On the evening of June 19, a group of researchers from the University of Texas successfully hijacked a civilian drone at the White Sands Missile Range in New Mexico during a test organized by the Department of Homeland Security.
The drone, an Adaptive Flight Hornet Mini, was hovering at around 60 feet, locked into a predetermined position guided by GPS. Then, with a device that cost around $1,000 and the help of sophisticated software that took four years to develop, the researchers sent a radio signal from a hilltop one kilometer away. In security lingo, they carried out a spoofing attack.
“We fooled the UAV (Unmanned Aerial Vehicle) into thinking that it was rising straight up,” says Todd Humphreys, assistant professor at the Radionavigation Laboratory at the University of Texas.
Deceiving the drone’s GPS receiver, they changed its perceived coordinates. To compensate, the small copter dove straight down, thinking it was returning to its programmed position. If not for a safety pilot intervening before the drone hit the ground, it would have crashed.
But for Humphreys playing the part of an evil genius in a thriller movie, everything worked exactly to plan. “It was beautiful,” he tells Danger Room.
The rogue takeover exploited a vulnerability in GPS to take control of the drone. It was, by Humphreys’ accounting, the first time somebody proved a civilian drone could be hijacked. Last year, when the CIA lost a drone in Iran, there were reports indicating the Iranians might have launched a spoofing attack and tricked it into landing, but we’ll never know for sure. Also, in September 2011, North Korea reportedly forced a U.S. spy plane to land with a jamming attack.
With the planned integration of civilian drones in the American airspace, these problems might be coming to the U.S. The FAA must come up with new rules to allow for a freer use of drones in America by 2015 and, apart from worrying about possible collisions between manned and unmanned aircrafts, now the FAA might have to worry about people hijacking drones with spoofing devices.
What’s worse, the experiment at White Sands shows that drone-jacking is “just the tip of the iceberg of a much bigger security issue we have in this country,” according to Logan Scott, a GPS industry consultant who has worked for defense giants like Lockheed Martin.
In other words, it’s not only about drones, it’s GPS in general that is not safe.
The Global Positioning System, commonly referred to as GPS, is a space-based satellite navigation system. It’s what allows you to get turn-by-turn directions to the mini-mart in your automobile. But most people don’t know that it also has countless other crucial applications. Among others, it’s the backbone of the global air traffic system. It is also used to control the power grid, to power banking operations (for instance, ATMs depend on it) and to keep oil platforms in position. And virtually all communications systems, like the world’s cellular networks, rely on it.
“It’s a stealth utility,” says Scott, “meaning that we don’t necessarily know it’s even in the system until something is wrong.”
GPS is also free, unauthenticated and unencrypted. Its open nature has been its biggest strength. Now, it could be its biggest flaw.
“The core problem is that we’ve got a GPS infrastructure which is based on a security architecture out of the 1970s,” Scott tells Danger Room. “From a security point of view, if you look at GPS’s current status, is more or less equivalent to operating computers without firewalls, with no basic checks.”