March 13, 2014

Poachers Could Leverage Internet to Hunt Endangered Animals


This is a story of when security works, but it may also be the story of a new way to exploit the internet for dirty money:


As you can easily imagine, it’s entirely possible for a poacher (or a hacker under the hire of a poacher) to break into the email accounts that receive data from the GPS collars that wildlife conservationists attach to endangered species. Biologists and conservationist use these collars to study the behaviors and monitor the locations of such animals. So, if a poacher can gain access to that information, he can monitor the broad migrational patterns – or in certain cases the real-time locations – of the tagged animals in order to track and ultimately kill them.

The Times of India broke a story in September of last year, in which hackers may have done just that: attempted to break into an email account containing the relay information of an “Iridium GPS Satellite Collar” that had been attached to a tiger in the Panna Tiger Reserve in the state of Madhya Pradesh in central India.

As is so often the case with cyber-incidents, attribution is tricky. The login attempt may have been a mistake, but the story underscores a very real threat.

A poacher could break into the email accounts that receive data from the GPS collars that wildlife conservationists attach to endangered species to track and kill them.

National Geographic took the story a step further a month later. Someone or something (it could have been a spambot or some other kind botnet) managed to gather the proper credentials to the email account of one of the three men with legal access to the tiger’s GPS collar information. For five months, the GPS collar had been updating that email account with the exact location of the tiger. The collar relayed coordinates every hour for the first three months and every four hours for the following two months until the collar’s battery died and the transmissions went dark. As you can imagine, this would be a treasure trove of information for the kind of person that is in the illicit business of hunting endangered animals and killing them for their parts.

However, the server maintaining this email address recognized something fishy was going on. The office of the man that should have been accessing that email account is located in Dehradun, India. The illegitimate access attempt was originating from an IP block located more than 600 miles away in Pune, India. The server flagged the login attempt and blocked it. Thus, security triumphed over the potential murder of an endangered animal (or, at the very least, security triumphed over an attempt at an unauthorized email account access).

Dr. Krishnamurthy Ramesh, the head of the tiger monitoring program at the reserve, told National Geographic that even if the hackers did compromise the email account, they would have had a difficult time deciphering the information therein.

“They couldn’t even see the data—it would look like unusual numbers or symbols,” Ramesh said, suggesting that the collar transmits information in an encrypted format. He would go on to tell the wildlife magazine that the GPS information can only be decrypted using special software and specific radio-collar product information.

“Technology has been a great support in Panna, and in fact, the tiger population recovery has advanced because of security-based monitoring involving such technology,” said Ramesh.