On the evening of June 19, a group of researchers from the University of Texas successfully hijacked a civilian drone at the White Sands Missile Range in New Mexico during a test organized by the Department of Homeland Security.
The drone, an Adaptive Flight Hornet Mini, was hovering at around 60 feet, locked into a predetermined position guided by GPS. Then, with a device that cost around $1,000 and the help of sophisticated software that took four years to develop, the researchers sent a radio signal from a hilltop one kilometer away. In security lingo, they carried out a spoofing attack.
“We fooled the UAV (Unmanned Aerial Vehicle) into thinking that it was rising straight up,” says Todd Humphreys, assistant professor at the Radionavigation Laboratory at the University of Texas.
Deceiving the drone’s GPS receiver, they changed its perceived coordinates. To compensate, the small copter dove straight down, thinking it was returning to its programmed position. If not for a safety pilot intervening before the drone hit the ground, it would have crashed.
But for Humphreys playing the part of an evil genius in a thriller movie, everything worked exactly to plan. “It was beautiful,” he tells Danger Room.
The rogue takeover exploited a vulnerability in GPS to take control of the drone. It was, by Humphreys’ accounting, the first time somebody proved a civilian drone could be hijacked. Last year, when the CIA lost a drone in Iran, there were reports indicating the Iranians might have launched a spoofing attack and tricked it into landing, but we’ll never know for sure. Also, in September 2011, North Korea reportedly forced a U.S. spy plane to land with a jamming attack.
With the planned integration of civilian drones in the American airspace, these problems might be coming to the U.S. The FAA must come up with new rules to allow for a freer use of drones in America by 2015 and, apart from worrying about possible collisions between manned and unmanned aircrafts, now the FAA might have to worry about people hijacking drones with spoofing devices.
What’s worse, the experiment at White Sands shows that drone-jacking is “just the tip of the iceberg of a much bigger security issue we have in this country,” according to Logan Scott, a GPS industry consultant who has worked for defense giants like Lockheed Martin.
In other words, it’s not only about drones, it’s GPS in general that is not safe...