ADS

Thursday, December 17, 2009

Iraqi Militants are using $26 off-the-shelf software to intercept live video feeds from Predator


By SIOBHAN GORMAN, YOCHI J. DREAZEN and AUGUST COLE


Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes' systems. Shiite fighters in Iraq used software programs such as SkyGrabber -- available for as little as $25.95 on the Internet -- to regularly capture drone video feeds, according to a person familiar with reports on the matter.

U.S. officials say there is no evidence that militants were able to take control of the drones or otherwise interfere with their flights. Still, the intercepts could give America's enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under U.S. surveillance.

The drone intercepts mark the emergence of a shadow cyber war within the U.S.-led conflicts overseas. They also point to a potentially serious vulnerability in Washington's growing network of unmanned drones, which have become the American weapon of choice in both Afghanistan and Pakistan. The Obama administration has come to rely heavily on the unmanned drones because they allow the U.S. to safely monitor and stalk insurgent targets in areas where sending American troops would be either politically untenable or too risky.

The stolen video feeds also indicate that U.S. adversaries continue to find simple ways of counteracting sophisticated American military technologies. U.S. military personnel in Iraq discovered the problem late last year when they apprehended a Shiite militant whose laptop contained files of intercepted drone video feeds. In July, the U.S. military found pirated drone video feeds on other militant laptops, leading some officials to conclude that militant groups trained and funded by Iran were regularly intercepting feeds.

In the summer 2009 incident, the military found "days and days and hours and hours of proof" that the feeds were being intercepted and shared with multiple extremist groups, the person said. "It is part of their kit now." A senior defense official said that James Clapper, the Pentagon's intelligence chief, assessed the Iraq intercepts at the direction of Defense Secretary Robert Gates and concluded they represented a shortcoming to the security of the drone network.

"There did appear to be a vulnerability," the defense official said. "There's been no harm done to troops or missions compromised as a result of it, but there's an issue that we can take care of and we're doing so." Senior military and intelligence officials said the U.S. was working to encrypt all of its drone video feeds from Iraq, Afghanistan and Pakistan, but said it wasn't yet clear if the problem had been completely resolved.

U.S. Air Force

U.S. enemies in Iraq and Afghanistan have used off-the-shelf programs to intercept video feeds from Predator unmanned aircraft. Some of the most detailed evidence of intercepted feeds has been discovered in Iraq, but adversaries have also intercepted drone video feeds in Afghanistan, according to people briefed on the matter. These intercept techniques could be employed in other locations where the U.S. is using pilotless planes, such as Pakistan, Yemen and Somalia, they said.


The Pentagon is deploying record numbers of drones to Afghanistan as part of the Obama administration's troop surge there. Lt. Gen. David Deptula, who oversees the Air Force's unmanned aviation program, said some of the drones would employ a sophisticated new camera system called "Gorgon Stare," which allows a single aerial vehicle to transmit back at least 10 separate video feeds simultaneously.

Gen. Deptula, speaking to reporters Wednesday, said there were inherent risks to using drones since they are remotely controlled and need to send and receive video and other data over great distances. "Those kinds of things are subject to listening and exploitation," he said, adding the military was trying to solve the problems by better encrypting the drones' feeds.

The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said.

Journal Communitydiscuss“ Who were the lame engineers who came up with a system that runs without encryption? Even the graduates of the local high school programming courses know better than to leave to chance an important security hole. ”

— John Cierra Last December, U.S. military personnel in Iraq discovered copies of Predator drone feeds on a laptop belonging to a Shiite militant, according to a person familiar with reports on the matter. "There was evidence this was not a one-time deal," this person said. The U.S. accuses Iran of providing weapons, money and training to Shiite fighters in Iraq, a charge that Tehran has long denied.

The militants use programs such as SkyGrabber, from Russian company SkySoftware. Andrew Solonikov, one of the software's developers, said he was unaware that his software could be used to intercept drone feeds. "It was developed to intercept music, photos, video, programs and other content that other users download from the Internet -- no military data or other commercial data, only free legal content," he said by email from Russia.

Related Iraq Videos

Iraqi Oil Up For Auction News Hub: Bombs Target Government Symbols Seven Children Killed at Bombed Baghdad School Obama Welcomes Iraq Election Law U.S. Troops to be Pulled From Iraq Isolationism Grows in America Officials stepped up efforts to prevent insurgents from intercepting video feeds after the July incident. The difficulty, officials said, is that adding encryption to a network that is more than a decade old involves more than placing a new piece of equipment on individual drones. Instead, many components of the network linking the drones to their operators in the U.S., Afghanistan or Pakistan have to be upgraded to handle the changes. Additional concerns remain about the vulnerability of the communications signals to electronic jamming, though there's no evidence that has occurred, said people familiar with reports on the matter.

Predator drones are built by General Atomics Aeronautical Systems Inc. of San Diego. Some of its communications technology is proprietary, so widely used encryption systems aren't readily compatible, said people familiar with the matter.

In an email, a spokeswoman said that for security reasons, the company couldn't comment on "specific data link capabilities and limitations."

Fixing the security gap would have caused delays, according to current and former military officials. It would have added to the Predator's price. Some officials worried that adding encryption would make it harder to quickly share time-sensitive data within the U.S. military, and with allies.

"There's a balance between pragmatics and sophistication," said Mike Wynne, Air Force Secretary from 2005 to 2008.

The Air Force has staked its future on unmanned aerial vehicles. Drones account for 36% of the planes in the service's proposed 2010 budget.

