Hitting the Black Hat Asia Summit: drones cannot escape the ship

Hitting the Black Hat Asia Summit: drones cannot escape the ship

 

 

Without an encrypted professional drone, Wi-Fi is easily hooked up, and the signal is copied, And then it flies away .....

Warning drones cannot escape the ship.

At the Black Hat Asia Summit, IBM Security Expert Nils Rodday said drones loaded with unencrypted chips would be hijacked by attackers, these drones are widely used in law enforcement, emergencies, and private sectors.

According to Rodday, hijacking of a drone that costs more than $28 thousand costs less than $40. Attackers can hijack a drone within two kilometers as long as they have more basic knowledge of radio communication.

In Europe, drones are widely used in emergency services, and this discovery undoubtedly makes the situation worse. Attacks against Xbee (a wireless transmission module based on ZigBee technology) chips have become quite common, in addition, drones are not limited to attacks.

A German drone researcher once worked with a vendor to research and crack drones and control their android applications. He found that, due to performance limitations, the Xbee chip in the drone is not encrypted, and after wireless connection, it can control flight devices less than 100 meters in the air. They are only subject to WEP (Wired Equivalent confidentiality) weak protection.

 

The hijacked drone is starting.

Man-in-the-middle attacks on drones

Rodday said at the black hat Asia Security Conference that the attacker completely controlled the drone by copying Android commands. He also demonstrated how to issue instructions to let the drone propeller start to rotate and take off.

"You can crack the Wi-Fi WEP encryption and then disconnect the original control end of the drone. You can connect the attacker's control end within 100 ." Roddy told reporters.

 

Nils Rodday in the live demonstration

Attackers conduct man-in-the-middle attacks on the Xbee link and insert command code between the drone and the control end two kilometers away. Attackers can remotely control drones and obtain packaged data, but Nils says with a smile:

"I believe most attackers will choose to steal it ."

 

Drone Signal Stream

Rodday indicates that if the Xbee application is encrypted, attackers may reject remote attack commands, which can mitigate man-in-the-middle attacks and traffic theft.

Rodday recommends that drone manufacturers encrypt the traffic of aircraft firmware and Android applications to avoid attacks.