US spy drone hijacked with GPS spoof hack, report says
Electronic warfare comes of age – in Iran
The US stealth drone broadcast last week on Iranian state television was captured by spoofing its GPS coordinates, a hack that tricked the bird into landing in Iranian territory instead of where it was programmed to touch down, The Christian Science Monitor reported.
The 1700-word article cited an unnamed Iranian engineer who said he's studying the inner workings of the American bat-wing RQ-170 Sentinel that recently went missing over Iranian airspace. He said the spoofing technique made the craft “land on its own where we wanted it to, without having to crack the remote-control signals and communications” from the US control center.
CSM reporter Scott Peterson and an Iranian journalist publishing under the pen name Payam Faramarzi said the GPS weakness of aircraft has long been known to US military officials. They cited a 2003 report titled GPS Spoofing Countermeasures that appears to warn of the type of attack claimed by the Iranian engineer.
“A more pernicious attack involves feeding the GPS receiver fake GPS signals so that it believes it is located somewhere in space and time that it is not,” the report states. “This 'spoofing' attack is more elegant than jamming because it is surreptitious.”
A paper (PDF) presented at a security conference in October further elaborated on GPS spoofing attacks, laying out the ingredients necessary for a “seamless takeover” of drones and other airborne vehicles.
US officials have blamed the loss of the sophisticated drone on a malfunction, but have yet to explain how it managed to stay in relatively pristine condition after its recovery by the Iranians.
Over the past 36 months, Iran has suffered a series of setbacks that some analysts blame on a covert war carried out by the US, Israel, or other adversaries. The recent assassinations of its nuclear scientists, explosions at missile and industrial facilities, and the Stuxnet worm that sabotaged uranium enrichment plants are three examples.
“Now this engineer's account of how Iran took over one of America's most sophisticated drones suggests Tehran has found a way to hit back,” the CSM article states. ®
Cue all the sysadmins....
....who've been complaining for years that no one pays attention to security. Security is not an afterthought, it's something that has to be baked in to every stage of the design process of anything that is expected to survive in a hostile environment, which definitely includes any communications gear.
Funny how back when I was in the service I grumbled about reliance on GPS and I was told I was being paranoid.
As we said when the drone videos we found.... unencrypted streams? WTF? If you can't encrypt it as is, stream a low-res version that can be and bring the raw take back to base.
And before the usual Windows/Linux/BSD flame war starts, can we just note that some are better than others but all are flawed and move on?
Tonight on Fox, we are about to witness the live coverage of the dropping of a bomb over Iran. US GPS controls are invulnerable to attack and our bomber is so stealthy, only it itself knows where it is. Here is the live feed..... hey wait... that looks just like our studio building. NOOOOOOOOOOO!!!!!..... BEEEEEEEEEEEEEP
Easy to forget...
Amid all the propaganda originating on both sides, it's easy to overlook the fact that the Iranians are actually pretty good at doing science, despite (or perhaps because of?) the restrictions placed upon the country.
This is, after all, only the 9th country to get a domestically-built satellite into orbit, makes its own bio-implants, is apparently pretty cued up on stem cell research etc etc etc.... before we consider the talents of their few remaining friends. And being within striking range of nuclear-armed Israel, Pakistan, India, Russia and China, not to mention the USA, it's also no surprise that they have an interest in acquiring a nuclear deterrent of their own.
Underestimating one's (potential or real) enemies because of their perceived cultural, religious or technical inferiority is the classic route to cock-ups like losing this drone, and ultimately to messing up an asymmetric war - as the Israelis found when they wandered into Lebanon last time.
Iran's adversaries need to raise their game if they want to avoid being made to look like idiots again in future.