NEWS
NEWS
NEWS
New device can hijack consumer drones using widespread vulnerability
A new device revealed at a security conference in Japan last week can hijack consumer drones, by exploiting a vulnerability in the frequency-hopping systems used to protect radio communications between an operator and the drone itself.
The “Icarus” device, a form of radio transmitter, was designed by a researcher at security software maker Trend Micro Inc. to demonstrate that it could be done, and that drone manufacturers need to do more in relation to security. According to Ars Technica, the device can take command of a nearby drone in mid-flight, completely removing all control from the original operator.
The hack works against drones that use DSMx, an advanced form of digital spread modulation whereby the frequency of communications between the remote control and the device changes thousands of times per second so as to avoid interference. Icarus works by finding the unique shared secret key within the communications between the operator and device by observing the protocol and by using brute force.
“It’s not a jamming system so I am not competing for control via RF power,” Jonathan Andersson from Trend Micro told The Register. “Full flight control is achieved with the target experiencing a complete loss of control — it’s a clean switch-over. The range of my proof of concept implementation is equal to a standard DSMx radio transmitter, though standard 2.4GHz ISM band amplification can be applied to extend the range.”
Federal regulators have been keen on making sure drone operators can be identified, including compulsory pilot registration and markings on a given drone so it can be traced back to its owner. That’s ostensibly so an owner of a drone that accidentally or intentionally causes damage or flies into restricted airspace can be identified, but what happens if that drone is hijacked in flight by a third party for nefarious purposes?
While the device is not commercially available, now that it is known that the vulnerability exists, hackers will without question look to replicate it.
Image credit: thespeakernews/Flickr/CC by 2.0
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
