Researchers Remotely Hijack Drones on the Cheap
Civilian drone aircraft will soon be an increasingly common sight in U.S. skies thanks to the FAA Reauthorization and Reform Act of 2012. But a team of Texas researchers has shown how easy it could be to remotely hijack these planes using a device they built for $1,000. Their demonstration has raised concerns that the drones could be hacked by pranksters -- or by terrorists.
Jul 2, 2012 7:00 AM PT
The news comes as the United States Federal Aviation Authority (FAA) prepares to integrate drones into the country's national airspace system. This task is mandated by the FAA Reauthorization and Reform Act of 2012, signed into law by President Barack Obama in February. It is scheduled for completion by 2015.
Thousands of drones are expected to fly in U.S. air space by 2015, and they will be used by law enforcement agencies as well as private businesses.
The demonstration of GPS spoofing has raised concerns that terrorists might employ this technique to hijack legitimate drones for use in attacks.
"I think it's a wakeup call for the U.S. Department of Defense, and something they need to focus on," Darren Hayes, CIS Program Chair at Pace University, told TechNewsWorld.
What the Texans Did
A team from the University of Texas at Austin's Cockrell School of Engineering repeatedly took over a small but sophisticated drone using hardware and software built by the researchers, in a demonstration for the U.S. Department of Homeland Security at White Sands in New Mexico earlier this week.
The team, led by Todd Humphreys, an assistant professor at Cockrell, hijacked the hovering drone from a distance of about one kilometer (0.62 miles)
Humphreys raised the possibility that terrorists might take over a civilian drone and use it as a missile.
How They Did It
Humphreys' team created what he described as the most advanced spoofer ever built for about US$1,000, Fox News reported. He used it to infiltrate the GPS system of the drone, which was relying on a GPS signal beamed to it by satellites orbiting in space.
The team apparently first sent out a signal to the drone that matched the GPS signal it was receiving. Then it sent its own commands to the drone's onboard computer.
"You can basically hack into anything," Pace University's Hayes said. "Every kind of radio signal that exists can be jammed or spoofed."
Why GPS Spoofing Is a Threat
By 2015, hundreds of thousands of civilian drones might fill U.S. airspace.
The plethora of drones in flight may present plenty of potential targets to pranksters and hackers as well as terrorists. "It's easy to find and purchase the parts to build a GPS spoofer now, and by 2015, spoofers might be readily available on the market.
"You can buy all the parts and modify one of these devices that are out there for wireless intercept very cheaply," Pace University's Hayes said. "The hardest part is that they're tricky to solder." Information on how to build these devices is readily available on the Internet.
Humphreys did not respond to our request for further details.