A team at the University of Texas at Austin claims to have hacked into and taken control of a non-military drone using less than $1,000 in parts, highlighting concerns over domestic drone use. Drones operated by the Department of Homeland Security and other agencies are already flying over the U.S. Smaller groups like universities and branches of law enforcement have sought approval from the FAA to operate unmanned aerial vehicles (UAV) of their own. The FAA is working on regulations for such operations and the researchers’ claim suggests that unencrypted GPS signals could put drone hijacking within the reach of anyone with $1,000 and the requisite intellectual resources. Recent history suggests that vulnerability may not be limited to domestic drones.
The technology used by the researchers is known as “spoofing.” It involves targeting a drone with false but strong signals that mimic actual GPS signals and then deviate, luring the drone from its intended path. Through careful manipulation of that alternate GPS data, hackers can effectively take control of the drone’s guidance system and flight path. When a U.S. RQ-170 Sentinel drone landed in Iraq in early December, 2011, Iranian officials claimed they used similar technology to a trick the aircraft into landing. If true, it wouldn’t be the first time U.S. drone systems have been compromised. Back in 2009, U.S. forces found laptops help by Iraqi insurgents included video streams from U.S. drones. Both cases suggest even U.S. military drone systems may be less than adequately protected against electronic assaults.
