Computer Virus Hits U.S. Drone Fleet

[Ellirium113]

Looks like it was just another one of those old "Didn't think they would exploit it." type of security lapses:

U.S. drone hijacked by GPS hack?
by Steven Musil |December 15, 2011 11:05 PM PST 

A U.S. stealth drone in Iranian hands was hijacked by using software that spoofed GPS coordinates, forcing it to land at those coordinates, the Christian Science Monitor reported today.

Hackers reconfigured the GPS system of the RQ-170 Sentinel, forcing it to "land on its own where we wanted it to, without having to crack the remote-control signals and communications," said an unnamed Iranian engineer who said he examined the captured drone.

"The GPS navigation is the weakest point," he told the newspaper. "By putting noise [jamming] on the communications, you force the bird into autopilot. This is where the bird loses its brain."

Military officials have known about the aircraft's GPS vulnerability since 2003, according to a published report cited by The Register.

"A more pernicious attack involves feeding the GPS receiver fake GPS signals so that it believes it is located somewhere in space and time that it is not," the report, titled GPS Spoofing Countermeasures, states. "This 'spoofing' attack is more elegant than jamming because it is surreptitious."

U.S. officials blamed a malfunction for the loss of the drone, which has appeared on Iranian TV in seemingly pristine condition. However, Iranian specialists reportedly studied the wreckage of previously downed drones to pinpoint the vulnerability.

http://news.cnet.com/8301-1009_3-57344032-83/u.s-drone-hijacked-by-gps-hack/

I can't help but to wonder if their black projects have the same exploitable features...More advanced must mean less worries right? 

Zorgon, you must have a buddy that can bring in a TR-3B in this manner to have a peek at? 

[stealthyaroura]

There seems so many possibilities as to why Iran got hold
of the drone, was it just a "seeding" op to find out what & who
is involved in what happens to the tech now, who puts in a bid
for the drone etc. I assume all it's chips will be fried by auto
exicution if there is a major glitch that is none recoverable?

[Ellirium113]

Debka: Whoever hacked the drone, hacked the CIA

The Israel-based outlet adds that in addition to hacking the GPS network of the craft, as Iranian engineers admitted earlier this week, the command center in Langley must have been infiltrated as to keep those controlling the robotic plane from noticing that the craft had been guided onto an enemy base. Had the CIA been aware of the hacking of the GPS network only, adds Debka, they would have surely triggered the craft's self-destruct mechanism, rendering any wreckage unmanageable for Iranian authorities recovering the debris. Instead, Tehran officials were left with a pristine drone craft and have since thanked America for the gift and claim that they have decoded the technology of the craft.
Debka's analysis of the hijacking also raises a last point worth bringing up — with the Sentinel's mission over Iran being the first such flight there for the craft, whoever intercepted it was well aware of the precise day and hour of the mission. With Washington doubting their technology out of Tehran, going as far as to call it an "ox-cart culture" in recent weeks, the possibility that the attack was infiltrated from within the United States or with the cooperation of American officials seems more than likely now.

http://rt.com/usa/news/hacked-cia-drone-iran-029/

Hmmm I bet that ox-cart culture didn't find out that DUQU was in their system from reading news on the internet.  This just gets better and better.

Air Force finds out about drone virus from the Internet

Wired.com's Danger Room ran a report recently about a computer virus that had infiltrated the systems of the unmanned robotic drone aircraft fleet of the US Air Force. Sadly, some of the men and women directly responsible for overseeing the Air Force's computer networks did not become aware of the infection until they laid their eyes on that same, publically available report.
"It was not highlighted to us," one source involved with Air Force network operations anonymously remarked to Danger Room. "When your article came out, it was like, 'What is this?'"

"Nothing was ever reported anywhere. They just didn't think it was important enough," a second source involved in the security division tells Danger Room. "The incentive to share weaknesses is just not there."

http://rt.com/usa/news/air-force-drone-virus-783/

Well...I guess no one will be able to deal with it since even the mighty Microsoft can only offer a workaround even for DUQU. Good thing it is not a big issue  That is until they gain control of the ARMED ones and use them against us or gain control of something even more devastating. At this rate a war could be instigated quite easily. Clearly the right thing to do is discontinue using the drones until the software is repaired.

[stealthyaroura]

Well to be honest the thought of it been an inside job did
Cross my mind but I assumed security would be so tight
It would be nearly impossible.
Then I also doubt the art of spying,double, triple agents has
ceased. So many angles to the Iran story that we may never
find out the truth as to the who why & how.

