Thursday, December 17, 2009

Video Stream for Unmanned Drone Hacked

In what can only be described as a complete failure to plan for security, multiple news organizations are reporting that Iraqi insurgents are able to intercept the video stream sent from unmaned US drones.

It really is amazing that any data would be sent over an unencrypted channel. According to the article, the video was sent via satellite and did not use any sort of encryption. The insurgents were able to use a publicly available satellite grabbing software to intercept the stream.

I have to wonder if this design was something that "slipped through the cracks" or was deemed low risk and too expensive to implement encryption controls.

We will of course never know what decisions led to the lack of data encryption in the drone. We can only hope that this event will be a reminder that any electronic device of value must be designed with a threat model and comprehensive security controls to thwart digital attacks.


-Michael Coates

1 comment:

  1. "The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said."

    http://online.wsj.com/article/SB126102247889095011.html

    ReplyDelete

Note: Only a member of this blog may post a comment.