October 11, 2011
Infected Drones: Is Die Hard 4 Becoming a Reality?
I can honestly say that news of infected military drones is in no way amusing to me. This is for real, not Hollywood.
Indeed, it appears that for once the film industry can’t keep up with the latest reports from the computing world. And making an action film these days about cyber warfare is a tricky business: in the time between a pre-release trailer and the release of a movie, the script of the movie can be played out on the evening news.
So what am I talking about here? That malware has in fact – not fiction – gotten inside Predator and Reaper drones.
Briefly: recently, Wired reported that a certain virus had infected the ground control stations (GCS) of the US unpiloted military aircraft. And once having infected them, it started logging pilots’ keystrokes as they remotely flew missions. It’s not fully clear yet, but it appears that the virus got inside the system via portable hard drives used to load missions and maps. That’s all the info we have at the moment. Everything else is mere guesswork and conjecture. And sadly it’s not the first time drones have appeared in the headlines of late due to security issues.
This is just the latest example of malware infections occurring where we least expect them. Me, I’m rather worried about what the future may hold if things carry on like this.
Airplanes, cars, power stations, electricity grids, reservoirs, hospitals, hotels, etc., are vital elements of infrastructure on which all our lives depend, and they are all controlled by computers and networks. Alas, we rely on them completely. However, we can only guess at how they work and how well they are protected, or, rather, unprotected. And what can occur as a result of deficient protection is anyone’s guess. Just have a watch of Live Free or Die Hard. While the movie is mostly fantasy, it also contains a few nuggets of how our infrastructure could fall victim to cyberattacks.
And what’s crystal clear to me is that the incident with the drones is certainly not the first or the last time that malware has penetrated essential equipment on which lives depend. But what’s to be done faced with this worrying threat is not clear at present.
What is clear is that it’s impossible to solve this problem quickly: to do so would mean either becoming fully protected – which is impossible, or to simply stop using such systems – also impossible: the former – because any computer system is potentially vulnerable; the latter – because we’d all be jettisoned back to the first half of the last century, or even further back in time.
Finally, here’s an excerpt about how they tried to disinfect the drones’ GCS:
“At first, they followed removal instructions posted on the website of the Kaspersky security firm. But the virus kept coming back,” a source familiar with the infection says. Eventually, the technicians had to use a software tool called BCWipe to completely erase the GCS’ internal hard drives.”
Clearly this is not a common or garden variety piece of malware that stumbled its way into the system, that’s for sure. If it’s sophisticated enough that the best minds within the US cybersecurity community could only remove it via a brutal wipe, then we are clearly dealing with a formidable infection.