• Thanks for stopping by. Logging in to a registered account will remove all generic ads. Please reach out with any questions or concerns.

Insurgents Hack U.S. Drones

Retired AF Guy

Army.ca Veteran
Reaction score
Not good news. The Wall Street Journal has a write-up about how insurgents in Iraq, and possibly Afghanistan, have been able to hack into the video feed from American UAV's . The usual caveats about Fair Dealings under the Copyright Act.

Insurgents Hack U.S. Drones
$26 Software Is Used to Breach Key Weapons in Iraq; Iranian Backing Suspected


WASHINGTON -- Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.

Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes' systems. Shiite fighters in Iraq used software programs such as SkyGrabber -- available for as little as $25.95 on the Internet -- to regularly capture drone video feeds, according to a person familiar with reports on the matter.
U.S. officials say there is no evidence that militants were able to take control of the drones or otherwise interfere with their flights. Still, the intercepts could give America's enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under U.S. surveillance.

The drone intercepts mark the emergence of a shadow cyber war within the U.S.-led conflicts overseas. They also point to a potentially serious vulnerability in Washington's growing network of unmanned drones, which have become the American weapon of choice in both Afghanistan and Pakistan.

The Obama administration has come to rely heavily on the unmanned drones because they allow the U.S. to safely monitor and stalk insurgent targets in areas where sending American troops would be either politically untenable or too risky.

The stolen video feeds also indicate that U.S. adversaries continue to find simple ways of counteracting sophisticated American military technologies.

U.S. military personnel in Iraq discovered the problem late last year when they apprehended a Shiite militant whose laptop contained files of intercepted drone video feeds. In July, the U.S. military found pirated drone video feeds on other militant laptops, leading some officials to conclude that militant groups trained and funded by Iran were regularly intercepting feeds.

Intelligence reporter Siobhan Gorman discusses how hackers were able to gain access to U.S. military drones, and what type of information insurgents accessed.

In the summer 2009 incident, the military found "days and days and hours and hours of proof" that the feeds were being intercepted and shared with multiple extremist groups, the person said. "It is part of their kit now."

A senior defense official said that James Clapper, the Pentagon's intelligence chief, assessed the Iraq intercepts at the direction of Defense Secretary Robert Gates and concluded they represented a shortcoming to the security of the drone network.

"There did appear to be a vulnerability," the defense official said. "There's been no harm done to troops or missions compromised as a result of it, but there's an issue that we can take care of and we're doing so."

Senior military and intelligence officials said the U.S. was working to encrypt all of its drone video feeds from Iraq, Afghanistan and Pakistan, but said it wasn't yet clear if the problem had been completely resolved.

Some of the most detailed evidence of intercepted feeds has been discovered in Iraq, but adversaries have also intercepted drone video feeds in Afghanistan, according to people briefed on the matter. These intercept techniques could be employed in other locations where the U.S. is using pilotless planes, such as Pakistan, Yemen and Somalia, they said.

The Pentagon is deploying record numbers of drones to Afghanistan as part of the Obama administration's troop surge there. Lt. Gen. David Deptula, who oversees the Air Force's unmanned aviation program, said some of the drones would employ a sophisticated new camera system called "Gorgon Stare," which allows a single aerial vehicle to transmit back at least 10 separate video feeds simultaneously.

Gen. Deptula, speaking to reporters Wednesday, said there were inherent risks to using drones since they are remotely controlled and need to send and receive video and other data over great distances. "Those kinds of things are subject to listening and exploitation," he said, adding the military was trying to solve the problems by better encrypting the drones' feeds.

The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said.

Last December, U.S. military personnel in Iraq discovered copies of Predator drone feeds on a laptop belonging to a Shiite militant, according to a person familiar with reports on the matter. "There was evidence this was not a one-time deal," this person said. The U.S. accuses Iran of providing weapons, money and training to Shiite fighters in Iraq, a charge that Tehran has long denied.

The militants use programs such as SkyGrabber, from Russian company SkySoftware. Andrew Solonikov, one of the software's developers, said he was unaware that his software could be used to intercept drone feeds. "It was developed to intercept music, photos, video, programs and other content that other users download from the Internet -- no military data or other commercial data, only free legal content," he said by email from Russia.

Officials stepped up efforts to prevent insurgents from intercepting video feeds after the July incident. The difficulty, officials said, is that adding encryption to a network that is more than a decade old involves more than placing a new piece of equipment on individual drones. Instead, many components of the network linking the drones to their operators in the U.S., Afghanistan or Pakistan have to be upgraded to handle the changes. Additional concerns remain about the vulnerability of the communications signals to electronic jamming, though there's no evidence that has occurred, said people familiar with reports on the matter.

Predator drones are built by General Atomics Aeronautical Systems Inc. of San Diego. Some of its communications technology is proprietary, so widely used encryption systems aren't readily compatible, said people familiar with the matter.

In an email, a spokeswoman said that for security reasons, the company couldn't comment on "specific data link capabilities and limitations."

Fixing the security gap would have caused delays, according to current and former military officials. It would have added to the Predator's price. Some officials worried that adding encryption would make it harder to quickly share time-sensitive data within the U.S. military, and with allies.

"There's a balance between pragmatics and sophistication," said Mike Wynne, Air Force Secretary from 2005 to 2008.

