{"id":11998,"date":"2016-05-02T09:00:20","date_gmt":"2016-05-02T13:00:20","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=11998"},"modified":"2017-09-24T08:06:12","modified_gmt":"2017-09-24T12:06:12","slug":"hacking-armed-drones","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/hacking-armed-drones\/11998\/","title":{"rendered":"Drones armed with guns, chainsaws and vulnerabilities"},"content":{"rendered":"<p>Over the past few years drones have evolved from toys to powerful tools that can be used by pretty much everybody. <a href=\"https:\/\/www.kaspersky.com\/blog\/israel-uav\/8530\/\" target=\"_blank\" rel=\"noopener nofollow\">Armies use them for scouting<\/a> and aerial spotting, coast-guards \u2014 as coastal patrol. When it comes to mapping the accident site and locating victims lifeguard sends drones ahead. <a href=\"https:\/\/www.kaspersky.com\/blog\/maritime-drones-deployment\/8469\/\" target=\"_blank\" rel=\"noopener nofollow\">Unmanned flying vehicles disarm old mines<\/a>, trace poachers and even <a href=\"http:\/\/beforeitsnews.com\/blogging-citizen-journalism\/2016\/01\/dahboo77-video-area-51-first-ever-drone-footage-from-tikaboo-peak-2527274.html\" target=\"_blank\" rel=\"noopener nofollow\">spy on the famous Area 51<\/a>.<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2016\/04\/06022328\/hacking-armed-drones-FB.jpg\"><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2016\/04\/06022328\/hacking-armed-drones-FB.jpg\" alt=\"Drones armed with guns, chainsaws and vulnerabilities \" width=\"1280\" height=\"1280\" class=\"aligncenter size-full wp-image-12000\"><\/a><\/p>\n<p>Quad-, hexa- and other multi-copters nowadays can be purchased for next to nothing. This cost brings up a lot of privacy concerns. Small wonder, as drones could fly everywhere and record almost everything their owner wants them to! As soon as everybody understood that <a href=\"https:\/\/www.kaspersky.com\/blog\/helicopter-nicht\/7108\/\" target=\"_blank\" rel=\"noopener nofollow\">it\u2019s rather hard and almost useless to spy after the neighbors<\/a> with the help of average consumer drones some fears subsided.<\/p>\n<p>People started entertaining themselves. For example, they attached different things like <a href=\"http:\/\/www.popsci.com\/finnish-filmmakers-gave-drone-chainsaw\" target=\"_blank\" rel=\"noopener nofollow\">chainsaws<\/a> and <a href=\"https:\/\/www.youtube.com\/watch?v=FI--wFfipvA\" target=\"_blank\" rel=\"noopener nofollow\">guns<\/a> to their drones; and \u2014 of course \u2014 published videos of their experiments on YouTube, gathering \u201cLikes\u201d and attention. Nevertheless, unmanned flying vehicles are still considered to be dubious technology. For example, this year <a href=\"https:\/\/www.youtube.com\/watch?v=1dzmXs7Jb3k\" target=\"_blank\" rel=\"noopener nofollow\">hunters from Pennsylvania held a robust discussion<\/a> whether is it legal and fair game to hunt animals using drones.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Are <a href=\"https:\/\/twitter.com\/hashtag\/drones?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#drones<\/a> as scary as they seem? <a href=\"https:\/\/t.co\/6jqha7bonz\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/6jqha7bonz<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/security?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#security<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/privacy?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#privacy<\/a> <a href=\"http:\/\/t.co\/N4Puv6NRZ0\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/N4Puv6NRZ0<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/552497356210704384?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">January 6, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Other people decided that drones are annoying and creating a weapon against the nasty flying things is their direct duty. That resulted in the invention of<a href=\"https:\/\/youtu.be\/M6tT1GapCe4\" target=\"_blank\" rel=\"noopener nofollow\"> SkyWall \u2014 a professional protection system<\/a> from mechanical birdies, that shoots drones down with nets. Other enthusiastically joined this flashmob: <a href=\"http:\/\/www.theverge.com\/2016\/3\/8\/11184004\/jet-ski-destroys-drone-video\" target=\"_blank\" rel=\"noopener nofollow\">jet-ski drivers<\/a> showed that it\u2019s possible to destroy a drone with their floating facilities. Others started a Kickstarter crowd funding campaign for the development of a <a href=\"http:\/\/www.theguardian.com\/technology\/2014\/jun\/19\/spying-personal-drone-detection-system-kickstarter\" target=\"_blank\" rel=\"noopener nofollow\">drone neutralizing mechanism<\/a>. After proper training <a href=\"http:\/\/i.kinja-img.com\/gawker-media\/image\/upload\/s--aaanjima--\/c_scale,f_auto,fl_progressive,q_80,w_800\/mannx1mlsvgjedoglske.gif\" target=\"_blank\" rel=\"noopener nofollow\">even eagles learned how to hunt down a drone<\/a>.<\/p>\n<p>Hackers also decided to check how difficult it would be to compromise professional drones used by military and law enforcement agencies.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">How to skyjack drones in an hour for less than $400 <a href=\"http:\/\/t.co\/lNndgx8TJl\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/lNndgx8TJl<\/a> via <a href=\"https:\/\/twitter.com\/threatpost?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@threatpost<\/a><\/p>\n<p>\u2014 Eugene Kaspersky (@e_kaspersky) <a href=\"https:\/\/twitter.com\/e_kaspersky\/status\/408677761415270400?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">December 5, 2013<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>One of them, a 22-year old Gaza resident named Majd Ouida <a href=\"https:\/\/hcstx.org\/2016\/03\/24\/espionage-files-the-brave-new-world-of-drone-hacking\/\" target=\"_blank\" rel=\"noopener nofollow\">was arrested<\/a> by Israeli police in March. The investigators believed that Majd tried to hack Israel Defence Forces drones three times. The last attempt succeeded and the young man intercepted the broadcast feed streamed by drones. He had allegedly bought the necessary equipment from dealers in the United States.<\/p>\n<p>It was not for the first time that Israeli drones were hacked \u2014 foreign Intelligence services hacked into them as well. Thanks to Edward Snowden we know about the operation \u2018Anarchist\u2019 held by the USA and Great Britain. <a href=\"https:\/\/theintercept.com\/2016\/01\/28\/israeli-drone-feeds-hacked-by-british-and-american-intelligence\/\" target=\"_blank\" rel=\"noopener nofollow\">American and British intelligence secretly tapped<\/a> into live video feeds from Israeli drones and fighter jets monitoring military operations in Gaza, Palestine.