During the PacSec 2016 conference in Tokyo last week, Trend Micro security research manager Jonathan Andersson demonstrated a hack that remotely highjacks unauthorized or unwanted drones using a transmitter that exploits a common radio protocol.
According to Ars Technica, the company’s TippingPoint Digital Vaccine Lab division developed a device that transfers all flight controls using a “software defined radio” to attack “DSMx Spread Spectrum Frequency Hopping Drone Remote Controls.” DSMx is an RF link add-on designed for remote model hobbyists who want to operate RC’s at large events without hopping on to the wrong remote link within a 2.4 Ghz environment.
Ars writer Dan Goodin notes:
“Besides hijacking a drone, the device provides a digital fingerprint that’s unique to each craft. The fingerprint can be used to identify trusted drones from unfriendly ones and potentially to provide forensic evidence for use in criminal or civil court cases.”
Goodin also points out that the device is not a frequency jammer – as seen in anti-drone products such as Drone Dome or solutions that comprise the FAA’s Pathfinder Initiative.
“The shared secret … exchanged is easily reconstructed long after the binding process is complete by observing the protocol and using a couple of brute-force techniques,” Andersson told Ars.
“Further, there is a timing attack vulnerability wherein I synchronize to the target radio’s transmissions and transmit a malicious control packet ahead of the target, and the receiver accepts my control information and rejects the target’s.”
As drone use grows, many public agencies and companies are seeking anti-drone solutions to keep UAVs from flying over restricted areas where they could pose a safety hazard or access sensitive data – wildfire zones, nuclear power plants, prisons and airports.
A recent study predicts the emerging market will to grow to a billion-dollar industry within six years with predicted compound annual growth rate of 23.89 percent across 2017-22.
Jason is a longstanding contributor to DroneLife with an avid interest in all things tech. He focuses on anti-drone technologies and the public safety sector; police, fire, and search and rescue.
Beginning his career as a journalist in 1996, Jason has since written and edited thousands of engaging news articles, blog posts, press releases and online content.
Email Jason
TWITTER:@JasonPReagan
Subscribe to DroneLife here.