{"id":14692,"date":"2017-04-19T09:00:42","date_gmt":"2017-04-19T13:00:42","guid":{"rendered":"https:\/\/www.kaspersky.co.za\/blog\/?p=14692"},"modified":"2020-04-17T19:45:51","modified_gmt":"2020-04-17T17:45:51","slug":"drone-gone-in-11-ms","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/drone-gone-in-11-ms\/14692\/","title":{"rendered":"Drone gone in 11 milliseconds"},"content":{"rendered":"<p>Drones are everywhere nowadays. Amazon <a href=\"https:\/\/www.usatoday.com\/story\/tech\/news\/2016\/12\/14\/amazon-delivered-its-first-customer-package-drone\/95401366\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">delivers packages<\/a> by drone. Filmmakers and media workers launch cameras into the air to take attractive wide shots. Some enthusiasts who don\u2019t mind paying $500 or more for a smart toy use drones to explore the sky or take video of friends\u2019 weddings.<\/p>\n<p>It\u2019s easy to picture yourself outside with your new $500 drone, launching it into the air and \u2026 watching helplessly as the craft flies out of sight, ignoring the controller in your hands.<\/p>\n<p>This is no firmware bug or controller failure: Your drone has been hijacked. At the <a href=\"https:\/\/www.kaspersky.co.za\/blog\/tag\/sas\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security Analyst Summit<\/a>, security expert Jonathan Andersson proved that a skilled malefactor can make a device that can hijack drones in mere seconds.<\/p>\n<p>Andersson used a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Software-defined_radio\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">software-defined radio<\/a> (SDR), a drone\u2019s control unit, a microcomputer, and some other electronic equipment to make such a device. He called it Icarus. With the help of the SDR, Andersson tuned to the frequency a drone uses to communicate with its controller, and then he experimented until he found how exactly the signals were transmitted between the devices.<\/p>\n<p>It took a while for Andersson to learn how data transfer works between a drone and its control unit, especially because they hop channels every 11 milliseconds. Nevertheless, if you can do it once, the path to hijacking a drone becomes clear; developers of the smart toys all use similar protocols.<\/p>\n<p>Developers follow the popular <em><a href=\"https:\/\/en.wikipedia.org\/wiki\/Security_through_obscurity\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">security through obscurity<\/a><\/em> method, counting on the complexity of protocols and neglecting strong encryption. Icarus can hack their primitive encryption and send a series of commands to hijack a craft during the 11 milliseconds a device waits before hopping channels.<\/p>\n<p>As a result, the drone\u2019s legitimate controller becomes useless and control goes to the malicious one \u2014 literally on the fly. The next video shows how it works in the real world.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/NRr19hdsjoY?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>Andersson explained that this threat can potentially influence the whole drone industry \u2014 from cheap toys to expensive, professional craft \u2014 because drones and controller units use data transfer protocols that are vulnerable to the same type of attack.<\/p>\n<p>Stronger encryption could fix the problem, but it\u2019s not that easy \u2014 many controllers do not support software updates. Moreover, strong encryption requires substantial computation capacity, which leads to additional energy consumption by the controller <em>and<\/em> the aircraft. The power problem really complicates the situation: When it comes to drones, every ounce and watt-hour is valuable.<\/p>\n<p>We\u2019d like to believe that developers will solve this problems in the very near future. It\u2019s sad to wave goodbye to a hijacked drone! Filmmakers will be even more sad: Their drones cost thousands and even tens of thousands of dollars \u2014 and they\u2019re just as easy to hack.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"earth-2050\">\n","protected":false},"excerpt":{"rendered":"<p>Drones are a part of the Internet of Things, which is widely known to be vulnerable. SEO title: How to hijack a drone <\/p>\n","protected":false},"author":675,"featured_media":14693,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[1981,511,261,899,2002,2003,1599,337,1980,97],"class_list":{"0":"post-14692","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-thesas2017","9":"tag-drones","10":"tag-encryption","11":"tag-hack","12":"tag-hexacopter","13":"tag-hijacking","14":"tag-quadcopter","15":"tag-sas","16":"tag-sas-2017","17":"tag-security-2"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/drone-gone-in-11-ms\/14692\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/drone-gone-in-11-ms\/11048\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/drone-gone-in-11-ms\/8654\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/drone-gone-in-11-ms\/9109\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/drone-gone-in-11-ms\/10413\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/drone-gone-in-11-ms\/10152\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/drone-gone-in-11-ms\/14628\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/drone-gone-in-11-ms\/3128\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/drone-gone-in-11-ms\/14692\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/drone-gone-in-11-ms\/7297\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/drone-gone-in-11-ms\/6618\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/drone-gone-in-11-ms\/10078\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/drone-gone-in-11-ms\/15335\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/drone-gone-in-11-ms\/14692\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/sas\/","name":"SAS"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/14692","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/675"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=14692"}],"version-history":[{"count":6,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/14692\/revisions"}],"predecessor-version":[{"id":27218,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/14692\/revisions\/27218"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/14693"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=14692"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=14692"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=14692"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}