By now you probably want to know more about the drone issue, well what happened was that a group of researchers on a $1,000 dare from the US Department of Homeland security showed that by spoofing the information sent to the drones GPS they can control it in a limited way. It is also reported that this type of attack might also have been used in bringing down a US drone in Iran.
The funny part (in a darkly funny way) is that the drones are using an unencrypted GPS signal. Yes that is right they are using commercial GPS for their navigation and location awareness. That means that just about anyone with some technical skill can bring one of these down by sending the wrong information to the drones GPS (now those Google and Apple drones are look more dangerous aren’t they?)
There is more to this though as the researchers say that even using encrypted GPS is not enough. That system has its own vulnerabilities and can be cracked into. This means that almost all drones in service right now are vulnerable to having their GPS spoofed. This potentially turns them into weapons for the “bad guys” as they can be redirected to crash into a particular target simply by sending incorrect signals to the drones GPS. This will cause the drone (or the pilot flying it) to course correct because it thinks it is in the wrong place. By using very careful spoofed data you can actually fly the drone into another target (Drones also get altitude information from GPS in addition to other more traditional gauges).
We wonder how the military contractors that are building these will react. We are sure that a statement explaining how they did not anticipate this will be coming out soon. However, when building something secure you really do need to look at every potential axis for attack.
Discuss this in our Forum