NEWS
NEWS
NEWS
New device can hijack consumer drones using widespread vulnerability
A new device revealed at a security conference in Japan last week can hijack consumer drones, by exploiting a vulnerability in the frequency-hopping systems used to protect radio communications between an operator and the drone itself.
The “Icarus” device, a form of radio transmitter, was designed by a researcher at security software maker Trend Micro Inc. to demonstrate that it could be done, and that drone manufacturers need to do more in relation to security. According to Ars Technica, the device can take command of a nearby drone in mid-flight, completely removing all control from the original operator.
The hack works against drones that use DSMx, an advanced form of digital spread modulation whereby the frequency of communications between the remote control and the device changes thousands of times per second so as to avoid interference. Icarus works by finding the unique shared secret key within the communications between the operator and device by observing the protocol and by using brute force.
“It’s not a jamming system so I am not competing for control via RF power,” Jonathan Andersson from Trend Micro told The Register. “Full flight control is achieved with the target experiencing a complete loss of control — it’s a clean switch-over. The range of my proof of concept implementation is equal to a standard DSMx radio transmitter, though standard 2.4GHz ISM band amplification can be applied to extend the range.”
Federal regulators have been keen on making sure drone operators can be identified, including compulsory pilot registration and markings on a given drone so it can be traced back to its owner. That’s ostensibly so an owner of a drone that accidentally or intentionally causes damage or flies into restricted airspace can be identified, but what happens if that drone is hijacked in flight by a third party for nefarious purposes?
While the device is not commercially available, now that it is known that the vulnerability exists, hackers will without question look to replicate it.
Image credit: thespeakernews/Flickr/CC by 2.0
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
