Vulnerabilities / Threats
6/29/2012
11:09 AM
50%
50%

GPS Spoofer Hacks Civilian Drone Navigation System

University of Texas researchers built a $1,000 system able to forcibly reroute or crash a civilian drone.

Mission Intelligence: NRO's Newest Spy Satellites
Mission Intelligence: NRO's Newest Spy Satellites
(click image for larger view and for slideshow)
Civilian drones' navigation systems are vulnerable to being taken over by attackers, using "spoofing" equipment that can be built for as little as $1,000.

That fact was demonstrated this month in White Sands, N.M., by a team from the University of Texas at Austin, which was able to redirect a hovering unmanned aerial vehicle (UAV)--otherwise known as a drone--located one kilometer (0.6 miles) away by feeding it arbitrary global positioning system (GPS) data. Officials from the Department of Homeland Security (DHS) were on hand to witness the demonstration, involving a mini helicopter drone owned by the university, reported Fox News, which broke the story.

GPS spoofing "creates false civil GPS signals that trick the vehicle's GPS receiver into thinking nothing is amiss--even as it steers a new navigational course induced by the outside hacker," according to a statement released by the university. Furthermore, civilian drones' navigation systems aren't necessarily the only civilian GPS-using systems at risk. "Because spoofing fools GPS receivers' on both their location and time, some fear that most GPS-reliant devices, infrastructure, and markets are vulnerable to attacks," according to the university.

"I think this demonstration should certainly raise some eyebrows and serve as a wake-up call of sorts as to how safe our critical infrastructure is from spoofing attacks," said Milton R. Clary. Clary is a senior Department of Defense aviation policy analyst at Overlook Systems Technologies, which is working with the government on counter-spoofing technologies--in a statement.

[ Learn more about civilian drones. Read NASA Sees Drones Flying In U.S. Airspace. ]

Last year, Iran claimed to use GPS spoofing to capture a CIA batwing stealth drone that was flying over the country, conducting reconnaissance of potential nuclear energy or weapons production sites. An Iranian engineer reported that the country had been studying U.S. drone technology for weaknesses since 2007.

One student involved in the University of Texas spoofing research, combining custom-developed software as well as $1,000 in parts--described it as a "fusion of electrical engineering and aerospace engineering." Next year, the team plans to intercept a moving drone from 10 kilometers (6 miles) away.

"We're raising the flag early on in this process so there is ample opportunity to improve the security of civilian drones from these attacks, as the government is committed to doing," said project leader Todd Humphreys, an assistant professor in the University of Texas at Austin's engineering department and head of its Radionavigation Laboratory, in a statement. Humphreys, who specializes in "orbital mechanics," in 2008 cofounded startup Coherent Navigation, which aims to harden GPS signals.

Per the FAA Reauthorization Act passed earlier this year, the Federal Aviation Administration must detail rules for allowing unmanned aircraft systems (or UAS, in FAA-speak) to fly in national airspace by 2015.

To that end, Congress instructed the FAA to open six UAS testing sites across the country, and also commissioned a new FAA Office for New Technology, which the agency said will bring together aviation safety and air traffic specialists, while serving "as the FAA's one-stop [shop] for all matters related to civil and public use of unmanned aircraft systems in U.S. airspace."

Civilian uses aside, the military also remains intent on pushing the limits of drones, as demonstrated by a $100,000 DARPA competition to develop a "military-relevant, backpack-portable UAV" that could "perch and stare," meaning either land on a structure or hover about it, for a long enough period to conduct surveillance. But the contest, involving 140 teams and nine finalists, using UAVs that cost up to $10,000 to build, ended without a winner. "The fact that no team completed the baseline scenario reflects the underlying difficulty of the very real challenges of small perch and stare for operational use," according to the DARPA contest website.

More than 900 IT and security professionals responded to InformationWeek’s 2012 Strategic Security Survey. Our results cover a variety of areas critical to information risk management, including cloud, mobility, and software development. Download the 2012 Strategic Security report now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PJS880
50%
50%
PJS880,
User Rank: Ninja
7/1/2012 | 10:38:42 PM
re: GPS Spoofer Hacks Civilian Drone Navigation System
I think that it is very good that the group asked the Department of Defense to be present when showing the demonstration. It shows first hand the effects that spoofing could have and the potential threats that $1000 and a group of educated college students can do with some knowledge and determination. I am looking forward to reading about their next demonstration where they plan to intercept a drone from 10km. Is anybody aware of any other similar experiments that have been conducted to better explain spoofing?

Paul Sprague
InformationWeek Contributor
3 Ways to Retain Security Operations Staff
Oliver Rochford, Vice President of Security Evangelism at DFLabs,  11/20/2017
A Call for Greater Regulation of Digital Currencies
Kelly Sheridan, Associate Editor, Dark Reading,  11/21/2017
New OWASP Top 10 List Includes Three New Web Vulns
Jai Vijayan, Freelance writer,  11/21/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.