Great news: Iranian-backed terrorists hacked US drone video feeds

posted at 2:30 pm on December 17, 2009 by Ed Morrissey

Skygrabber software, downloadable from the Internet — $25.95.  Laptop computer with wireless Internet connection — $500.  Ability to hack into US defense systems and see Predator drones heading toward locations of your terrorist comrades — priceless:

Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter.

U.S. officials say there is no evidence that militants were able to take control of the drones or otherwise interfere with their flights. Still, the intercepts could give America’s enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under U.S. surveillance.

The drone intercepts mark the emergence of a shadow cyber war within the U.S.-led conflicts overseas. They also point to a potentially serious vulnerability in Washington’s growing network of unmanned drones, which have become the American weapon of choice in both Afghanistan and Pakistan.

Gee, you think?  Don’t get me wrong; I’m no military genius or anything, but it seems to me that one particular task at the Pentagon should be to make sure that our enemies don’t have real-time access to our Predator video feeds.  We’ve used encrypted and frequency-hopping communications systems for decades now.  No one thought to apply that technology to drone communications?

Apparently, it just wasn’t a priority:

The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn’t know how to exploit it, the officials said.

You have got to be kidding me.  When I worked in the corporate world, I had responsibility for a sensitive computer system that required industry certification as secure.  It cost us a lot of money to make it that way, and we had to follow very restrictive specifications on communications to ensure as much security as possible.   We never just assumed that people wouldn’t discover holes in our paths, as our customers expected their data to remain confidential.

Hopefully, the Pentagon takes this task a little more seriously.  When a $26 software package can counteract the effectiveness of multimillion-dollar military equipment simply because it took fourteen years for anyone to fix a gaping hole in its security, it’s not difficult to see why terrorists think they can outwit the US and the West.


Related Posts:

Breaking on Hot Air

Blowback

Note from Hot Air management: This section is for comments from Hot Air's community of registered readers. Please don't assume that Hot Air management agrees with or otherwise endorses any particular comment just because we let it stand. A reminder: Anyone who fails to comply with our terms of use may lose their posting privilege.

Trackbacks/Pings

Trackback URL

Comments

Comment pages: 1 2

Nothing like watching on TV as your *ss gets blown to bits…
The Grim Reaper flys at 400 mph, the hellfire missile at 950mph…so if the drone is 30 miles away, and you know that, you have about 2 minutes to figure that out and clear out.

You have to identify the threat, contact the people in threat, tell them to clear out…all in less then 2 minutes.

Problem, yeah eventually, but I would bet they would see the cockroaches scurrying from their lairs and become easier targets.
Now if they could flash a phony feed, and it looked like the drone was heading in the wrong direction….

right2bright on December 17, 2009 at 4:06 PM

Ability to hack into US defense systems and see Watching helplessly as Predator drones heading straight toward locations of your terrorist comrades YOU — priceless:

FIFY
 
It’s the latest incarnation of “Scream in terror Akbar, we’re all on candid camera”
BUWAHAHAHAHAHAAA!!
 
I personally want to thank the DoD, Director of Operational Test and Evaluation for this bug/feature. I guarantee you that the tangos were NOT the first ‘actors’ to jack to video. I’m just sayin’ when you’re in a sandpit, CSI:air_conditioning/fresh_water/hot_food/stateside just doesn’t do it for ya, ya know?
 
The blame goes to the program manager who had to have proof for some senate aid of exactly what the predator was looking at while doing exactly what it was programmed to do. It’s a belt and suspenders kind of thing, you civilians just wouldn’t understand.

Blacksmith8 on December 17, 2009 at 4:09 PM

Yes I know the Hellfire only goes a few miles, but the Grim Reaper carries much more then that…I just like the name Hellfire and Grim Reaper…

right2bright on December 17, 2009 at 4:10 PM

Now if they could flash a phony feed, and it looked like the drone was heading in the wrong direction….

right2bright on December 17, 2009 at 4:06 PM

SSSHHHHHH, clam up okay ;-)

Blacksmith8 on December 17, 2009 at 4:11 PM

Phony story.

WiFi transceivers have neither the amplification nor the right wavelengths to receive aircraft-satellite transmissions. You’ve been p0wned.

HelenW on December 17, 2009 at 4:14 PM

“Hey Mohammed,” yelled Ahkmed.
“What’s up,” Mohammed replied.
“Do these drone cameras have powerful zoom lenses?” asked Ahkmed.
“Don’t know, but your beard sure is looking short when you see it on the computer screen,” said Mohammed.
Mohammed and Ahkmed then looked up and screamed. They were quickly swallowed up in a large explosion.

WashJeff on December 17, 2009 at 2:54 PM

Hey, stop reading my mind.

Blacksmith8 on December 17, 2009 at 4:19 PM

Phony story.

WiFi transceivers have neither the amplification nor the right wavelengths to receive aircraft-satellite transmissions. You’ve been p0wned.

