Search This Blog

Wednesday 4 December 2013

SkyJack: Hacker-drone that can wirelessly hijack & control other drones

As Amazon prepares to roll out package-delivering drones, the prospect of swarming tiny aircraft raises a new range of security issues. A US hacker has created a low-cost drone, which finds and wirelessly hijacks other drones.

Samy Kamkar was once convicted of creating the Samy computer worm that knocked out MySpace back in 2005. Now he is devoting his tech skills to legit cyber-security research. The drone-hacking drone is his latest creation, which may send a chill to those inspired by Amazon’s recent announcement that it will use small remote-controlled aircraft for deliveries in a few years’ time.

The drone platform called SkyJack that Kamkar created uses readily available components such as the Parrot AR.Drone quadcopter, a Raspberry Pi circuit board and open-source software he developed and published.

SkyJack uses WiFi to detect other Parrot drones in its range. It then injects WiFi packets into the victim drone’s connection, making it de-authenticate from its remote controller, usually a smartphone, and authenticate in its place, taking it under control. The flying hacker is relatively cheap and quite simple to build.

My instructions are pretty detailed. I’ve made the code entirely free and open source, and fortunately all the technology is so low-cost and easy to acquire (less than $400 for all of it, including your very own drone) that to put it all together from my instructions would take someone under an hour if they were familiar with Linux,” Kamkar told via email.

The SkyJack drone was made more as a proof-of-concept than a practical tool. Kamkar made it target only a small range of drones, although even that is quite large with at least 500,000 Parrot drones sold since the model was introduced in 2010.

But it is only a question of time before a similar technique is used to hack into a broader set of targets or do things more sinister than just intercepting them.

"Misuse of the camera can raise privacy concerns, because unmanned aerial vehicles (UAVs) can traverse property boundaries easily and quickly," said Matthew Peacock and Michael Johnstone, of Edith Cowan University's (ECU) School of Computer and Security Science, who tested Kamkar’s system.

"The misuse of small UAV's such as the Parrot by criminal or terrorist elements is a potential threat to critical infrastructure," they added.

So swarms of zombie drones may take over the skies.


No comments:

Post a Comment

Your comment will be read by a moderator first before publication.
Thank you!