Analysts wary of Iran's spy drone hacking claims
Attack is possible, but analysts are dubious that it happened, suggest other scenarios
Computerworld - Reports that Iranian electronic warfare experts may have succeeded in intercepting and capturing a sophisticated U.S. spy drone were received with some skepticism by security analysts.
While it is certainly possible that the drone was electronically ambushed as reported, more details are needed to know what exactly might have happened to the RQ-170 Sentinel drone, they said.
A story in the Christian Science Monitor this week reported that the recent U.S. spy drone captured by Iran may have been intercepted and tricked into landing in that country by Iranian electronic warfare experts.
The story quoted an unnamed Iranian engineer as saying that Iran was able to cut off the communications links to the Lockheed-Martin-made drone and reconfigure its GPS coordinates to trick it into landing in Iran.
The engineer was quoted as saying that Iranian engineers developed the attack by reverse-engineering U.S. drones that had been previously captured or shot down, and by taking advantage of the weak GPS navigation system.
John Pescatore, an analyst with market research firm Gartner, and a former analyst with the National Security Agency (NSA), said the supposed attack, while possible, was not plausible.
He noted that the Air Force in October had said that some of its drones had been hit with a virus. "If a virus could get in, then targeted malware surely could," Pescatore said.
However, to pull off the attack, the Iranians would have needed to have detailed knowledge of the drone's software, and it's doubtful they did, he said.
Two more likely scenarios are that the drone was simply lost, as a result of a command and control failure, or it's possible that some kind of jamming disrupted command and control, and that fail-safe mechanisms that should have kicked in did not, he said.
James Lewis, director and senior fellow at the Center for Strategic and International Studies in Washington, said that it's possible the Iranians got help from the Russians. "They've recently said they're worried about electronic warfare," said Lewis, who led a team that prepared a set of national cybersecurity recommendations for President Obama in 2008.
According to Lewis, Russia has been focused on beating GPS security at least since the Bosnian War in the 1990s. "They monitor our telephone and computer networks and probably radio in the Air Force," he said. "So [they] could have heard DOD blabbing about any problems [related to its drone]," he said. "[Russia] helped the Iranian nuke program, so why not electronic warfare?" he asked. Lewis said the U.S. is ahead in the GPS race with Russia.
China also cannot be ruled out as playing a role, although China appears to have fewer capabilities than the Russians in this arena, he said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts