Infected Drones: Is Die Hard 4 Becoming a Reality?

I can honestly say that news of infected military drones is in no way amusing to me. This is for real, not Hollywood.

Indeed, it appears that for once the film industry can’t keep up with the latest reports from the computing world. And making an action film these days about cyber warfare is a tricky business: in the time between a pre-release trailer and the release of a movie, the script of the movie can be played out on the evening news.

So what am I talking about here? That malware has in fact – not fiction – gotten inside Predator and Reaper drones.

Infected Drones

Briefly: recently, Wired reported that a certain virus had infected the ground control stations (GCS) of the US unpiloted military aircraft. And once having infected them, it started logging pilots’ keystrokes as they remotely flew missions. It’s not fully clear yet, but it appears that the virus got inside the system via portable hard drives used to load missions and maps. That’s all the info we have at the moment. Everything else is mere guesswork and conjecture. And sadly it’s not the first time drones have appeared in the headlines of late due to security issues.

This is just the latest example of malware infections occurring where we least expect them.  Me, I’m rather worried about what the future may hold if things carry on like this.

Airplanes, cars, power stations, electricity grids, reservoirs, hospitals, hotels, etc., are vital elements of infrastructure on which all our lives depend, and they are all controlled by computers and networks. Alas, we rely on them completely. However, we can only guess at how they work and how well they are protected, or, rather, unprotected. And what can occur as a result of deficient protection is anyone’s guess. Just have a watch of Live Free or Die Hard. While the movie is mostly fantasy, it also contains a few nuggets of how our infrastructure could fall victim to cyberattacks.

And what’s crystal clear to me is that the incident with the drones is certainly not the first or the last time that malware has penetrated essential equipment on which lives depend. But what’s to be done faced with this worrying threat is not clear at present.

What is clear is that it’s impossible to solve this problem quickly: to do so would mean either becoming fully protected – which is impossible, or to simply stop using such systems – also impossible: the former – because any computer system is potentially vulnerable; the latter – because we’d all be jettisoned back to the first half of the last century, or even further back in time.

Finally, here’s an excerpt about how they tried to disinfect the drones’ GCS:

“At first, they followed removal instructions posted on the website of the Kaspersky security firm. But the virus kept coming back,” a source familiar with the infection says. Eventually, the technicians had to use a software tool called BCWipe to completely erase the GCS’ internal hard drives.”

Clearly this is not a common or garden variety piece of malware that stumbled its way into the system, that’s for sure. If it’s sophisticated enough that the best minds within the US cybersecurity community could only remove it via a brutal wipe, then we are clearly dealing with a formidable infection.

Comments 2 Leave a note

    Sling Trebuchet

    Love it.
    “We think it’s benign.” We don’t know who it might be reporting to. “But no one’s panicking. Yet.”
    Presumably some mild panic might be deployed should the compromised controllers direct drones to fire off a few missiles.

    The bit in the Wired report that blew my mind was “at Creech, a tiny outpost in the barren Nevada desert, ……, a drone pilot and a sensor operator sit in their flight suits in front of a series of screens.”
    Flight suits? Why? They are playing dress-up? Do they have to wear life jackets if the drone has to fly over water?
    Presumably they are also sitting in Ejection Seats – in case the building get shot down or has engine failure.

    My theory is that the virus was planted by another branch of US government. They all spy on each other – particularly since Wikileaks got the cables. Keyloggers on PCs used by Bradley Manning would have picked up his activity.
    Maybe the CIA want to know where the military are flying their drones, but the military won’t/can’t give them the information due to classification bureaucracy.

    The big problem with state-sponsored malware is that some outsider could take advantage of it. Did I read that R2D2 was not wonderfully well written?

    Sling Trebuchet

    It’s OK. No need to panic. No big deal. The virus seems to have slipped in because pilots were playing games like Mafia Wars.
    –on machines from which removable drives were subsequently plugged into the drone control PC’s — right
    Eh…. PANIC !!!!

    “We continue to strengthen our cyber defenses,”
    Oh good.

Trackbacks 4

It’s the End of the Net as We Know It. | Nota Bene

暗黒面のサイバー関連ニュース – 2014年6月4日付 | Nota Bene | Eugene Kaspersky Official Blog in Japanese

Cibernoticias del lado oscuro – 04 de junio de 2014 | Nota Bene | El blog oficial de Eugene Kaspersky en español

Cybernouvelles du côté obscur – 4 juin 2014 | Nota Bene | Le blog officiel de Eugène Kaspersky en français.

Leave a note