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">We take a closer look at Israel's UAV's and drones \u2013 <a href=\"http:\/\/t.co\/5nZdHd1011\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/5nZdHd1011<\/a> <a href=\"http:\/\/t.co\/VO4HlI9oVa\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/VO4HlI9oVa<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/593417065714814976?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">April 29, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Of course special services and their agents are qualified for such a job. It turns out you don\u2019t need to be James Bond to hack, for example, an industrial drone, used by American police and fire departments.<\/p>\n<p>At the RSA conference, security expert Nils Rodday <a href=\"http:\/\/www.wired.com\/2016\/03\/hacker-says-can-hijack-35k-police-drone-mile-away\/\" target=\"_blank\" rel=\"noopener nofollow\">reported<\/a> that he managed to take control over a quadcopter of that kind due to a certain security flaw. This vulnerability is observed in this very model and other similar devices, which cost from 30 to 35 thousand dollars. At the same time, a criminal needs only a $500 laptop and a cheap radio chip connected via USB to make this work. The researcher believes that the discovered vulnerabilities may apply to a broad range of high-end drones.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/M_pltBN4SAo?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>Drones have to follow commands. Quickly. To reduce delays developers either use no encryption at all or turn to a simple WEP protocol, which can be hacked in seconds. This is why it\u2019s possible to take over someone else\u2019s drone. Once it\u2019s done, the hacker can turn it off, make it fly here and there, faster or slower, change key points of its route and so on. In brief, one can break the drone, crash it or \u2014 even worse \u2014 make the copter crash into somebody.<\/p>\n<p>The researcher reached the developers of the vulnerable flying machine and the company plans to fix the issue in the next version of the quadcopter that it sells. The thing is that it\u2019s not easy to patch those drones that are already sold. They are not connected to the Internet directly and so they are unable to download a security update.<\/p>\n<p>Even if the company released a new firmware with stronger encryption and the users installed it somehow to their devices, the update would slow down the drones \u2014 as they would spend certain time decrypting the commands. Enabling encryption without adding latency would require mounting another chip \u2014 which means that the manufacturer would have issue a recall.<\/p>\n<p>In the world of gadgets, connected devices and worldwide Internet such failure seems to be epic but let\u2019s not be blunt here. As with many other modern developments drones are a relatively new technology that requires further testing. Yes, they are not secure: one really can attach a chainsaw to a flying machine and use it to ruin their neighbor\u2019s bushes, or hack the drone to fulfill their dark goals.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>It\u2019s possible to attach a gun and a chainsaw to a #drone. And it\u2019s possible to hack it to take full control over the device<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2F4kCo&amp;text=It%26%238217%3Bs+possible+to+attach+a+gun+and+a+chainsaw+to+a+%23drone.+And+it%26%238217%3Bs+possible+to+hack+it+to+take+full+control+over+the+device\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>It\u2019s important to understand that any innovation brings good and bad things at the same time. Earlier people thought that electricity is a kind of dark magic but now everybody seems to like it. The same destiny awaits for drones.<\/p>\n<p>Until this happened we should be more careful when it comes to a brand new technological devices and be <i>especially<\/i> attentive when you choose smart connected devices <a href=\"https:\/\/www.kaspersky.com\/blog\/how-i-hacked-my-home\/5756\/\" target=\"_blank\" rel=\"noopener nofollow\">for your home<\/a> and <a href=\"https:\/\/www.kaspersky.com\/blog\/massive-webcam-breach\/6833\/\" target=\"_blank\" rel=\"noopener nofollow\">family<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We\u2019ve seen drones armed with chainsaws and guns. More alarming though is how easily they can be hacked.<\/p>\n","protected":false},"author":522,"featured_media":11999,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[511,899,78,43,1599,97,902],"class_list":{"0":"post-11998","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-drones","9":"tag-hack","10":"tag-hackers","11":"tag-privacy","12":"tag-quadcopter","13":"tag-security-2","14":"tag-uav"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/hacking-armed-drones\/11998\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/hacking-armed-drones\/7098\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/hacking-armed-drones\/7070\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/hacking-armed-drones\/8238\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/hacking-armed-drones\/8094\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/hacking-armed-drones\/11726\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/hacking-armed-drones\/5590\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/hacking-armed-drones\/6218\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/hacking-armed-drones\/7580\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/hacking-armed-drones\/11263\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/hacking-armed-drones\/11726\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/hacking-armed-drones\/11998\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/hacking-armed-drones\/11998\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/drones\/","name":"drones"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/11998","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/522"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=11998"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/11998\/revisions"}],"predecessor-version":[{"id":19251,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/11998\/revisions\/19251"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/11999"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=11998"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=11998"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=11998"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}