Category Archives: Information Security

You can track the first helium balloons of Google Project Loon’s aerial wireless network

Project Loon tracking

Helium balloons of the future network that should give Internet to everyone in the world fortunately use ADS-B.

If you point your browser to Flightradar24.com and zoom off the coast of New Zealand, you’ll see 7 slow moving aircraft: these are actually helium balloons, part of Google’s Project Loon, broadcasting their position, speed, altitude etc. via Mode-S ADS-B.

Project Loon is a research and development project whose aim is to provide Internet access to everyone, even if they live in rural and remote areas. The project features high-altitude balloons, made from sheets of polyethiylene plastic and measuring 15×12 meters,  placed in the stratosphere at an altitude of about 20 mi (32 km) with the purpose of crating an aerial wireless network with up to 3G-like speeds.

The helium balloons are all “floating” around 1,000 feet to the southeast of New Zealand, and a probably involved in a testing campaign; after the trial (kicked off in June 2013) Google hopes to launch thousands of balloons around Earth to provide global Internet access.

In the wake of Snowden scandal, someone said that the purpose of the project may not be philantropic and the task of the network of balloons would be global communications monitoring. But this is another story.

Top: Flightradar24.com screenshot

Enhanced by Zemanta

Cyber Threats debut on the flightline at Nellis Air Force Base’s Red Flag

Red Flag

Maintainers counter cyber threats for first time at Nellis’s Red Flag

“Train as you fight, fight as you train” has always been Red Flag‘s motto.

U.S. Air Force’s main exercise has to prepare aircrew and support personnel to fight modern war. In the air, on the ground, over the sea and in the cyberspace.

For the first time, the recent Red Flag 14-1 at Nellis Air Force Base featured a “contested, degraded or operationally limited” environment, or CDO, for maintainers, who were trained to cope with cyber vulnerabilities in the systems they use on the flightline.

Ground personnel are always using  computers and brand new technologies that may be targeted by cyber attacks launched by tech-savvy adversaries: laptop used for aircraft maintainance and diagnosis, GPS systems, communication and network equipment are all high-value targets for enemy hacking teams. That’s why Red Flag maintainers receive academics on cyber vulnerabilities, information operations and other CDO-related threats.

Hence, along with “kinetic operations” conducted by fighter jets, attack planes and strategic bombers that must dominate a contested airspace or battlefield, a simulated “non-kinetic” war is fought by Red Flag participants to defend their critical systems from attacks coming from the cyberspace; attacks that may be as devastating as those using bullets, bombs and missiles.

Image credit: U.S. Air Force

 

Enhanced by Zemanta

Pentagon’s vision of future of military drones takes “man” out of “unmanned”

UAS roadmap

According to the roadmap just published, in the next 25 years Pentagon aims at fielding military unmanned systems that will be autonomous and able to perceive, analyzw, correlate and make decisions or react without human intervention.

An obvious move that, among all the other implications, will also reduce the amount of UAS (unmanned aerial system) mishaps, the majority of those are caused by the human factor.

DoD vision up to 2038 is quite clear: drones are the key for U.S. military. And will be even more in the future, when the U.S. will have to face several problems: Pressure for reductions in federal budgets; U.S. military rebalance; Nuclear Proliferation; Violent extremism at home and across the globe; Threats in the Cyberspace (as in land, sea or air and space); Enemy Unmanned Systems.

Noteworthy, the Pentagon has added a new domain to its battlefield: cyberspace.

Acknowledging the risk of drones being hacked or hijacked, the DoD envisages higher data rate cryptography, and open standards to enhance encryption of data links and protect communicated information.

In the future, drones will be increasingly used to fulfil different tasks, including those currently not assigned to unmanned systems: “Although currently prohibited by policy, future capabilities by unmanned systems could include casualty evacuation and care, human remains evacuation, and urban rescue. The unmanned vehicles are intended to mitigate risk to the maximum extent by reducing the requirement to operate manned vehicles when the weather, terrain, availability, and enemy pose an unsuitable level of risk.”

Roadmap

If the long term vision foresees squadrons of robots conduct different missions in the battlefield, there will be a point in the near future when manned and unmanned systems will have to team up. It’s what the report calls MUM-T [Manned-Unmanned System Teaming].

“A force of the smaller, more agile manned-unmanned systems of the near future will enable DoD to mobilize quickly to deter and defeat aggression by projecting power despite A2/AD challenges. MUM-T will provide the following key capabilities: Defeating explosive ground surface, sub-surface (tunnel), and sea hazards from greater standoff distances; Assuring mobility to support multiple points of entry; Enabling movement and maneuver for projecting offensive operations; Establishing and sustaining the shore lines of communications required to follow forces and logistics; Protecting austere combat outposts; Providing persistent surveillance to detect and neutralize threats and hazards within single- to triple-canopy and urban terrain.”

