Dec 17 2009

Drone Hack In Iraq Not That Important

Published by at 12:27 pm under All General Discussions,Bin Laden/GWOT,Iraq

Hacking can be bad, but what happened in Iraq with the hacking of US drones is not nearly as threatening as the drama queens in the news make it out to be:

Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter.

U.S. officials say there is no evidence that militants were able to take control of the drones or otherwise interfere with their flights.

This is definitely right up my ally (Command, Control, Communications and Information, or C3I). In many robotic systems (be they military drones or NASA spacecraft) there are two communications paths. One is the high rate ‘payload’ data downlink (broadcast only from the platform). The other are the command and control links, which can use various and multiple layers of security. That’s as far as I am going to go into these links, but needless to say the command and control links cannot be hacked by a few dollars of radio shack equipment.

This story is all about the video on the payload downlink.

When we have to deal with large amounts of data, as we do with imaging and video, we tend to remove security layers to get more data through the RF pipe. We only do this if there is no risk to the mission or the assets, and there is a huge return on clarity.

In video and imaging increases in resolution = increases in data. As all you digital camera users know, the more mega pixels the better the picture and the more you can blow it up.

Our US drone fleet is fairly young, but it does have its aging queens still in service. The fact only ‘some’ of the drones have this weakness means this can be corrected – and quickly. But to actually take advantage of this video stream you have to know:

  1. Where it is coming from: the video probably does not have the necessary ‘telemetry’ transmitted with it, which means the images could be coming from anywhere.
  2. When the image was taken – basically not all images need be real time.
  3. Be able to act on 1 and 2

The fact is by the time someone could unravel 1 and 2, the information is stale and of no use.

Clearly the first response we can take is to put the security back on the video downlinks, reducing our capability a bit. This means either less clarity or more delay, but nothing drastic.

The reporting by the media on the magic of modern communications is painfully embarrassing. It reminds me of that stupid magical router in last seasons ’24’ – which was incredibly hard to ignore and still get the feeling of pending doom. It was like combining Bugs Bunny with Jack Bower and still trying to make the 24 concept fly.

In this case folks, don’t let the technical ignorance of the media drama queens make you too concerned.

12 responses so far

12 Responses to “Drone Hack In Iraq Not That Important”

  1. crosspatch says:

    Data security is also “up my alley” too. And I agree that you secure what you need to secure. Encrypting a live video stream takes a lot of CPU. More CPU means more electronics, more power supply, heavier electronics, reduced battery life, less fuel load, and reduced loiter time.

    Interesting thing, though, is you only need to encrypt the sync. It depends on if the video feed is digital or analog, too. I would think the goal here would not be to “secure” the video but to prevent viewing in “real time”. In that case there is no need for a strong cipher. You don’t need to encrypt it so much as “scramble” it. I wouldn’t care if they could record the signal and unscramble it tomorrow or two hours from now as long as they can’t view it directly in real time. This scrambling could be done easily enough. You simply read the data out of order to the ground according to some easy algorithm that simply prevents real time viewing but doesn’t take a lot of math calculation. Encryption takes a lot of math. Encrypting “on the fly” in real time without delay takes a powerful CPU. Scrambling the data doesn’t take much.

    Imagine you have a page in a book and you simply scramble all the letters around out of order but you don’t change the letters. Heck, you can just change the word order around and not the individual letters (read horizontal video lines out of order). Someone can sit down and put it back in order but by that time you are gone and the mission is done. The same can be done with data. An analog signal can be “mixed” with a waveform that varies according to a certain pattern. Upon reception, that waveform is removed and you are left with the original signal again. Easy and fast.

    You use encryption for communications you never want anyone to read. You use “scrambling” for communications you don’t want anyone to read in real time.

  2. Mike M. says:

    AJ, you’re dead right. Almost every heavy UAV built – including many of the test assets – is in theater. And some of the early production airframes may not have been equipped with full crypto.

  3. Neo says:

    I think they ought to leave a few unencrypted video feeds looking at meaningless targets so these clowns get cocky.

  4. borepatch says:

    Crypto chips have been low cost for a long, long time – I remember working on Ultron Type 2 full-rate Ethernet encryptors in the 1980s, and ATM/OC-3 crypto in the 1990s. OC-3 was a lot more spendy, but it was 30x faster. And this was Type 2, not your basic Clipper garbage.

    It’s simply inexcusable that this wasn’t designed in from the beginning. The technology existed and everybody knew it. They saved $80 on a $12M drone. They didn’t think that someone wouldn’t have to field-upgrade it some day?

    Gah.

    I remember being taught – as a fledgling Electrical Engineer at one of the Intelligence Agencies – the “Washington Post” rule: anything that you read in the Washington Post about this Agency, is bad for this Agency.

    This is so filled with FAIL that it’s saturated, and dripping FAIL all over the carpet.

  5. AJStrata says:

    Borepatch,

    You are assuming robotic systems run over IP – bad assumption there my friend! As noted, there are a few birds left not yet fully protected. No big deal, just alarmist reporting.

    Thanks for the comment!

  6. Whoa! The military is not the only guys starting to depend on these platforms. ICE, LA County Sheriffs, etc are all going to video drones. I’ll just bet they are less careful than the Air Force.

  7. borepatch says:

    AJ, you don’t need IP. It was a long time ago, but I’m pretty sure that the chips could run in either Cipher Block Chaining or Cipher Feedback Mode.

    You’d need to engineer how to feed the stream into the chips, but this was the sort of think I used to do. It’s not Rocket Science.

    And that was back in the 1980s. There’s simply no excuse for unencrypted downlinks in anything built in the last 10 years.

    I’ll agree on the alarmist reporting – that’s what they do.

  8. Mike M. says:

    The key phrase being “built in the last 10 years”. All heavy unmanned aircraft built today use encrypted links (not IP, these are dedicated links).

    As to the $1.98 lightweight UAVs, many don’t use crypto. Some do, as it helps avoid spurious commands to the aircraft.

  9. crosspatch says:

    borepatch:

    Cavium Networks in Mountain View, California makes a single chip processor that will handle IPSEC at full wire speed for 10Gig Ethernet. It will do NAT and all sorts of other tricks, too. But chips like that weren’t available when the first and second generations of those UAVs were built.

    These chips are power hungry, though. And if you are going to transmit data at 10Gig you need a transmitter of even higher frequency. Analog video isn’t that hard to obscure from random pickup. But the very presence of a signal is a “tip off” that we are in the area even if you can’t see the video.

  10. Frogg1 says:

    Thanks for the insight, AJ. Makes me feel a lot better about it. Also explains why the military knew about this weakness years ago; but, didn’t think they needed to jump on it right away.

  11. KauaiBoy says:

    And now that we know this, it would make sense to use that against them. We could confirm intelligence data based on the reactions to what the enemy has seen and overload them with videos keeping them busy.

    Great post and follow ups….this is the kind of stuff the MSM is afraid to discuss for fear of hurting the small brains of their audience.

  12. patrioticduo says:

    And then, as anyone who has watched some of the youtube video’s of drone videos will attest, the psy-op value of allowing the bad guys to watch this stuff probably helps more than not because what better way to depress the morale of the enemy than to show them live video of the death of their comrades who are totally powerless to protect themselves from laser guided hellfire missiles mounted on high altitude unmanned drones. Maybe the DoD thought it was better to just let the live feed stay live. The enemies command & control and communications infra structure is not good enough to overcome the op-sec risks. They just get to watch it but can’t do anything about it. As long as that is the case, keep the camera rolling!