Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

US professor demonstrates the ease with which civilian drones could be hijacked

Last February President Obama instructed the Federal Aviation Administration (FAA) to develop rules that would allow both government and commercial use of unmanned aerial vehicles (UAVs, or drones), over American soil. At the time there was much concern that this would allow agencies such as the CIA, and even local police forces, to use airborne surveillance cameras spy on American citizens.

Now Fox News has reported a new concern. Professor Todd Humphreys and a team from the University of Texas at Austin's Radionavigation Laboratory has demonstrated how easy it is to hijack a drone’s GPS control signals and take over the aircraft. This is much more than the attack on the military drone drone by Iran. In that case Iran merely jammed the GPS signals, forcing it into an automatic landing.

Humphreys’ process is to spoof the GPS signals, take-over control, and then effectively have a UAV under his own control. This involves sending a similar but gradually increasing signal to the aircraft. Because the signal is initially identical, the UAV doesn’t recognize it as different. But then, as the signal is increased in strength, the aircraft begins to follow the new instructions which slowly deviate from the planned flight until fully under the control of the attacker. Worryingly, the equipment used for this costs less than $1000.

Humphreys doesn’t hesitate to voice his concerns. “In 5 or 10 years you have 30,000 drones in the airspace,” he told Fox News. “Each one of these could be a potential missile used against us.” But with an expected widespread commercial use of UAVs (“FedEx founder Fred Smith has said he would like to add unmanned drones to his fleet as soon as possible,” says Fox), standard commercial and/or hacktivist style attacks against business also become likely.

At the moment Humphreys has shown that this would be relatively simple since the majority of drones flying over American soil will use unencrypted civilian GPS (unlike the military encrypted system). “Humphreys warns it is crucial that the government address this vulnerability before it allows unmanned aerial vehicles broad access to U.S. airspace,” says Fox News.

What’s Hot on Infosecurity Magazine?