US Drones Hack: It’s The Same Old Story

CNN reports that Iraqi insurgents were able to hack and view live feeds from US Spy Drones. The vulnerability was a non-technical one. The article summarized the issue as thus:

The official said that many of the UAV feeds need to be sent out live to numerous people at one time, and encryption was found to slow the real-time link. The encryption therefore was removed from many feeds.

It’s the same old story: it’s the trade-off between usability and security. In corporate America, we often need to make trade-offs between the usability of the application and the security, part of this assessment of usability comes down to cost of the application. One might expect the US Air Force to have the proper budget and technical requirements to make this function efficiently and securely given the importance of these reconnaissance missions.

The article states that:

The official said the United States generally can operate these systems with impunity in third-world countries that don’t have the technology to tap into open satellite feeds. However, according to the official, Iran has been pushing the SkyGrabber-like technology [used to hack the drones] to Shiite militants in Iraq essentially to see what the United States is looking at because Iranians believe they will be invaded next.

It’s a rational decision that ultimately relies on a type of security by obscurity: we will not need to protect something that is out of the enemy’s reach (technologically or economically). For the US, it’s the equivalent of putting one’s front door key in a space where it’s believed that only people who are over 6 foot tall may reach it. The military did not expect that someone may give the 5 foot tall person a ladder.

Post a Comment

Your email is never published nor shared. Required fields are marked *