Drone incident serves up data encryption lesson
Failure to encrypt surveillance feeds is a stunning security lapse, analysts say
Computerworld - The disclosure that Iraqi insurgents were able to intercept live video feeds from U.S. drones has focused the spotlight on a familiar IT security issue: data encryption.
In a story that's receiving widespread attention, the Wall Street Journal yesterday reported that Iranian-backed groups in Iraq and Afghanistan were tapping into live feeds from Predator drones using a $26 software tool called SkyGrabber from Russian company SkySoftware.
The hitherto largely unknown software product doesn't require Internet connectivity and is designed to intercept music, photos, video and TV satellite programming for free. Insurgents in Iraq, however, were able to use SkyGrabber to grab live video feeds from unmanned Predator drones because the transmissions were being sent unencrypted to ground control stations.
The fact that a sophisticated, multi-million-dollar aerial surveillance system could be compromised so easily because of a fundamental security oversight is stunning, several security analysts said.
"Frankly, this is shocking to me," said Ira Winkler, president of the Internet Security Advisors Group. (Winkler is also the author of Spies Among Us and a Computerworld columnist.) "You have one of the most critical weapon systems in the most critical regions transmitting intelligence data unencrypted," Winkler said.
While the intercepted data is likely to be of limited use to insurgents, it's still valuable, he said. "After all, one of the key attributes is, not knowing [that] a Predator is in the area," said Winkler. "Everyone involved should have known much better."
The apparent fact that the U.S. military knew of the vulnerability for a decade but assumed opponents wouldn't be sophisticated enough to exploit it is especially troubling, said James Lewis, director and senior fellow at the Center for Strategic and International Studies (CSIS). "The theory is that we encrypt the uplinks so that people can't take over the drone, but that we don't need to encrypt the downlinks," he said.
"Those sorts of assumptions always get us in trouble," said Lewis, who earlier this year led a group that developed a set of cybersecurity recommendations for the White House. "You can be sure that the insurgents weren't the only folks watching the feeds," he said.
Alan Paller, director of research at SANS Institute, a Bethesda Mad.-based security training institute, said the incident highlights a "systemic problem" permeating most new weapons systems. "The designers see IP connectivity as a great capability enhancer and bring in designers to help them integrate the capability," Paller said. "But those architects and designers think security is a compliance activity for security professionals and not their job. They are incapable of protecting the systems they design and build."
- Troubleshooting Common Issues in VoIP Learn more about Voice over Internet Protocol (VoIP), including common VoIP metrics used, best practices in VoIP management and tips and tricks for...
- 2013 Network Management Software (NMS) Buyers Guide This white paper contains an independent comparison study of six different network management solutions and provides guidance on how you can choose the...
- Rightsizing Your Network Performance Management Solution: 4 Case Studies This white paper discusses challenges encountered as organizations search for the most cost-effective network performance management solution.
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- E-Signature RFP Checklist Webcast If your organization is looking to adopt e-signatures, you may be overwhelmed by the number of providers that offer seemingly similar solutions. How...
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!