UPDATED 09:06 EST / DECEMBER 05 2013

NEWS

Drones that hack drones

This may shock some of you and others maybe not so much. There are hackers out there that love to experiment with drones. Thankfully the ones we know about are good guys. When they find some weakness or pull off a big hack, they let the public know and the parties that actually use the drones know. Usually it’s the opposite order. Serial hacker Samy Kamkar turned up in an Arstechnica article yesterday with a pretty interesting hack. He’s put together a system of hardware and software that can be put together to build a drone. From there, that drone finds other drones out and about in operation, hacks the drone and then controls them. It is one of the most innovative drone hacks to ever come out, and it may have many people concerned about the potential malice that could be played out with such a capability.

Kamkar is a pretty famous character and hacker.  He created the Samy worm, which was a JavaScript exploit on MySpace back in 2005. Kamkar’s Samy worm was able to add over a million friends to his account. He’s gone white hat now, meaning he does what he does for different causes now.

A hack project with off-the-shelf components

 

Kamkar’s project is called SkyJack and the details of how it is put together are a fascinating blend of custom configurations mixed in with some off the shelf technology and is then topped off with some standard industry software to do its mission. That is – launch the drone it runs on, find the targets, hack it, watch video from the unit and control the target unit completely.

SkyJack works by monitoring the media access control (MAC) addresses of all Wi-Fi devices within radio range. When it finds a MAC address belonging to a block of addresses used by Parrot AR.Drone vehicles, SkyJack uses the open-source Aircrack-ng app for Wi-Fi hacking to issue a command that disconnects the vehicle from the iOS or Android device currently being used to control and monitor it. Operators of the flying hacker drone are then able to use their own smart device to control the altitude, speed, and direction of the hijacked drone and to view its live video feeds.

What that means is that the hack is accessible to a huge number of people.  Hobbyists, researchers and even just the curious could be guided to building their own projects, compromising drones throughout the land.  SkyJack’s target is specific to the Parrot AR Drone model, and with a half a million units in the field, that is hardly a small achievement.

At the moment, SkyJack is engineered to target a small range of drones. That’s because it’s programmed to take over drones only if their MACs fall inside an address block reserved by Parrot AR.Drone vehicles. If the MAC falls outside that range, SkyJack takes no action at all. But the software is built in a way to easily target other types of drones that have communication systems that are similar to Parrot. That means a much broader range of devices may be susceptible to radio-controlled hijacking if they fail to adequately secure their connections.

Target: Amazon?

 

It was just this week that Amazon made major headlines with talk of their drone delivery project. The announcement sparked talk of the challenges that will probably face, and hacking being just one of them.

“How fun would it be to take over drones, carrying Amazon packages… or take over any other drones and make them my little zombie drones,” Kamkar asked rhetorically in a blog post published Monday. “Awesome.”

Some have said the Amazon drone program is like skeet shooting with a prize.   Few will be surprised that hackers will sooner or later try their hand at hacking the system.  The biggest takeaway here though is that the hack presents a real threat to a popular drone platform and it could be an easily adopted, easily spread threat.

 

photo credit: Don McCullough soumit via photopin cc

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU