During the Security Analyst Summit (SAS) 2017, a security event held by Kaspersky Lab, security expert Johnathan Andersson revealed a method that allows someone else to take control of a drone in mid-flight. The expert used a Software Defined Radio (SDR), a remote control for drones, a microcomputer, and other electronic equipment to mount a device capable of stealing the command of legitimate equipment control.

To sequester the drone, Andersson used a remote control, a computer, and a software-defined radio - used as an interface to take control of the drone. The tool was christened Icarus from Greek mythology. Using the mechanism, the specialist tuned the radio frequency by which the drone receives instructions from the remote control and went on to monitor the exchange of information.

After some time analyzing this data traffic, Andersson had in hand resources to decipher the instructions passed by the legitimate remote to the drone. And then he used those instructions in his own control and took command of the drone, hijacking the "flight plan".

Why is it so easy to Hijack / Seize Control of a Drone

Drone makers are relying on a model in which security depends on the complexity of the system: it is believed that the high level of difficulty of monitoring the signals is a sufficient barrier to discourage hackers. That is why, in general, the technologies employed by manufacturers don’t use encryption.

The Icarus project can track the traffic instruction between control and drone, hack the primitive protections used by the manufacturer, sending a series of different commands in the space of 11 milliseconds: window where the drone frequency stays in the hacked channel.


The Solution

According to Andersson, using an encryption can help solve this problem. But there are limitations: many manufacturers are not ready for this demand. Controls in the current market don’t support software updates. In addition, encryption requires a higher computational capacity. The consequence of this is the increased processing power requirement of the microcontrollers of the drones, which cause negative effects on the battery life, reducing it in a relevant way.

Although still far from the reality, there are studies and initiatives that project drones as everyday elements of daily life in the near future. For example: Amazon uses the devices to make deliveries. Already in the audiovisual industry, flying robots are used to capture low-cost aerial images.

You can get a simple domestic drone for less than $100 right now and more equipped models, with greater flight autonomy and cameras can be purchased for $ 1000 or less. Between the two extremes, there are a multitude of different versions.

Which Drone should I buy? DJI Spark or GoPro Karma


Via: Kaspersky.com

0 comments

Post a Comment

Powered by Blogger.

Subscribe Now

Blog Archive

Follow by Email