Check out the full feature on Drones in our November | December issue:
There is still an inconvenient truth in the rush to bring drones into American air space—UAZs, or unmanned air zombies, as hackers might call them. Drones appear to be susceptible to hijacking, or what experts call “GPS spoofing.” UAVs operate on GPS, just as airplanes and trains now do, to some extent. GPS spoofing allows a motivated hacker to hijack a drone’s GPS signal and essentially take over driving it with his own agenda. Some military insiders postulate that this is how Iran crashed the American drone in its airspace in 2011, thus serving as its prototype for its own drone production.
To emphasize that point, in 2012, Professor Todd Humphreys from the University of Texas at Austin was allowed to set up on a hill a half mile from the White Sands Missile Range in New Mexico. He and his team of students on that hill, hijacked an $80,000 drone that the Department of Homeland Security was testing for law enforcement purposes. The academics easily stole command and sent the drone hurtling toward the ground. This drone, it should be noted, had the same security that is standard for commercial UAVs.
In a report to the Subcommittee on Oversight, Investigations, and Management of the House Committee on Homeland Security, Professor Humphreys wrote the following:
The fact is that civil GPS signals are like Monopoly money: they have a detailed structure but no built-in protection against forgery. That civil GPS is so easy to counterfeit, or “spoof,” would not be a problem if GPS were not so popular, its use so widespread. But such is not the case.
The full text of this report can be found here: Full Report