July 20, 2012
Hackable Drones Worry Government Agencies
Michael Harper for redOrbit.com — Your Universe Online
Like it or not, drones may be a very real part of our future -- regular drones, or civilian drones, as they´re called. Rather than being used to spy on our enemies, they´ll be used to deliver our packages and police our streets, and according to the FAA, there could be as many as 30,000 of these automated airborne vehicles before the end of the decade.
“These findings are alarming and have revealed a gaping hole in the security of using unmanned aerial systems domestically,” said panel chairman Rep. Michael McCall. “Now is the time to ensure these vulnerabilities are mitigated to protect our aviation system as the use of unmanned aerial systems continues to grow.”
Experts are expecting this industry to boom as construction companies, delivery services and police forces begin to place their orders for these drones once proper regulations are drawn up. But who´s responsible for these regulations? The FAA can ensure the safety of these drones, making sure they don´t interfere with other aircraft, and the DHS can protect against security, but when the UT team spoofed the GPS of an overhead drone, neither organization took responsibility for GPS attacks. The DHS even declined to testify at this week´s bi-partisan hearing.
“The Department of Homeland Security mission is to protect the homeland. Unfortunately, DHS seems either disinterested or unprepared to step up to the plate,” said McCall. The FAA also declined to comment on GPS security after the spoofing test.
Some drone makers, such as DraganFly (whose drones are already used by the Seattle police) say they´re not worried about GPS spoofing, saying that their drones fly so low to the ground, if anything goes wrong, they´d just land the aircraft. Other makers, such as Rotomotion, had prepared for GPS threats, but were shocked to hear about the spoofing tests.
Spoofing a GPS system essentially tricks the drone into thinking the directions it´s receiving are legitimate and from the operator. Once spoofed, a hacker has complete control of the drone.
Military drones use an encrypted GPS signal to navigate and, as such, are more difficult to hack into or spoof. Civilian drones, on the other hand, do not use this more secure GPS system, thus the need for proper regulation.
Some are concerned with the potential privacy issues that could stem from a drone being piloted by someone other than the intended parties. Others, like University of Texas lead researcher Todd Humphreys, are worried that a maliciously controlled drone could become a potential missile.
“I´m worried about them crashing into other planes,” he told Fox News. “I´m worried about them crashing into buildings. We could get collisions in the air and there could be loss of life, so we want to prevent this and get out in front of the problem.”
While Humphreys has said it might be difficult for an “ordinary” person to spoof a drone, he was worried it might be well within the capability of a criminal or terrorist network.
President and CEO of the Association for Unmanned Vehicle Systems International (AUVSI) Michael Toscano thinks the spoofing is even more difficult than Humphreys has suggested. In a statement to the subcommittee, Toscano said, “One must know the location of the target vehicle and be able to track it. If the target vehicle is not in close proximity to the spoofing device, this requires a detection system such as radar. Meanwhile, custom software is needed to make adjustments to the target vehicle´s course.”
“AUVSI member companies have been hard at work developing new technologies that would add extra layers of safety and security to unmanned aircraft.”