The Air Force has staked its future on unmanned aerial vehicles. Drones account for 36% of the planes in the service's proposed 2010 budget.

Today, the Air Force is buying hundreds of Reaper drones, a newer model, whose video feeds could be intercepted in much the same way as with the Predators, according to people familiar with the matter. A Reaper costs between $10 million and $12 million each and is faster and better armed than the Predator. General Atomics expects the Air Force to buy as many as 375 Reapers.

Write to Siobhan Gorman at siobhan.gorman@wsj.com, Yochi J. Dreazen at yochi.dreazen@wsj.com and August Cole at august.cole@dowjones.com

The thing is, that about eight years ago during NATO operations in the Balkans, civvies in Kosovo and Italy were picking-up video feeds from our drones on their ordinary TV set! You would have thought they would have solved the problem by now!
Obviously this isn't good but  encrypting may just cause a whole host of other problems and I'm pretty sure theres already ways to defeat this.

I wouldn't think the device that the INS are using has nearly any range nor does the average INS group have the map network or IA capability to know when or where the MQ-1/9 is even looking.

Just my 2 cents.
I'm sorry, what? Why aren't these encrypted?

Encrypting it should pose no problems at all, and the fact that these feeds aren't encrypted is absurd.

Give me a week, and I can produce for you a flying reconaisance drone which provides an encrypted video feed, and that's not an exageration.
Maybe it's just the lack of thinking by the intelligence community towards the other side. Who would have thought insurgents would be intercepting predator drone feeds. Most people (civilian) would agree on the stereotype that insurgents are idiots who live in caves. This is an attempt by the insurgents to knock down one of the many gigantic advantages the modern militaries have against them. Next thing you'll know they'll be listening to our communications.

"We didn't know they knew how to use a laptop or a radio so we didn't encrypt our communications."

a Sig Op said:
and the fact that these feeds aren't encrypted is absurd.

No it is not. I have practical experience with these types of datalinks. Do you ?
Keeping in mind that there is a fair amount of OPSEC around datalinks & encryption...any way you could elaborate a bit Aviator??  (About what is absurd/not absurd about it??)

I have to admit, I assumed data being transmitted from a UAV would be rather well protected also...but I have ZERO experience in operating UAV's.  Any chance you could elaborate without violating OPSEC?
a Sig Op said:
I'm sorry, what? Why aren't these encrypted?

It's a massive amount of information.

a Sig Op said:
Encrypting it should pose no problems at all, and the fact that these feeds aren't encrypted is absurd.

Not if one wants a high-quality image with minimal delay at affordable cost.

a Sig Op said:
Give me a week, and I can produce for you a flying reconaisance drone which provides an encrypted video feed,

So why have you not done so, and made yourself fabulously wealthy?

a Sig Op said:
and that's not an exageration.


And, lazy/ignorant media notwithstanding, these are not "drones". Drones are pre-programmed; these are Remotely Piloted Vehicles (RPVs). Both are sub-categories of UAVs.
CDN Aviator said:
No it is not. I have practical experience with these types of datalinks. Do you ?

Yes. It's not that hard to encrypt a video stream.
A retired USAF Lt Gen stated on TV on Wednesday that these video feeds are not a security risk as they are just video feeds. No targetting info, location data etc. Several years ago I stumbled on a similar feed, and as it was coming from Russia, I immediately closed it down and ran a security scan.

The videos may be like the old insect joke: "what's the last thing a bug sees as it hits a windshield?" Based on the interview, I doubt it. Like the article states, this has been known for over ten years.
Maybe this will make insurgent command posts less efficient as the insurgent staff gather around the laptop to watch live feed.
Maybe they will realize we can see in the dark and planting bombs in culverts at 3 am is a bad idea and why we magically see them and blow them up.
Why don't they bury a virus into the feed, it's easy enough to filter out if you know it's there.  Minimal processing power would be required and the upgrades wouldn't take more than a few minutes while they're being serviced.
Yea as I stated earlier it would cause quite a bit of difficulty just in trying to encrypt the VDL receivers (not that it can't be done but you can imagine the headache of trying to swap receivers out all over theatre). As I also eluded to not all these UAVs are flown from theatre and use specific data links (some are, Loach and Cdn Av would know what I mean with ways to defeat this INS cape already)  and it should also be noted that these feeds don't just come off of UAVs.

Sig Op, I'm pretty sure I too can can fly a remote controlled plane with a camera gun taped underneath, I'd be interested in your results though once your trying to send that feed 40 km out with a couple GBU-12s and some AGM-114s on, just for good measure. I'm sure your well up to speed on our VDL capes, right ?

I never claimed if I did it,  it would be perfect, but the fact that it CAN be done, begs the question why it's not being done.
It slows down the data stream causing a delay from the TX to the RX.
a Sig Op said:
Give me a week, and I can produce for you a flying reconaisance drone which provides an encrypted video feed, and that's not an exageration.

Once you have built a working UAS capable of MALE operations complete with a fully functional Ku band full motion video datalink that provides video in h.264 format, can provide a feed to any allied receiver and can be broadcasted to authorized stations half a world away, you let me know.

..not to mention getting everyone to agree on clearances. NATO does not mean compatability
...till then I'll fire up the ROVER (doesn't everyone have one?) and watch Pred Porn instead of the endless Christmas specials.