Today, the Air Force is buying hundreds of Reaper drones, a newer model, whose video feeds could be intercepted in much the same way as with the Predators, according to people familiar with the matter. A Reaper costs between $10 million and $12 million each and is faster and better armed than the Predator. General Atomics expects the Air Force to buy as many as 375 Reapers.



Not Just Drones: Militants Can Snoop on Most U.S. Warplanes (Updated)


By Noah Shachtman

Tapping into drones’ video feeds was just the start. The U.S. military’s primary system for bringing overhead surveillance down to soldiers and Marines on the ground is also vulnerable to electronic interception, multiple military sources tell Danger Room. That means militants have the ability to see through the eyes of all kinds of combat aircraft — from traditional fighters and bombers to unmanned spy planes. The problem is in the process of being addressed. But for now, an enormous security breach is even larger than previously thought.

The military initially developed the Remotely Operated Video Enhanced Receiver, or ROVER, in 2002. The idea was let troops on the ground download footage from Predator drones and AC-130 gunships as it was being taken. Since then, nearly every airplane in the American fleet — from F-16 and F/A-18 fighters to A-10 attack planes to Harrier jump jets to B-1B bombers has been outfitted with equipment that lets them transmit to ROVERs. Thousands of ROVER terminals have been distributed to troops in Afghanistan and Iraq.

But those early units were “fielded so fast that it was done with an unencrypted signal. It could be both intercepted (e.g. hacked into) and jammed,” e-mails an Air Force officer with knowledge of the program. In a presentation last month before a conference of the Army Aviation Association of America, a military official noted that the current ROVER terminal “receives only unencrypted L, C, S, Ku [satellite] bands.”

So the same security breach that allowed insurgent to use satellite dishes and $26 software to intercept drone feeds can be used the tap into the video transmissions of any plane.

The military is working to plug the hole — introducing new ROVER models that communicate without spilling its secrets. “Recognizing the potential for future exploitation the Air Force has been working aggressively to encrypt these ROVER downlink signals. It is my understanding that we have already developed the technical encryption solutions and are fielding them,” the Air Force officer notes.

But it won’t be easy. An unnamed Pentagon official tells reporters that “this is an old issue that’s been addressed.” Air Force officers contacted by Danger Room disagree, strongly.

“This is not a trivial solution,” one officer observes. “Almost every fighter/bomber/ISR [intelligence surveillance reconnaissance] platform we have in theater has a ROVER downlink. All of our Tactical Air Control Parties and most ground TOCs [tactical operations centers] have ROVER receivers. We need to essentially fix all of the capabilities before a full transition can occur and in the transition most capabilities need to be dual-capable (encrypted and unencrypted).”

Which presents all sorts of problems. Let’s say a drone or an A-10 is sent to cover soldiers under fire. If the aircraft has an encrypted transmitter and the troops have an unencrypted ROVER receiver, that surveillance footage can’t be passed down to the soldiers who need it most.

“Can these feeds be encrypted with 99.5 percent chance of no compromise? Absolutely! Can you guarantee that all the encryption keys make it down to the lowest levels in the Army or USMC [United States Marine Corps]? No way,” adds a second Air Force officer, familiar with the ROVER issue. “Do they trust their soldiers/Marines with these encryption keys? Don’t know that.”

Since the top commander in Afghanistan, General Stanley McChrystal, issued strict new guidelines on the use of airstrikes, the United States has turned nearly every plane in its inventory into an eye in the sky. Sending video down to those ROVER terminals has become job No. 1 for most American air crews flying today.

And U.S. troops fighting in Iraq and Afghanistan have come to depend on the feeds. “For sure,” Lt. Col. Greg Harbin told the Los Angeles Times, “I would be dead without this technology.”

Still, some Air Force officers downplayed the significance of the ROVER’s security hole. “If you’re an insurgent, you need to know when and where [aircraft] are flying and then be within the line-of-sight footprint of the feed for any chance of successfully using the information real-time,” one officer writes. “This is much to do about nothing. You have bigger fish to fry.”

“The ranges on these signals is not very great, they are low-power and intended for line-of sight communications. A risk has been identified, [but] it poses limited immediate operational or tactical risk, and certainly does not outweigh the value of thee capabilities,” a second notes.

I have immense respect for both of these officers. But I’m not sure I buy their arguments. If real-time video feeds are valuable to U.S. troops, then it stands to reason that the footage is valuable to insurgent forces, as well. Either this is important data — and worth protecting — or it isn’t.

UPDATE: Some military drones are “particularly susceptible” to having their video tapped, a senior military officer tells Danger Room. That’s because these smaller unmanned aircraft — like the Shadow, Hunter, and Raven — broadcast their surveillance footage constantly and in every direction. All you have to do, basically, is stand within “line of sight” of the drone, and you can tap in. “It’s like criminals using radio scanners to pick up police communications,” the senior officer says.

Larger aircraft — both manned and unmanned — are a little less vulnerable. They can shut off their video feeds if no friendly forces are watching at the time. And they can “neck down” those omnidirectional signals a bit. So it’s more difficult to intercept the transmission. The officer contends that there have “not been any significant — not any impact — on operations as a result of this.”

Still, systems like the ROVER (and the Predator, for that matter) were “built to be cheap. They used commercial off-the-shelf hardware. We wanted to get stuff out there. So it’s not gonna be perfect,” the officer adds. “So yeah, if we’re broadcasting in the electromagnetic spectrum and you’re underneath the footprint, you can receive it. Duh-uhhhh.”

0 comments:

Related Posts Plugin for WordPress, Blogger...

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More