Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

High-End Police Drone can be Hacked with $40 Worth of Equipment

posted by CoolHand on Friday March 04 2016, @12:22AM   Printer-friendly
from the super-secure-surveillance-ship dept.

takyon writes:

An unspecified €20,000 unmanned aerial vehicle used by Dutch police for surveillance can be hacked by sending commands using an 868 MHz link to the Xbee chip inside the drone:

A security researcher has reported finding a way to hijack a high-end drone, using parts costing as little as $40 (£29). The expert says it is possible to start the octocopter's engines, engage auto-takeoff, control its camera and, potentially, crash the machine. He will present his findings at the RSA security conference in San Francisco, and has published a thesis [auto-downloading PDF]. The drone's manufacturer has been informed. However, the researcher told Wired magazine there would be "no easy fix" to the problem, meaning units might have to be recalled for a hardware update.

Nils Rodday is currently a security consultant at IBM, but carried out his research at the Netherlands' University of Twente. His work focused on an unmanned aerial vehicle (UAV) used by the Dutch police force for surveillance. He said it cost about 20,000 euros ($21,700; £15,400).

[...] Mr Rodday focused on its use of a telemetry module fitted with an Xbee radio chip, made by the company Digi International.
The module converts wi-fi commands sent by a computer app into low frequency radio waves, which are then transmitted to another Xbee chip on the drone. This allows the operator to control it from a greater distance than would otherwise be possible. To achieve the hack, Mr Rodday required two Xbee chips of his own, among other low-cost components, as well as the use of a computer. The hack consisted of two parts:

  • Intercepting the initial wi-fi connection and displacing the legitimate user. Since the link was only protected by an encryption protocol with known vulnerabilities, Mr Rodday said he could crack it in little time
  • Transmitting his own commands to the drone's Xbee chip

The second step had been relatively easy, Mr Rodday said, because the drone-maker had opted not to make use of Xbee's built-in encryption features. The reason for this was that they would have extended the lag between the operator sending a command and the drone reacting.

Original Submission

 
This discussion has been archived. No new comments can be posted.
High-End Police Drone can be Hacked with $40 Worth of Equipment | Log In/Create an Account | Top | 6 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Interesting) by anubi on Friday March 04 2016, @03:24AM

    by anubi (2828) on Friday March 04 2016, @03:24AM (#313411) Journal

    I keep seeing this image of a bunch of kids hijacking a police drone and chasing the officers all over the place with it - just for shits and giggles and something to post on YouTube.

    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Total Score:   2