Drone Hijacks Others In Air, Makes Them Zombies
Drones are showing up everywhere. Amazon wants to use them to deliver packages. Military personnel use drones for surveillance and to target insurgents and scientists use drones to monitor animals and the environment. But because drones are computer-controlled, they’re vulnerable to hacking, and now one researcher has demonstrated how easy it is.
Samy Kamkar, an entrepreneur and hacker best known for publicizing the location tracking of iPhones and Android devices, posted a video online in which he shows how to modify a Parrot AR Drone so that it can pick up the signals sent to other drones in the area, cut them off from their owners and hijack their functions.
Building a hijacking drone is pretty simple and inexpensive. All one needs is a Wi-Fi radio from Alfa, a Raspberry Pi computer with a battery pack and a USB-connected wireless chip — all available for purchase online. The cost for the hardware, including the drone, is less than $400 and the software Kamkar developed, called SkyJack, is free and available here.
A SkyJacking drone buzzes around an area and uses its Wi-Fi radio to seek out and listen in on local networks broadcast in the area. When it finds one that’s communicating with a drone, the software inserts data packets into the networks, essentially reprogramming the drone to cut it off from its controller and redirect it to listen to Kamkar’s controller. As part of demonstration, Kamkar tested this function with a few of his own drone, showing that the hijacked drone essentially becomes a zombie under Kamkar’s control.
The other drones were vulnerable in part because Parrot, the company that made them, bought a block of MAC addresses, which identify the wireless computers in their drones. The MAC address uniquely identifies each one — in fact, every computer and mobile device has such an address. But since Kamkar knew the range of the MAC addresses, he said it was relatively easy for the computer on his drone to simply search through those addresses until it found the one for the drone he was trying to hack.
Kamkar’s hack won’t work on drones made by other companies and it won’t enable anyone to take control of a Predator drone used by the military. But it does show that it’s possible in principle to tap into the wireless network that controls drones and that should give the rest of us pause. In 2006, several media outlets reported that Iraqi insurgents had hacked a U.S. drone, intercepted some of its data traffic in a way that allowed them to see the same video feed as the soldiers piloting the aircraft. In 2011, security researchers at the Black Hat conference showed drones can hack cellphone towers.
With just a bit more effort, Kamkar has shown, it’s possible to take over the drone’s control systems as well. Military security for those systems is undoubtedly better than on a toy, but that doesn’t make it invulnerable.
Credit: Wikimedia Commons / Nicolas Halftermeyer