[Ellirium113]

  They just NEVER learn...I guess there just IS no fixing STUPID.

Marines Want iPads to Control Robo-Copter Brains

Initially, the AACUS 'bots will handle supply runs in environments too dangerous for human pilots. Later, the pilotless copters could handle medevac missions, too. Cummings asks people to imagine a furious battle in difficult terrain. "Your buddy took a bullet to the chest and no manned helicopter is crazy enough to land." A Marine whips out a handheld device, taps a button or two and, within minutes, a medical robot is hovering overhead.

Suddenly without warning it dive bombs straight into the ground exploding. The Marine with the tablet looking at the 404 DRONE NOT FOUND error message on the tablet looks over at the CO yelling expletives. LOL

Cummings admits that it's an ambitious vision. "There's no guarantee we'll be able to make this work," she says. But even a near-miss could result in much-improved robots for a range of missions. "We are going to make substantial improvements."

http://www.wired.com/dangerroom/2012/01/navy-supply-robot/

By using APPLE products? made where again?  At the very least they could contract out an 11 Yr old to make the App for them. 

[Ellirium113]

Oh well here is some good news...it looks like it was NOT a virus...it was an Iranian built UFO that took down the drone. 

Iran's Flying Saucer Downed U.S. Drone, Engineer Claims

Meet Mehran Tavakoli Keshe, who purports to be the father of the RQ-170 abduction. In a recent post to his eponymous foundation's online forums, Keshe claims the Iranians used "advanced space technology" that he pioneered. "The craft has been air-picked-up and been put down on its belly through the use of field forces,"

http://www.wired.com/dangerroom/tag/ufos/

[Ellirium113]

The harsh reality and full extent of this modular virus likely has not reared it's ugly head yet. I am certain we will be seeing more of it soon.

Stuxnet and Duqu Part of Larger Cybermalware Campaign

while analyzing a newly discovered driver file from a Chinese PC which contained Duqu files, the researchers discovered that it appeared to be a modified version of a driver file used by Stuxnet. The modification used the same certificate and had the same signing date and time, leading to the conclusion that the two pieces of malware must share common origins.

Running through the company's malware file database, the team found seven other drivers with similar characteristics, including three -- rndismpc.sys, rtniczw.sys, and jmidebs.sys -- that still can't be related to specific pieces of malware.

These files cannot interact with any known version of Stuxnet, leaving the researchers to conclude that they were either connected to an earlier version of Duqu or represent fragments from unidentified pieces of malware created by the same team.

http://www.pcworld.com/article/247145/stuxnet_and_duqu_part_of_larger_cybermalware_campaign.html

I hope it wasn't discovered on an ipad. 

[Captain Dave]

Computer Virus Hits U.S. Drone Fleet



http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/



So hackers are getting into Area 51's Swarm Control?

THIS is a scary statement..

"We keep wiping it off, and it keeps coming back," says a source familiar with the network infection, one of three that told Danger Room about the virus. "We think it's benign. But we just don't know."

Wonder if it's... writing directly into a CMOS/BIOS... creating a hidden partition and disguising itself by reporting false correct data. Then reentering the main system? Wonder if theres a way to externally flash a bios? Wonder if somebody's using cloaking tech? Wonder if the Satellites have been messed with... Hmmm so many possibilities.

[Ellirium113]

Wonder if it's... writing directly into a CMOS/BIOS... creating a hidden partition and disguising itself by reporting false correct data. Then reentering the main system? Wonder if theres a way to externally flash a bios? Wonder if somebody's using cloaking tech? Wonder if the Satellites have been messed with... Hmmm so many possibilities.

ANSWER: E) All of the above, and then some.

[Ellirium113]

Good news, the Air Force is recognizing they are falling behind and is asking for more gadgets from China loaded with "infiltration-ware" (What I would dub it.). 

USAF Looking to Silicon Valley to Get its Innovation Mojo Back

Senior Air Force scientists are "taking a visit out to Silicon Valley, meeting with the leadership in Silicon Valley of companies such as Facebook, Google and the like, to see how we can build bridges to them and get them to be interested in DoD problems and help us innovate ourselves into a solid structure going forward into the future," said Jennifer Ricklin, the Air Force Research Laboratory's chief technologist during an Aviation Week-sponsored conference recently. "We really are looking at what are the best practices to keep innovation and technology access in the Air Force alive and healthy."

