In the summer of 2012, a small robotic helicopter, painted Texas Longhorns orange and white, climbed into the air above the team’s empty football field in Austin. Then the device suddenly plummeted toward the grass, its controller overridden by a team of university- sanctioned hackers. A few days later, in the White Sands Missile Range in New Mexico, the same group (with permission) easily hijacked the university’s $80,000 military-grade drone.
“No one had ever done the attack that we did before,” says Todd Humphreys, director of the Radionavigation Laboratory at the University of Texas at Austin. At least not in the declassified world. But that doesn’t mean it’s not easy to replicate. Humphreys’s team used a relatively simple hand-built radio device to exploit a major loophole in drone security: the devices’ reliance on unauthenticated position data beamed from GPS satellites.
Both civilian and military systems rely on these transmissions, but only the latter use waveforms resistant to spoofing attacks. Civilian GPS data aren’t only unencrypted; the signals’ specifications are also publicly available. That means hackers can fool civilian drones with counterfeit signals made to look like normal satellite transmissions. By feeding a drone false position data, they can coax its onboard software into making bogus course “corrections” so that it ends up moving just how the hackers want it to.
Less tech-savvy privacy nuts could take a simpler approach, jamming a nearby drone instead of hijacking it. “It’s off-the-shelf easy,” Humphreys says. “For $100 you can buy a jammer over the Internet that does the job just fine in a two-mile radius. And if you’ve got a nice vantage point, on top of a mountain or a building, you can knock out GPS over an even broader area,” he says.
Such attacks wouldn’t only interfere with drones. They could also hinder in-car satellite navigation and smartphones, as well as elements of the U.S. banking system and the nation’s energy distribution network. “We have this stealth dependency on civilian GPS,” Humphreys warns. It’s illegal to send out jamming signals, just as it’s illegal to launch a spoofing attack, “but the law isn’t terribly enforceable,” he says. A determined troublemaker could jam nearby signals without much risk of getting caught, provided he or she switched locations every couple of hours.
Humphreys thinks regular Joes will want to defend their privacy too. “There will be a subculture that rejects the notion that Amazon drones are flying over their backyards, delivering packages to their neighbors,” he says. A few may use high-tech attacks to capture drones and keep them as trophies, he says, but most will take a more “down-to-earth” approach: “I have the sense that a shotgun is going to be the first thing they’ll grab, not a jammer or a spoofer.”
This article was originally published in the January 2015 issue of Popular Science.