Keylogging the Predators

 AARRRGH, aircraft, news
Oct 072011
 

Oh, goody. It turns out the US drone fleet has been hit with a keylogging virus that the DoD has so far failed to eliminate.

http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/

“It’s getting a lot of attention,” the source says. “But no one’s panicking. Yet.”

It was bound to happen. Someday someone will manage to successfully hack a drone in flight, and either crash it or turn it against its owners. Won’t that be a fun day.

 Posted by at 2:32 pm

  9 Responses to “Keylogging the Predators”

  1. Jordan says:
    October 7, 2011 at 7:21 pm

    Given the level of technology that hackers have access to, this isn’t surprising.

    Instead of a virus it could be a bug in the drone’s programming or a bug in the flight system.

  2. Ed Hahn says:
    October 8, 2011 at 9:08 am

    I think, reading the article, that it was the control room computers, running Windows XP, that are infected. But yeah, in a worst case, it could be used to take over the drones.

    They mention Kapersky detecting it, and it sounds like the Host Based Security Systems is just a suite of off-the-shelf commercial products.

    http://en.wikipedia.org/wiki/Host_Based_Security_System

    They’d locked the system down, no access except for using external drives to transfer information to/from them, and that’s apparently what bit them.

    If there is no external access then the keylogger isn’t an immediate threat, as it has no way to get information back to the malware originator.

    And it sounds as though their image/backup/wipe/restore process wasn’t thought out in advance, and that they are just now figuring out how to do it.

    That said, it seems insane to use something as malware vulnerable as Windows for this sort of job.

    • Grey Havoc says:
      October 8, 2011 at 1:59 pm

      Don’t forget there is one external link that has to be maintained; the link between the ground station and the drones it’s supposed to control. Using the drones to covertly retransmit the data gathered to unfriendly ears may not be outside the realm of possibility.

      • Ed Hahn says:
        October 8, 2011 at 4:57 pm

        Greg H, you’ve a devious, devious mind. I tip my hat.

        If it someone knew the systems and protocols, then maybe. A little steaganograpy in the unencrypted video stream from the drones…

    • MrTolliver says:
      October 8, 2011 at 3:55 pm

      You’d think the military would wise up and start using linux or unix based systems

      • Seamus Dubh says:
        October 9, 2011 at 12:16 am

        Screw that sole proprietary OS.
        No way to hack or infect if it is uncompilable with the rest of the world.
        Also they can’t slack off and use Facebook.(most likely the way they got the virus to begin with)

  3. Seamus Dubh says:
    October 9, 2011 at 12:17 am

    That will be the day all those “real” pilots will be vindicated.

  4. Winchell Chung says:
    October 10, 2011 at 6:48 am

    Predator Drone Virus Could Be Internal Monitoring System: Analyst
    According to security researcher Miles Fidelman, however, the virus may be an internal Department of Defense (DoD) security monitoring package.

    http://techzwn.com/2011/10/predator-drone-virus-could-be-internal-monitoring-system-analyst/

Sorry, the comment form is closed at this time.