The Register® — Biting the hand that feeds IT

Feeds

US spy drone hijacked with GPS spoof hack, report says

Electronic warfare comes of age – in Iran

By Dan Goodin, 15th December 2011
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

The US stealth drone broadcast last week on Iranian state television was captured by spoofing its GPS coordinates, a hack that tricked the bird into landing in Iranian territory instead of where it was programmed to touch down, The Christian Science Monitor reported.

The 1700-word article cited an unnamed Iranian engineer who said he's studying the inner workings of the American bat-wing RQ-170 Sentinel that recently went missing over Iranian airspace. He said the spoofing technique made the craft “land on its own where we wanted it to, without having to crack the remote-control signals and communications” from the US control center.

CSM reporter Scott Peterson and an Iranian journalist publishing under the pen name Payam Faramarzi said the GPS weakness of aircraft has long been known to US military officials. They cited a 2003 report titled GPS Spoofing Countermeasures that appears to warn of the type of attack claimed by the Iranian engineer.

“A more pernicious attack involves feeding the GPS receiver fake GPS signals so that it believes it is located somewhere in space and time that it is not,” the report states. “This 'spoofing' attack is more elegant than jamming because it is surreptitious.”

A paper (PDF) presented at a security conference in October further elaborated on GPS spoofing attacks, laying out the ingredients necessary for a “seamless takeover” of drones and other airborne vehicles.

US officials have blamed the loss of the sophisticated drone on a malfunction, but have yet to explain how it managed to stay in relatively pristine condition after its recovery by the Iranians.

Over the past 36 months, Iran has suffered a series of setbacks that some analysts blame on a covert war carried out by the US, Israel, or other adversaries. The recent assassinations of its nuclear scientists, explosions at missile and industrial facilities, and the Stuxnet worm that sabotaged uranium enrichment plants are three examples.

“Now this engineer's account of how Iran took over one of America's most sophisticated drones suggests Tehran has found a way to hit back,” the CSM article states. ®

Agentless Backup is Not a Myth

COMMENTS

House Rules Send Corrections
All Reader Comments (159)
Highly Rated
El Cid Campeador

Cue all the sysadmins....

....who've been complaining for years that no one pays attention to security. Security is not an afterthought, it's something that has to be baked in to every stage of the design process of anything that is expected to survive in a hostile environment, which definitely includes any communications gear.

Funny how back when I was in the service I grumbled about reliance on GPS and I was told I was being paranoid.

As we said when the drone videos we found.... unencrypted streams? WTF? If you can't encrypt it as is, stream a low-res version that can be and bring the raw take back to base.

And before the usual Windows/Linux/BSD flame war starts, can we just note that some are better than others but all are flawed and move on?

34
0
Cynic
Reply Icon

And then...

Tonight on Fox, we are about to witness the live coverage of the dropping of a bomb over Iran. US GPS controls are invulnerable to attack and our bomber is so stealthy, only it itself knows where it is. Here is the live feed..... hey wait... that looks just like our studio building. NOOOOOOOOOOO!!!!!..... BEEEEEEEEEEEEEP

17
0
Big Al

Easy to forget...

Amid all the propaganda originating on both sides, it's easy to overlook the fact that the Iranians are actually pretty good at doing science, despite (or perhaps because of?) the restrictions placed upon the country.

This is, after all, only the 9th country to get a domestically-built satellite into orbit, makes its own bio-implants, is apparently pretty cued up on stem cell research etc etc etc.... before we consider the talents of their few remaining friends. And being within striking range of nuclear-armed Israel, Pakistan, India, Russia and China, not to mention the USA, it's also no surprise that they have an interest in acquiring a nuclear deterrent of their own.

Underestimating one's (potential or real) enemies because of their perceived cultural, religious or technical inferiority is the classic route to cock-ups like losing this drone, and ultimately to messing up an asymmetric war - as the Israelis found when they wandered into Lebanon last time.

Iran's adversaries need to raise their game if they want to avoid being made to look like idiots again in future.

16
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
124
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
57
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
breaking news
'BadNews is malware' says outfit that found it
Google says code harmless but Lookout says code base is evolving
15
Panda-peddlers cuffed for chess gambling gambit
More porridge on the menu for Chinese coders after second offence
13