Hackers: A Real Threat to Unmanned Vehicles

This post is also available in: עברית (Hebrew)

By Shai Rud

A few days after the Curiosity rover landed on Mars, members of the hacker group Anonymous annoucned that they intend to hack the space vehicle and damage its mission. We’ve yet to hear any bragging about this from group members. Still, the danger exists. There’s no doubt that there are ongoing attempts to harm the martian rover, and that they’ll eventually succeed at some point. This is my working hypothesis and I assume it’s the same for NASA’s information security experts. After all, we’re all working under the same assumption – if it uses a computer, it can be hacked.

The threats to Curiosity’s safety are no different than the threats facing unmanned vehicles, vehicles used more and more often by armies around the world, including the IDF.

Without mentioning specific vehicle models used by the army, any unmanned vehicle features a wide variety of communications and computer systems. A weakness in one component – whether in the vehicle itself or in its control stations – might allow enemies to access, take over and harm the vehicle and its mission.

As a rule there have always been attempts to intercept communications between systems, whether wireless, RF, cellular or other. The main threat is an enemy taking over the transmission, enabling its disruption or even its corruption. If the messages aren’t encrypted the transmission protocol can be easily analyzed – the end as far as that mission is concerned, resulting in changed coordinates, denial of service attacks, replay attacks that confuse operators and decision makers, and so on.

If you’re new to all this you might be surprised just how cheap and easy it is to access and implement various intrusion tools, a wide variety of equipment allowing interception of transmissions and protocols, detecting the main protocol through reverse engineering. Antennas and relay units used to communicate with the unmanned vehicle include GPS components, that transmit and receive location data to and from the control room. Is the control room immune to malware threats? We sometimes invest a lot of time and resources into defending the product, forgetting to protect the shell surrounding that product. Similar to a person that keeps changing his bank account password, but writes it down on a note attached to his computer screen.

The most simple and efficient way to handle this type of threat involves developing an awareness for security, in addition to using to most appropriate type of encryption. At the same time, the applications that are the least harmful to the vehicle’s mission must be implemented.

iHLS – Israel Homeland Security

Other threats include session hijacking, allowing enemies to physically take over vehicles. This type of attack allows hostile elements to dictate the vehicle’s actions and transmit the wrong data. The correct way to deal with session hijacking is to define complex standards of identification. Using combined identification (something you have and something you know) is common in the private and business online worlds, but it’s also a very important principle to implement in the defense and security worlds. It includes dividing the necessary information so that two office holders are required for access.

Viruses have also been mentioned quite often. In 2008 a virus damaged the alert system in an Air Spain passenger plane, preventing it from reporting a system failure and leading to a deadly crash. Viruses that hit private or business computer systems are no different than viruses that target defense systems, even unmanned. A virus might be target the system itself or simply transmit information to its operators, they are still a very real threat.

Dealing with viruses is difficult and complex. Elements who are interested in harming military and defense tools will create specialized viruses that cannot be detected by antivirus programs, perhaps even abusing vulnerabilities as part of zero-day attacks.

Unmanned vehicles, much like business systems, use the same well known operating systems – unix, linux and windows. These operating systems, even when used by the military, still have the same weaknesses. Every operating system or storage device can be harmed by a virus or trojan. Solutions to these threats are easy to comprehend but difficult to implement.

As with any other product development process, entire teams and organizations are involved. When it comes to a security vehicle, used in the field for protection, intelligence gathering or even unmanned attack, extremely high levels of control are required.

All vehicles and components that feature electronic capabilities, who are manufactured by various companies, have to be analyzed periodically in order to make sure that they don’t hide any malicious code implanted by hostile elements. This means follow-ups even after the acquisition phase is complete, deep knowledge of every component’s origin and testing every component before its implementation.

The cyber threats facing unmanned military vehicles are identical to those threats faced by any financial or organizational systems. The difference is the potential damage that may be caused by an attack. Many other information security elements have to be taken into account, from satellite dishes to command communication channels.