Drone hacking is becoming Child’s Play

You know what really strikes me about a lot of the drone hacks we’ve seen lately? It just get too easy. I mean we’re seeing a huge number of new attacks published at every security conference. Last RSA Conference a security researcher reported finding a way to hijack a high-end drone, using parts costing as little as $40. The expert says it is possible to start the octocopter’s engines, engage auto-takeoff, control its camera and, potentially, crash the machine. The high end drone manufacturer or model was not disclosed, but it cost about $18000 and is in use by police departments all around the world.

Image for post
Image for post
Nils Rodday at RSA Con 2016

The problem, now, is that many of these “hacks” have become simple point and shoot affairs using freely available tools. .

In the last case of drone hacking, tools such as “Drone Duel” mean that even if you don’t know the difference between CYRF6936 and NRF24L01 or PPM from PWM, so long as you can stick a wireless USB adapter and copy/paste a python script you can be an instant “drone hacker”.

Image for post
Image for post
CX-10 Drone

At ToorCamp 2016, an unknown Chinese benefactor provided all participants with Cheerson CX-10A quadcopters. Cheerson is one of the better-known Chinese manufacturers in the hobby drone industry today, and the small CX-10 is definitely one of the more popular models in their lineup. It’s an excellent starter drone, particularly because it’s so cheap (it costs about $18 on DX). Coincidentally, Michael Ossmann and Dominic Spill gave a talk about hacking those very same quadcopters, and as part of their talk, they released a protocol specification which formalized the packet format used by the drones.

Image for post
Image for post
Ubertooth One USB Dongle by Ossman & Spill ($117)

Following the only logical path that made sense at the time, Logan Lamb, Ben Morgan, Marc Newlin challenged them to a duel at high noon. Using Python, cheap nRF24LU1+ dongles hacked together some code to either fly CX-10 drones far, far away, or bring them crashing to the ground.

Image for post
Image for post

But the ability of these hackers do not end there, after making a complete reverse engineering and discover that the small drone has a regular microcontroller are preparing to implement new functions from autopilot, swarms of drones that hack other drones.

Image for post
Image for post
32bit CPU ARM based CX10 Drone

Meanwhile Fran Brown and his colleague David Latimer designed a hacking UAV dubbed Danger Drone, with it a drone equipped with a tiny PC that run a suite of hacking tools.The drone will be presented at the next Black Hat security conference in Las Vegas next week.

Image for post
Image for post

Written by

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store