The Bright Side of $26 Drone Hacks
Speaking of cybersecurity, Naval blogger Galrahn has a fascinating take on last week’s big Wall Street Journal story about insurgents in Iraq using an off-the-shelf $26 hack to intercept video feeds from U.S. unmanned aerial vehicles. It’s actually an opportunity, he explains:
From a cyber warfare perspective, the short term solution to the UAV video issue is not to encrypt the data (which is the long term solution), rather to use the unencrypted video stream to go after the cyber insurgents – with the specific intention of getting inside their network. It is not complicated to have a normal UAV camera send a video signal exactly as intended for the military function, but include packet data that exploits vulnerabilities in software like skygrabber, or to include code that exploits known vulnerabilities in popular video players. I’m sticking to very common examples that are easily understood by the masses, but at many layers of the UAVs video signal the potential to exploit the unencrypted broadcasted video feed as a weapon is significant.
I’d be lying if I said that I knew how this works, or whether it’s actually applicable to the kinds of signals the drones employ, but Galrahn knows what he’s talking about in general. And I imagine in cyberwarfare, like in counterintelligence, your actual capabilities are less important than the way the enemy perceives your capabilities. Galrahn is recalling the famous command issued by French military genius Ferdinand Foch when trying to prevent the Germans from piercing the French line during World War I: “Hard pressed on my right. My center is yielding. Impossible to maneuver. Situation excellent. I attack.”