Drones successfully 'hacked' by 'spoofing'
Washington: A team of researchers has successfully demonstrated for the first time that the GPS signals of an unmanned aerial vehicle (UAV), or drone, can be hijacked by an outside source.
The discovery could factor heavily into the implementation of a new federal mandate to allow thousands of civilian drones into the U.S. airspace by 2015.
The same method may have been used to bring down a US drone in Iran in 2011.
According to analysts, the demo shows the potential danger of using drones.
Cockrell School of Engineering Assistant Professor Todd Humphreys and his students were invited by the U.S. Department of Homeland Security to attempt the demonstration in White Sands, New Mexico in late June.
Using a small but sophisticated UAV along with hardware and software developed by Humphreys and his students, the research team repeatedly overtook navigational signals going to the GPS-guided vehicle.
Known as “spoofing”, the technique creates false civil GPS signals that trick the vehicle’s GPS receiver into thinking nothing is amiss — even as it steers a new navigational course induced by the outside hacker.
Since spoofing fools GPS receivers’ on both their location and time, some fear that most GPS-reliant devices, infrastructure and markets are vulnerable to attacks.
This fear was underscored, but not proven, when a U.S. military drone disappeared over Iran late last year and showed up a week later, intact, and in the care of Iranians who claimed to have brought the vehicle down with spoofing.
The recent demonstration by University of Texas at Austin researchers is the first known unequivocal demonstration that commandeering a UAV via GPS spoofing is technically feasible.
“I think this demonstration should certainly raise some eyebrows and serve as a wake-up call of sorts as to how safe our critical infrastructure is from spoofing attacks,” Milton R. Clary, a senior Department of Defense (DoD) Aviation Policy Analyst at Overlook Systems Technologies, said.
Humphreys said his research team wanted to demonstrate the potential risks associated with spoofing early on in the Federal Aviation Administration's task to write the mandated rules that will allow government and commercial drones in the U.S. airspace by 2015.