HelenW on December 17, 2009 at 4:14 PM

I have three questions:
1)Who said it was WiFi?
2)How do aircraft-satellite transmissions differ from ground-satellite transmissions?
3)Would you like to trade the word ‘wavelenth’ for the word ‘frequency’?

hth

Blacksmith8 on December 17, 2009 at 4:32 PM

Yeah, but it doesn’t really count unless a contractor (lowest bidder of course) develops the same thing for at least $1 billion.

Dr. ZhivBlago on December 17, 2009 at 4:42 PM

Not that I’d know the first frakkin thing about how all this really shiny stuff works, but ;)

The raw video is unencrypted? Oh my – well, till you consider that the raw video is sort of like looking through a soda straw, most of the time, so recognizing where the camera is and what it’s actually looking at is not like turning on the TV and instantly recognizing Keith Olbermann, or something, AND, well, just seeing the picture isn’t nearly as valuable as what is actually being done as a result of what’s on a particular segment of video, which the video signal doesn’t provide. . .

Encrypting/unencrypting the raw video is a trade off – the assumption that ‘it shoulod be pretty easy’ is the ass out of you and me example in this case. What works for low bandwidth, low volume data doesn’t necessarily scale very well, and. oh, by the way, time lag DOES turn out to be kinda critical, when you’re bouncing a signal not only a third of the way around the planet, but 22K miles out into space as well.

I guess the thing to do here is ‘curb your incredulity’, unless you’re willing to accept, at face value, that most of the folks that are involved with the development of the system, and approving it for use, are either dumber than rocks, or more like the CRU scientists than military and engineering professionals responsible for something demonstrably effective and workable. Well except for the guy that was the retread Helo pilot, but he was just funny, not incompetent.

If you do sit back and think for more than 30 seconds, realistically, without using Hollywood physics, yeah, the scenario that comes to mind is the one where the bad guys, after watching hours and hours and HOURS of really boring, monotonous b&w fuzzy video, have just a momentary flash of recognition. . .just as the Hellfire comes scrreamin in their window.

SCHWEEEEEEEEET!

Hacked Predator video – responsible for more brown, yellow, and red stained dashikis than even OxyClean can handle!

Wind Rider on December 17, 2009 at 4:51 PM

You know what? CIA needs to spread the rumor that umbrellas block a Predator’s radar.

Just to see all the jihadis open those Wil. E. Coyote parasols before they go boom….

Chris_Balsz on December 17, 2009 at 6:43 PM

Dam… there is SO much disinformation in this thread… I REALLY REALLY wish I could talk about the issue…

Sometimes, holding a clearance can be a biatch… even years later…

Romeo13 on December 17, 2009 at 6:55 PM

I’ve been hearing this story all day today. Sorry, but my BS detector is ringing off the hook. I don’t buy that the feed is not encrypted. Hopefully this is a disinformation game. Get the bad guys to think they’re safely watching the Predator looking the other way and then send them a candy-gram for Mongo, or something like that.

MJBrutus on December 17, 2009 at 7:38 PM

Fired. People need to be fired.

Security via obscurity does not work. Anyone involved in security, who doesn’t realize that, shouldn’t be in security.

Greg Q on December 17, 2009 at 8:26 PM

Sounds like the terrorists should have been left to think that they had every bit of data available from those drones — while the real planning was safely encrypted — instead of broadcasting their naivete all over FREAKING CREATION.

Didn’t we do this during WWII? Let. Them. Think. They’re. Smart. Please.

Tanya on December 17, 2009 at 9:57 PM

Sounds like the terrorists should have been left to think that they had every bit of data available from those drones — while the real planning was safely encrypted — instead of broadcasting their naivete all over FREAKING CREATION.

Didn’t we do this during WWII? Let. Them. Think. They’re. Smart. Please.

Tanya on December 17, 2009 at 9:57 PM

QFT

- The Cat

MirCat on December 18, 2009 at 4:18 AM

How many Afghans know that their mountain looks like from a sky view?

- The Cat

MirCat on December 18, 2009 at 4:20 AM

How many Afghans know that their mountain looks like from a sky view?

- The Cat

MirCat on December 18, 2009 at 4:20 AM

Have you ever heard of a topographical map?

Slowburn on December 18, 2009 at 5:52 AM

I never liked the idea of drones, they are vulnerable to jamming, and hacking. The control systems may be highly incripted, but in the early nineties, when my nephew said what I wanted was “IMPOSABLE” his father, an engineer at IBM, stated that imposable meant “A hundred million dollar, 18-month development cycle.

Slowburn on December 18, 2009 at 6:07 AM

Its sad to think my local cable company has a better protected video feed.

taznar on December 18, 2009 at 9:26 AM

even years later…

Romeo13 on December 17, 2009 at 6:55 PM

yup.

jerrytbg on December 18, 2009 at 10:20 AM

Um, video downlink from manned surveillance aircraft can be jammed and intercepted, too.

blink on December 18, 2009 at 10:55 AM

Flight controls, and and weapons systems have me more worried.

Slowburn on December 18, 2009 at 1:41 PM

Comment pages: 1 2