{"id":6880,"date":"2017-04-19T17:11:00","date_gmt":"2017-04-19T21:11:00","guid":{"rendered":"https:\/\/www.kaspersky.co.in\/blog\/?p=6880"},"modified":"2017-09-24T20:09:50","modified_gmt":"2017-09-24T14:39:50","slug":"drone-gone-in-11-milliseconds","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.in\/blog\/drone-gone-in-11-milliseconds\/6880\/","title":{"rendered":"Drone gone in 11 milliseconds"},"content":{"rendered":"

Drones are everywhere nowadays. Amazon\u00a0<\/span>delivers packages<\/a>\u00a0<\/span>by drone. Filmmakers and media workers launch cameras into the air to take attractive wide shots. Some enthusiasts who don\u2019t mind paying $500 or more for a smart toy use drones to explore the sky or take video of friends\u2019 weddings.<\/p>\n

\"Drone<\/a><\/p>\n

It\u2019s easy to picture yourself outside with your new $500 drone, launching it into the air and \u2026 watching helplessly as the craft flies out of sight, ignoring the controller in your hands.<\/p>\n

This is no firmware bug or controller failure: Your drone has been hijacked. At the\u00a0<\/span>Security Analyst Summit<\/a>, security expert Jonathan Andersson proved that a skilled malefactor can make a device that can hijack drones in mere seconds.<\/p>\n

Andersson used a\u00a0<\/span>software-defined radio<\/a>\u00a0<\/span>(SDR), a drone\u2019s control unit, a microcomputer, and some other electronic equipment to make such a device. He called it Icarus. With the help of the SDR, Andersson tuned to the frequency a drone uses to communicate with its controller, and then he experimented until he found how exactly the signals were transmitted between the devices.<\/p>\n

<\/a><\/div>\n

It took a while for Andersson to learn how data transfer works between a drone and its control unit, especially because they hop channels every 11 milliseconds. Nevertheless, if you can do it once, the path to hijacking a drone becomes clear; developers of the smart toys all use similar protocols.<\/p>\n

Developers follow the popular\u00a0<\/span>security through obscurity<\/a><\/em>\u00a0<\/span>method, counting on the complexity of protocols and neglecting strong encryption. Icarus can hack their primitive encryption and send a series of commands to hijack a craft during the 11 milliseconds a device waits before hopping channels.<\/p>\n

As a result, the drone\u2019s legitimate controller becomes useless and control goes to the malicious one \u2014 literally on the fly. The next video shows how it works in the real world.<\/p>\n