There has been a surge in the sale of drones - small flying machines fitted with cameras. However a recent study conducted by a computer security team from Johns Hopkins University reveals that it is quite easy for hackers to make drones disregard their human controllers and land or even crash.
Five security informatics graduate students led by their professor have three varied methods to send rogue commands from a PC laptop to obstruct normal operation of an airborne hobby drone and make it to either land or crash it.
This study is critical as drones, also known as unmanned aerial vehicles, are gaining in popularity. An article in Fortune, talking about a 12-month period ending in April, highlighted that the sales of drones have tripled in the previous year. This is despite the fact that these devices are very expensive. According to the article, a drone’s average cost is above $550. These rates can drastically depend on the complexity of the device.
A recent Federal Aviation Administration report estimated that there would be 2.5 million commercial and hobby-type drone sales in 2016.
Hobby drones are flown mainly for aerial photography or videography and recreation. However, highly complex commercial drones are built to handle more challenging tasks. Farmers have started using drones with dedicated cameras to survey their fields and help establish where and when water and fertilizer has to be applied.
Modern commercial drones can also assist in search and rescue missions located in tough terrain. Some companies, such as Amazon, are exploring the application of drones to carry commodities to their customers. It looks like in their haste to gratify consumer demands, drone manufactures have not secured the digital doors well.
You see it with a lot of new technology. Security is often an afterthought. The value of our work is in showing that the technology in these drones is highly vulnerable to hackers.
Lanier A. Watkins,
Watkins is a senior cyber security research scientist in the university’s Whiting School of Engineering, Department of Computer Science. He also takes up appointments with the Johns Hopkins Applied Physics Laboratory and the Johns Hopkins Information Security Institute.
During the past school year, Watkins’ security informatics master’s degree students were asked to use their knowledge regarding information security in a capstone project. Watkins recommended that the team can prepare wireless network penetration testing on an in-demand hobby drone and create “exploits” from the weaknesses found to disturb the method that facilitates a ground operator of a drone to direct its flight.
An “exploit,” explained Michael Hooper, one of the student researchers, “is a piece of software typically directed at a computer program or device to take advantage of a programming error or flaw in that device.”
The team’s first successful exploit was to bombard a drone with nearly 1,000 wireless connection requests in quick succession, each demanding for control of the airborne device. This digital surge overloaded the CPU of the aircraft, causing it to shut down. This caused the drone to go into an “an uncontrolled landing.”
In the second successful hack, a very large data packet was sent to the drone, greater than the buffer’s capacity in the flight application of the aircraft. Again, this caused the drone to crash.
In a third hack, the team sent out a fake digital packet from their laptop to the controller of the drone informing it that the sender of the packet was the drone itself. The researchers stated that the controller of the drone began to “believe” that the packet sender was really the drone itself. It cut off its own contact with the drone, which ultimately caused the drone to resort to an emergency landing.
We found three points that were actually vulnerable, and they were vulnerable in a way that we could actually build exploits for. We demonstrated here that not only could someone remotely force the drone to land, but they could also remotely crash it in their yard and just take it.
Lanier A. Watkins
Based on university policy, the team explained their drone exploit results in a Vulnerability Disclosure Package and delivered it to the manufacturer of the drone that was tested at the start of this year. However, the team never received any response from the company till end of May. More recently, the researchers have started testing high-end drone versions to check whether these devices possess the same kind of issues caused by hacking.
Watkins hopes the results will act as an alert so that futuristic recreational drones, package deliveries, aerial photography, and other commercial and public safety endeavors will be upgraded with security features on board when they leave the manufacturer rather than only depending on later “bug fix” updates, which could prove to be too late.
The other four Johns Hopkins grad students who participated in this research with Watkins were Yifan Tian, Runzuan Zhou, Bin Cao and Wlajimir Alexis.