In Iraq and Afghanistan, the U.S. military depends on an array of drones to snoop on and stalk insurgents. Now it looks as if insurgents are tapping into those same dronesâ€™ broadcasts, to see what the flying robot spies see. If true â€” and widespread â€” itâ€™s potentially one of the most serious military security breaches in years.
Howâ€™d the militants manage to get access to such secret data? Basically by pointing satellite dishes up, and waiting for the drone feeds to pour in. According to the Journal, militants have exploited a weakness: The data links between the drone and the ground control station were never encrypted. Which meant that pretty much anyone could tap into the overhead surveillance that many commanders feel is Americaâ€™s most important advantage in its two wars. Pretty much anyone could intercept the feeds of the drones that are the focal point for the secret U.S. war in Pakistan.
Using cheap, downloadable programs like SkyGrabber, militants were apparently able to watch and record the video feed â€” and potentially be tipped off when U.S. and coalition forces are stalking them. The $26 software was originally designed to let users download movies and songs off of the internet. Turns out, the program lets you nab Predator drone feeds just as easily as pirated copies of The Hangover.
If you think militants are going to be content to just observe spy drone feeds, itâ€™s time to reconsider. â€œFolks are not merely going to listen/watch what we do when they intercept the feeds, but also start to conduct â€˜battles of persuasionâ€™; that is, hacking with the intent to disrupt or change the content, or even â€˜persuadeâ€™ the system to do their own bidding,â€ Peter Singer, author of Wired for War, tells Danger Room.
This has long been the nightmare scenario within Pentagon cybersecurity circles: a hacker not looking to take down the military grid, but to exploit it for his own purposes. How does a soldier trust an order, if he doesnâ€™t know who else is listening â€” or who gave the order, in the first place? â€œFor a sophisticated adversary, itâ€™s to his advantage to keep your network up and running. He can learn what you know. He can cause confusion, delay your response times â€” and shape your actions,â€ one Defense Department cybersecurity official tells Danger Room.
Meanwhile, military officials assure are scrambling to plug the hole. â€œThe difficulty, officials said, is that adding encryption to a network that is more than a decade old involves more than placing a new piece of equipment on individual drones,â€ the Journal notes. â€œInstead, many components of the network linking the drones to their operators in the U.S., Afghanistan or Pakistan have to be upgraded to handle the changes.â€
So it may be quite some time before this enormous security breach is filled.