Here comes Skynet.

Image credit: DoD

 

Enhanced by Zemanta

Hacker Releases kit to make Aerial Drone capable to Hijack other flying Drones

Parrot_AR.Drone_2

Few days ago, famous hacker Samy Kamkar (the author of a Javascript exploit that forced MySpace.com offline in 2005) released on his website the software and the hardware specifications needed to build a drone that can hijack other drones and put them under the attacker’s control.

Dubbed SkyJack, the drone is specially “engineered to autonomously seek out, hack, and wirelessly take over other drones within wifi distance, creating an army of zombie drones under your control.”

Actually, you don’t even need a drone to take over drones in your vicinity: you can simply run the required software from your own Linux machine, laptop, and hijack drones remotely controlled by someone else.

For the moment, the hack can be used to target only Parrot AR. Drone, a commercial quadcopter that can be controlled for little more than 10 minutes via smartphone at a range of about 165 feet from the controller.

How does Skyjack work?

It’s quite simple: using a mix of custom code, freely available stuff as well as commercial off-the-shelf hardware (Raspberry Pi, a USB battery, an Alfa AWUS036H wireless transmitter, aircrack-ng, node-ar-drone, node.js, and the software written by Kamkar), SkyJack monitors the MAC (Media Access Control) addresses of all the nearby WiFi devices; if one of such MAC addresses belongs to the block used by Parrot quadcopters, it sends a command that disconnects it from the iOS or Android device that is remotely controlling the drone using an open-source WiFi hacking app dubbed Aircrack-ng.

Aircrack gets the targeted drone’s WiFi card into monitor mode, then Aireplay-ng is used to deauthenticate the true owner. “Once deauthenticated, I can connect as the drone is waiting for its owner to reconnect,” Kamkar explains.

Finally, a javascript is sent to the now free Parrot AR.Drone to control the newly enslaved drone.

The news is interesting because it came on the day Amazon announced it will use flying drones to deliver packages within 5 years.

However, hijacking an amateur or DIY drone that can be bought for a few hundred dollars does not mean larger, more advanced UAVs (Unmanned Aerial Vehicles) could be as easily hacked.

Even if few years ago, (unencrypted) Live video feeds from U.S. Predator drones were intercepted by local insurgents in Iraq and Afghanistan (and a keylogger infected American drones’ Ground Control Stations), command links used to remotely control killler drones across the world are authenticated and encrypted.

Hence unless you break the encryption mechanism and eavesdrop the comms until you are able to get the authentication keys, it’s almost impossible to take a pro drone over, at least for the moment and using low cost tools.

GPS hijacking/jamming to force the drone in the wrong direction until it loses the connection with the ground station and crashes is, possibly, a more significant threat to a modern UAV, and one of the possible causes of the capture of stealth U.S. RQ-170 drone in Iran two years ago.

Image credit: Nicolas Halftermeyer/Wiki

 

Enhanced by Zemanta

This Map shows all Distributed Denial Of Service attacks worldwide, in real time

Digital Attack Map

Even wondered what countries are under cyberattack right now?

Google may have the answer for you. By teaming up with Arbor Networks, Google Ideas team has created a visualisation of all the distributed denial of service (DDoS) attacks around the world.

DDoS are among the most common, effective and hard to face attacks websites can suffer. They are launched using so-called botnets of hijacked computers that are simultaneously instructed to connect to a particular website thus consuming all the available bandwidth or the web server’s resources, slowing the site down significantly or taking it offline.

DDoS have become the tools used by hacktivists and attackers driven by political reasons to hit websites of organizations they dislike: a way to digitally silence those organizations.

Even though it can’t bring down the enemy’s military forces, or a whole society’s infrastructure, considered the effect it can have on a specific company, agency or service, a DDoS attack is one of the tools in the hands of cyber army teams around the world to wage, if not a full scale cyberwar (that would rely on APTs and multiple kinds of attacks), at least cyberguerrilla operations.

For instance, the Syrian Electronic Army, a collection of pro-government computer hackers aligned with Syrian President Bashar al-Assad, has used DDoS attacks to target media organization websites in their attempt to support the Syrian regime.

Anyway, the new tool, Digital Attack Map, gives a clear idea of what is happening in the cyberspace, and lets you look back through at historic attacks, source and destination ports used in the attacks, and select specific countries.

 

Enhanced by Zemanta