infrastructure in Indonesia.

Crossmatch

Crossmatch

Crossmatch is a world leader in risk-based composite authentication and biometric identity management.

Perception Point

Perception Point

Perception Point is a Prevention-as-a-Service company, built to enable digital transformation. Our platform offers 360-degree protection against any type of content-based attack.

Segusoft

Segusoft

With its encryption platform SEGULINK, Segusoft provides standard software for companies to securely transfer files and messages.

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

CARICERT

CARICERT

CARICERT is the National Cyber Emergency Response Team of Curacao in the Caribbean.

Clari5

Clari5

Clari5 redefines real-time, cross channel banking Enterprise Fraud Management using a central nervous system approach to fight financial crime.

Brighter AI

Brighter AI

Brighter AI empowers companies to use publicly-recorded camera data for analytics & AI while being compliant with increasing data privacy regulations worldwide.

DigiByte (DGB)

DigiByte (DGB)

DigiByte (DGB) is a rapidly growing global blockchain with a focus on cybersecurity for digital payments & decentralized applications.

DisruptOps

DisruptOps

Built for today’s cloud-scale enterprises, DisruptOps’ Cloud Detection and Response platform automates assessment and remediation procedures of critical cloud security issues.

Air IT

Air IT

Air IT are a responsive, client-focused and award-winning Managed Service Provider, helping clients achieve success and transformation through their IT and communications.

Scybers

Scybers

Scybers are a global cybersecurity advisory and managed services company. With our deep expertise, we help our clients reduce their cyber risks with confidence.

Trustaira

Trustaira

Trustaira is the first deep tech solution and service company in Bangladesh.

Orbis Cyber Security

Orbis Cyber Security

Orbis is one of the leading cybersecurity company in USA. Our cybersecurity specialist defends your data, combat threat, and modernize your compliance.

ImagineX Consulting

ImagineX Consulting

ImagineX Consulting is a cybersecurity-focused boutique technology consultancy whose mission is to help our clients #BeBetter by reducing their corporate risk.

Radiant Security

Radiant Security

Radiant Security offers an AI-powered security co-pilot for Security Operations Centers (SOCs). Reinforce your SOC with an AI assistant.