LOL RULE #1: ALWAYS OUTSOURCE YOUR MILITARY HARDWARE! Especially form countries you have a conflict of interest with.

"It's no surprise that a lot of the technology innovation in this country in the last two decades has not com from the defense industry, it's come from the private sector, from the commercial sector, things like the smartphone, the pad, the tablet," said Ricklin. "We're looking to those types of areas to see how is it that we can incorporate that type of innovation into the Air Force and how we do business in the Air Force."

Are we now supposed to believe, with all the black budget crap floating around, that they DON'T have the sophistication to keep up with telecommunication tech. and must rely on the private sector?

"I'm very concerned, I'm taking four days of my time with my boss and the Air Force chief scientist to go on out and see what's going on and to start to build bridges, this is just a first step," said Ricklin. From a financial standpoint, "they're not interested in us, they're making plenty of money. They don't need us, they don't care about us, they don't particularly care about the defense department, this is not where they're at.

LMAO don't like it make it yourself eh? If the DOD doesn't step up to the plate and address their cyber issues their entire army will be rendered irrelevent by advances in technology especially when one group of hackers can infiltrate, reroute, hide things etc. When the enemy has control of your network your screwed.

We'll see how this plays out. Again, it's a step in the right direction in terms of keeping up with the latest developments in the cyber realm.

Step in the right direction? Backwards off a cliff with both hands tied behind your back seems to be the direction. It will be a sad day when a 16 year old kid takes command of an entire platoon by hacking in with an iPad.



In an interview with Cesare Garlati , consumer specialist for Trend Micro., Garlati said:

"The combination of Google Android's dominant market share and the lack of control over the applications appearing in the various Android application stores created a perfect storm, giving malware developers the means and incentives to focus on the platform," the group said.

Eugene Kaspersky, chief executive of the eponymous computer security firm, said: "We are pretty sure that this will follow the computer's evolution," pointing out that threats had surged from 90,000 in 2004 to some 16 million in 2011, with internet transactions largely fueling the rise.

Some criminals are hiding "malicious code in legitimate applications" that consumers are downloading unwittingly.

Once they have gained access to data on the phone, they are stealing information that could be used in identity theft or in illegal transactions.

A further incentive for cybercriminals to breach smartphone security is that unlike computers, each phone "has a direct link to money" through the SIM card, Denis Maslennikov, Kaspersky Lab's senior malware analyst said.

Criminals are able, for instance, to implant so-called trojan horses that prompt phones to send SMSes to premium numbers.

http://www.physorg.com/news/2012-02-cybercriminals-android-exposed.html

Another stark warning from former Cheif Technical Officer of McAfee:

Hackers could send a text message worded like a warning from the telecom service provider that the account will be canceled if the smartphone user doesn't click an enclosed link to resolve the matter.

Clicking the link then triggers the installation of malicious software that lets a hacker control the smartphone remotely.

"We can monitor and record all calls, get all inbound and outbound SMS messages... basically take over the phone," Kurtz said.

"Imagine sitting in a board meeting and someone accesses your phone and listens remotely."

A hacker could even track a smartphone user's whereabouts using a handset's location-sensing capabilities.

Tricking computer users to click on links or to open rigged email attachments has been a longtime technique used to infect computers.

When it comes to smartphones, experts have mainly focused on the potential for makers of "apps" to program in nefarious tasks such as stealing data.

http://www.physorg.com/news/2012-02-firm-hacker-threat-mobile-gadgets.html

Yay...step in the right direction... 

The damage being done in the private sector alone is staggering, wait until everyone in the DOD is using these devices.

[Ellirium113]

Cracked: Iran reveals data from US drone 'used to spy on Osama'

Iran has claimed to have extracted sensitive information from an American drone downed in the republic last year – including both maintenance and flight details.

But many have already voiced concerns over the validity of these claims. While maintenance details are certainly useful to the next engineer handling the drone, its hard to believe sensitive information about the drone's flights would be stored within its memory.

http://rt.com/news/iran-usa-drone-decode-755/

Why would that be hard to believe I wonder? 


Iran starts cloning of American spy drone

Iran has completed reverse-engineering of the captured US spy drone and has started building its own copy, Iranian media reports.

Hmmm so if they paint them to look like their enemies drones then you'll only recognize them by the missile it fires at you? 

"The Americans should be aware to what extent we have infiltrated the plane," Iranian Fars news agency quoted the general as saying. "Our experts have a full understanding of its components and programs."

http://rt.com/news/iran-spy-drone-copy-667/