17 December 2009

Insurgents Intercept Drone Video Feeds.

Posted by Connor under: 4th Generation Warfare; Technology .

Oh, goody.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter.

U.S. officials say there is no evidence that militants were able to take control of the drones or otherwise interfere with their flights. Still, the intercepts could give America’s enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under U.S. surveillance.

The drone intercepts mark the emergence of a shadow cyber war within the U.S.-led conflicts overseas.

First, “the emergence of a shadow cyber war” is probably wrong. The very rapid innovation-reaction-innovation cycle has been going on since the first IED’s in Iraq back in 2003. This cycle of open-source warfare is well documented and predicted.

Second, my initial geek reaction was: this is going to be terribly hard to fix because those high-resolution video streams are going to be a bitch to encrypt. There is a delicate balancing act between the available bandwidth (fixed, finite) and the video resolution versus security. With fixed bandwidth, as you add encryption it increases the size of the packets taking up bandwidth.and thus lowering the video resolution.

John Robb concurs:

Iraqi and Afghan insurgents are currently using cheap software to hack the video feeds of Predator (and likely Reaper) drones. Due the difficulty of adding encryption to a large number of deployed systems high bandwidth video flows (particularly the “Gorgon’s Stare” with 10 separate feeds), a quick fix is very unlikely.

Update: According to CBS News and other sources. This vulnerability has existed since the drones were built.

he Air Force became aware of the security vulnerability when copies of Predator video feeds were discovered on a laptop belonging to a Shiite militant late last year, and again in July on other militants’ laptops, the Journal reported. The problem, though, is that the drones use proprietary technology created in the early 1990s, and adding encryption would be an expensive task.

The implications of the Predator’s unencrypted transmissions have been known in military circles for a long time. An October 1999 presentation given at the Air Force’s School of Advanced Airpower Studies in Alabama noted “the Predator UAV is designed to operate with unencrypted data links.”

In 2002, a British engineer who enjoys scanning satellite signals for fun stumbled across a NATO video feed from the Kosovo war. CBS News correspondent Mark Phillips reported then on the apparent surveillance security shortfall, and the U.S. military’s decision to essentially let it slide.

The source of this is the same bone-headed thinking behind every proprietary or limited-access network vedor’s logic: We don’t need encryption/strong security on our network because only our people will have access to it. Normally, my reaction to that is: you deserve whatever you get. However this is tempered in this particular case because “you” is actually “us.” Heads should roll though. This is beyond stupid.

Name (required)

Mail (will not be published) (required)

Website