With cheap, easily available hardware, and homebrew code, researcher Samy Kamkar claims the ability to hijack and control remote aerial vehicle drones, like the ones being developed by Amazon.
For Kamkar, the technology is cheap, and simple. According to his site, the entire thing was cobbled together with an inexpensive, commercially available quadcopter called Parrot AR.Drone 2, a wireless transmitter, a battery powered Raspberry Pi circuit board, and a slew of open source software. According to him, this is all it takes to autonomously hijack drones.
Kamkar wrote that the Skyjack drone “flies around, seeks the wireless signal of any other drone in the area, forcefully disconnects the wireless connection of the true owner of the target drone, then authenticates with the target drone pretending to be its owner, then feeds commands to it and all other possessed zombie drones at my will.”
SkyJack isn’t Kamkar’s only claim to fame – infamous for developing the “Sammy worm” which propagated across MySpace in 2005, he was subsequently raided by the United States Secret Service. But Kamkar left his black hat behind him, and currently works as a security researcher, and whistleblower, known for his work in exposing mobile phone tracking by companies such as Microsoft, Apple, and Google.
Amazon recently announced that it is developing “Prime drones” which will, if they are able to gain FAA approval, launch from company-owned facilities and deliver products to customer’s doorsteps.
Given this, and the new commercial potential of drones far and wide, Kamkar’s research comes as an unpleasant surprise which opens a disturbing range of possibilities.
To some, the idea of using the technology in order to carry out espionage using onboard sensory equipment like cameras will be far more bothersome than that of hijacking drones which could be carrying valuables such as expensive electronics and jewelry; but both could be very real possibilities, opening up an entire new field for thieves, peeping toms and terrorists alike.
Now that many vehicles rely on information-based technology to determine location, direction, and destination, it has become easier to deceive the navigational systems on such vehicles. In the summer of 2013, Researchers at the University of Texas managed to steer an entire yacht off course by broadcasting false GPS signals to the ship.
The future carries an ambiguous future, in which travel and delivery will be faster and more convenient than ever. But with that advent comes the possibility of malicious tampering, and great power for criminals. The field of security research must continue to advance, keeping people safe, and ensuring that the lawful programmers and technicians are always one step ahead.