Researchers show off homemade spy drone at Black Hat
Wi-Fi Aerial Surveillance Platform can crack Wi-Fi passwords and intercept cell phone calls
Computerworld - LAS VEGAS -- Two security researchers Wednesday unveiled a remote controlled, unmanned aerial vehicle (UAV) that is capable of cracking Wi-Fi passwords, exploiting weak wireless access points and mimicking a GSM tower to intercept cell phone conversations.
The Wi-Fi Aerial Surveillance Platform (WASP) was built by Mike Tassey and Richard Perkins, two security researchers seeking to show how an ordinary remote controlled hobby airplanes can be easily converted into something more sinister.
The WASP system, introduced by the pair at the at the Black Hat conference being held here this week, is upgraded version of a model unveiled at last year's Defcon hacker conference in Las Vegas.
The bright yellow, six-foot, 13-pound spy drone is capable of flying at altitudes of up to 22,000 feet and staying aloft for up to 45 minutes at a time.
Updates include the ability to function as a spoofed GSM tower to intercept cell phone conversations, and to intercept Bluetooth communications.
The airframe of WASP is a surplus U.S. Army drone that was used for target practice purposes. The rest of the hardware and the software used in the drone are all readily available technologies, according to Tassey and Perkins.
The plane packs a small Linux-based computer running the Backtrack 4 suite of penetration testing tools. Another of its systems is designed to collect telemetry data that is sent to a ground-based base station which then uses it for real-time tracking.
The base station also serves as a network router for connecting other workstations to the payload on the drone, and houses systems used to offload processor intensive applications, such as password cracking.
Perkins and Tassey also installed a new Universal Software Radio Peripheral (USRP) that allows the drone to mimic a GSM cell phone tower. The technology can be used to spoof a cellular provider's mobile service so that outbound calls made by users of that server are routed through the USRP.
The GSM spoofing ability is borrowed from a demonstration last year at Defcon by hacker Chris Paget, which showed how cell phones could be tricked into connecting with specially rigged "towers' placed close enough to the target phones.
The updated unmanned aerial vehicle supports 4G networks and is capable of receiving and executing instructions delivered over the Internet from anywhere in the world.
The pair said the drone parts and its construction cost some $6,000.
According to Perkins, such drones are easy to build and deploy.
The model displayed at BlackHat yesterday can stay aloft for about 45 minutes and can travel up to 25 miles, he said. It can be programmed to fly a particular route, and to circle over and gather data from specific targets, Perkins added.
Though UAVs are required by law to fly under 400 feet, the drone that was displayed at Black Hat can fly at up to 22,000 feet where it would be relatively hard to spot by many radar systems.
"It allows you to bypass physical security barriers. Fences and walls are no longer barriers" with this kind of an aerial eavesdropping, Perkins told Computerworld after the Black Hat presentation.
Perkins and Tassey said they built the updated drone demonstrate how easy it is for someone with basic engineering skills to cobble together a system the could be used for nefarious purposes.
"You don't need a PhD from MIT to do this," Perkins said. "Everything is easily available."
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
Read more about Security in Computerworld's Security Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Cybersecurity Imperatives Reinvent Your Network Security With Palo Alto Networks The Rise of CyberSecurity
- 10 Things Your Next Firewall Must do Next-Generation Firewalls Defined
- Firewall Buyers Guide Operate as the core of your network security infrastructure
- Getting Started With a Zero Trust Approach to Network Security The Traditional Approach to Network Security is Failing. View Now>>
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts