Predator drones used by the CIA against Islamic militants have been hacked into by insurgents using nothing more sophisticated than a $25.95 (£16) off-the-shelf software, it was revealed last night.
Although the insurgents were not able to control the $20 million aircraft, typically armed with Hellfire missiles and flown over the battlefields of Iraq, Afghanistan and Pakistan, they could watch live video feeds beamed back to US control stations through their electronic “eyeballs”.
The hackers’ success raises the disturbing possibility of the Predators being taken over and used to attack US or British forces, or perhaps even domestic targets. Although Predator aircraft are usually flown by remote control from thousands of miles away, some are kept for testing at US Airforce bases such as Creech, near Las Vegas.
State of the art? Hardly.
These spy planes began with off-the-shelf commercial video equipment which has been failed to be upgraded to military and security standards. Another black eye for the military-industrial complex, however innovative it may have become.
This is atrocious. That any surveillance or weapon system could be deployed into a theater of war without the proper military grade encryption being included is malfeasance of the worst sort. If they were using commercially available parts, they at least could have used commercially available strong encryption. My gosh, even local police departments routinely use encrypted radio transmissions these days!
Something about this story doesn’t add up. As you read past the headline it becomes clear that the story is not quite as sensational as the headline implies. The military knows about this vulnerability and has made conscious choices about the trade-offs involved with eliminating it. The Wall Street Journal’s front page headline is equally screechy, but at least it isn’t loaded with all the “it is thoughts” in this story–that’s suspicious for starters. Then there’s the fact that unencrypted video feeds are begging for interception, and anything begging for interception is likely to provide bogus information. If time is of the essence, I wouldn’t encrypt, I’d flood the airwaves with video both real and misleading and let the enemy knock themselves out trying to interpret it all. If I’ve thought of that, believe me everyone else has too. My initial reaction: outrage. On second thought: Who’s pulling our chain here?