back to article Hacker reveals $40 attack that steals police drones from 2km away

IBM security guy Nils Rodday says thieves can hijack expensive professional drones used widely across the law enforcement, emergency, and private sectors thanks to absent encryption in on-board chips. Rodday says the €25,000 (US$28,463, £19,816, AU$37,048) quadcopters can be hijacked with less than $40 of hardware, and some …

  1. Pascal Monett Silver badge

    Finally a vendor acting reasonably

    At least the vendor is reacting to the issue in a timely and professional manner.

    Maybe all the current hoopla around encryption, FBI warrants and iPhones, plus the fact that said vendor has sold the stuff to government, has got something to do with it.

    Still, the usual behaviour of government is to whistle and look busy while saying nothing is wrong, so point for the vendor.

    1. chris 17 Silver badge

      Re: Finally a vendor acting reasonably

      Um where does it mention the vendor us doing any more than evaluate the findings?

      I can't imagine any vendor coming out and saying anything less for fear of being rightly panned.

      1. Kumar2012

        Re: Finally a vendor acting reasonably

        "Um where does it mention the vendor us doing any more than evaluate the findings?

        I can't imagine any vendor coming out and saying anything less for fear of being rightly panned."

        --- Right in the article?

        "The Germany-based UAV boffin worked with the consent and assistance of the unnamed vendor to pry apart the internals of the drone and the Android application which controls it."

  2. allthecoolshortnamesweretaken

    As some of these drones are used for video surveillance, would it be possible to hijack and replace the video feed?

    1. Mark 85

      You probably could since that would be a different frequency than the command and control one used. Let the operator fly it and replace the drone feed with a porn flick should produce some interesting responses.

  3. Anonymous Coward
    Anonymous Coward

    Although a cockup of that magnitude is not beyond the possible, I am slightly mindful of the date so I'm going to sit this one out :)

    1. pakman
      Joke

      An alternative interpretation: the cock-up might be real, but the suggestion that a hardware manufacturer cares enough about software security to be working on a fix could be the April fool joke :-)

  4. Kubla Cant

    The attacker's remote AT commands ...

    Police drones use the Hayes AT command set? Do they do the warbling noise too?

    1. DropBear

      Much as most everything is still a "serial port" long after actual RS232 connectors went out of style the simplest level most radio hardware offers to interface at is - you guessed it - some variation of AT commands over a serial connection. Even the recent ESP8266 all-in-one WiFi module does the same. That is not to say many of these modules don't offer more complex ways to interface, but the AT commands are always the first level offered. I guess it's not a praise for the makers of the drone that they stayed at that level, but hey - the simplest thing that works tends to win, isn't it...

  5. imanidiot Silver badge

    XBee?

    Really? I'd think the limitations and vulnerabilities already known for this platform would deter anyone from using it for this sort of application in the first place.

  6. NotBob
    Trollface

    Woohoo!

    Gonna get me a drone from them coppers!

  7. Anonymous Coward
    Anonymous Coward

    Love all these wifi controlled drones, yeah you could crack the wep key (taking between seconds to minutes)... but if you want to have some quick fun rock on mdk3 and just dos/deauth the connection and watch the drone fall from the sky... (in the case of some), for others that auto hover you have to deauth until the cells depleted and gravity takes over.

  8. tekHedd

    Distance?

    "you have to be within 100 metres"

    What if you have a directional antenna? Probably also need some really good binoculars too, and maybe a friend to keep the antenna aimed on-target while you guide it on its unscheduled voyage. Assuming you were the sort of nefarious prankster that would do such a thing. Which you're not.

    Of course if the xbee link is hackable it's probably moot.

  9. Terry Cloth
    WTF?

    OMG! Someone still builds WEP into modern kit?

  10. b0llchit Silver badge
    Mushroom

    Nothing to hide - nothing to fear

    Well, if the police have nothing to hide, then they should have nothing to fear. That is their motto, so open links is a Good Thing (TM).

    I just have a feeling that the police disagree. But then again, so do I.

    (a slight form of sarcasm may be present in this post)

  11. Anonymous Coward
    Anonymous Coward

    Xbee is a Zigbee chip

    "He found encryption, while supported, was not active in the Xbee chips due to performance limitations"

    Boggles the mind. At that price, they could have used a slightly more powerful Zigbee chip.

  12. Sureo
    Coat

    Would the Government really want encryption?

    Encryption would mean that hackers couldn't steal their drone, but then they couldn't steal your drone either.

  13. gollux

    Bwa ha ha

    How precious... For want of a little security, you could 5 finger discount your own professional level drone.

    1. MachDiamond Silver badge

      Re: Bwa ha ha

      I'd worry that the drone had a GPS receiver has a beacon for the coppers to find it again. If they track it down to your shed, you'll be in a spot of trouble.

      Hijacking control is interesting, but just crashing the copter would be useful if you're a criminal enterprise that wants that eye-in-the-sky gone so you can make your escape.

      The best acquisitions will be the Amazon and Google delivery craft if they get permission to fly. They'll have heavier lift capability and chances are good that once you get it down and wrapped in a RF shield, a retrieval team won't be nearby like with a police operation. The added bonus is that since drone delivery is likely to be expensive, what is being delivered is also likely to be of high value.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like