Militants in Iraq and Afghanistan have been
intercepting live video feeds from U.S. Predator drones according to the online
version of the Wall Street Journal. Using $26 software intended to intercept
and decrypt movies transmitted over satellites, the insurgents have been able
to monitor and potentially evade U.S. military operations.
U.S. officials became aware of the problem after analyzing data from an insurgent’s laptop computer captured last December. Senior defense officials say that Iranian-backed Shiite fighters in Iraq have used a software program called SkyGrabber to regularly intercept the unprotected communications link in some UAVs. Officials say that there is no evidence thus far that militants have been able to take control of the UAVs. Still, this capability significantly undermines a weapon system in which the U.S. is heavily investing. UAVs account for 36% of the Air Force's budget for new aircraft in 2010.
According to the Wall Street Journal, the U.S. has known about this problem since UAVs were used in Bosnia 1990s. However, the Pentagon assumed local adversaries wouldn't know how to exploit the flaw. Yesterday, Lieut. Gen. David Deptula, who is in charge of the Air Force's UAV program, said that there are inherent risks since UAVs send video and other data over great distances. He added that the military was trying to solve the problem through better encryption.
The story is a telling commentary on the nature of warfare. Much like the Spy versus Spy comic strip, they illustrate that for every new technology invented, a counter technology is available. This is undoubtedly not the last vulnerability that will be found and exploited in America's newest weapon system.
If the flaw was known since the 1990s, this is more than the usual "spy vs spy" deal, this is utter complacency. A clear case of underestimating your opponents. If the insurgents are backed by Iran, who have the capability to successfully design, build and launch missiles as we see on the news from time to time, why assume the same insurgents cannot source off-the-shelf technology easily available in other countries?
Posted by: Julien | December 17, 2009 at 05:33 PM
I've got to agree with Julien, if the exploit was known then why on earth wasn't it fixed. In the IT field there is a saying: security through obscurity is no security at all.
On the flip side, it doesn't sound like a huge security issue. So they saw some of our aerial footage of hotspots. Now the UAV developers know about it and I suspect a fix is just a few lines of code away.
Posted by: Patrick Flannigan | December 18, 2009 at 06:19 AM