Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Analysts wary of Iran's spy drone hacking claims

Attack is possible, but analysts dubious that it happened, suggest other scenarios

Reports that Iranian electronic warfare experts may have succeeded in intercepting and capturing a sophisticated U.S. spy drone was received with some skepticism by security analysts.

While it is certainly possible that the drone was electronically ambushed as reported, more details are needed to know what exactly might have happened to the RQ-170 Sentinel drone, they said.

A story in the Christian Science Monitor this week reported that the recent U.S. spy drone captured by Iran may have been intercepted and tricked into landing in that country by Iranian electronic warfare experts.

The story quoted an unnamed Iranian engineer as saying that Iran was able to cut off the communications links to the Lockheed-Martin-made drone and reconfigure its GPS coordinates to trick it into landing in Iran.

The engineer was quoted as saying that Iranian engineers developed the attack by reverse engineering U.S. drones that had been previously captured or shot down, and by taking advantage of its weak GPS navigation system.

John Pescatore, an analyst with market research firmGartner, and a former analyst with the National Security Agency (NSA), said the supposed attack, while possible, was not plausible.

He noted that the Air Force in October had said that some of its drones had been hit with a virus . "If a virus could get in, then targeted malware surely could," Pescatore said.

However, to pull off the attack, the Iranians would have needed to have detailed knowledge of the drone's software, and it's doubtful they did, he said.

Two more likely scenarios are that the drone was simply lost, as a result of a command and control failure, or it's possible that some kind of jamming disrupted command and control, and that failsafe mechanisms that should have kicked in, did not, he said.

James Lewis, director and senior fellow at the Center for Strategic and International Studies in Washington said that it's possible the Iranians got help from the Russians. "They've recently said they're worried about electronic warfare," said Lewis, who led a team that prepared a set of national cybersecurity recommendations for President Obama in 2008.

According to Lewis, Russia has been focused on beating GPS security at least since the Bosnian War in the 1990s. "They monitor our telephone and computer networks and probably radio in the Air Force," he said. "So [they] could have heard DOD blabbing about any problems," related to its drone, he said. "[Russia] helped the Iranian nuke program, so why not electronic warfare?" he asked. Lewis said the U.S. is ahead in the GPS race with Russia.

China also cannot be ruled out as playing a role, although China appears to have fewer capabilities than the Russians in this arena, he said.

Ira Winkler, author of Spies Among Us, and a Computerworld columnist, said the Iranian drone incident is reminiscent of a previous incident in which attackers intercepted live video feeds from U.S. Predator drones operating in Afghanistan and Iraq.

In that case, the attacks were enabled via the use of a $26 off-the-shelf software product called SkyGrabber made by a Russian company.

In the most recent instance, it is likely that the drone's capture was not the result of a direct hacking of the drone.

"For example, if you know where a drone is, and you can beam a stronger GPS signal at the drone than it would get from a satellite, it would pick up the fake signal and think it is somewhere else," he said. "If signals aren't encrypted, the people with the strongest transmitter win."

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com .

Read more about security in Computerworld's Security Topic Center.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Gartner, National Security Agency, NSA, Topic
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Gartner, government, Government use of IT, hardware, hardware systems, IT in Government, security
Latest Blog Posts
Whitepapers
  • Data Center Physical Infrastructure: Optimising Business Value
    To stay competitive in today’s rapidly changing business world, companies must update the way they view the value of their investment in data center physical infrastructure (DCPI). No longer are simply availability and upfront cost sufficient to make adequate business decisions. Agility, or business flexibility, and low total cost of ownership have become equally important to companies that will succeed in a changing global marketplace.
    Learn more »
  • Case Study: NZ Bus Develops Applications 60% Faster, Improves Database Performance by up to 35%
    Key Benefits: Developed applications 60% faster, Created development and test environments in minutes compared to days and weeks previously, Reduced server costs by 30% with server virtualisation, Saved NZ$40,000 in database administrator training costs, Provided high availability features that keep the database and core applications up and running in the event of a server failure, Introduced compression capabilities that improved database performance by 30% to 35%. Read on.
    Learn more »
  • Webcast: Innovation Driving UC Everywhere: From Mobile to the Cloud and Beyond
    Polycom announced it is acquiring HP's Visual Collaboration Business Unit, including HP's Halo products and Managed Services, and the two companies have entered into a deep strategic agreement through which Polycom will become HP's exclusive partner for telepresence and video UC solutions. This will create an end-to-end UC solution that will deliver to our joint customers an unparalleled user experience, interoperability, investment protection, and ease of deployment. Watch this webcast.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.