Hard Light Productions Forums
Off-Topic Discussion => General Discussion => Topic started by: Bobboau on October 09, 2011, 06:22:16 pm
-
http://www.foxnews.com/scitech/2011/10/07/us-military-drones-infected-with-mysterious-computer-virus/
-
Heh, I thought this might be about the riots in Egypt from the title. But yeah, I love seeing unmanned armed aircraft have infected software.
(Also, how sweet would it be to get to control one of those things?)
-
(Also, how sweet would it be to get to control one of those things?)
That's a disturbing notion... :drevil:
-
What the article does not point out is that a keylogger could help reverse-engineer the drone software, as from that one might be able to figure out which input fires, which button(s) stalls the drone, exc exc. The next logical step would be a virus that takes control of one of these key functions. This virus doesn't even have to make the drone fire any weapons - just crashing such an expensive piece of equipment would really ruin the drone operator's day.
-
although firing on the wrong target would make it even better.
-
It would be much easier to just make the drone crash into the ground though. There are MANY functions aboard an aircraft that can be misused in order to crash the drone, as opposed to the drone's weapon system which probably has failsafes and multiple controls just to arm the weapons.
EDIT: Let's make a list of classic ways to crash a plane in a flight simulator:
Lowering the landing gear mid-flight, reducing aerodynamics
Messing with the flaps
Lock the pilot out of either Yaw, Pitch, or Roll (or all 3!)
Botching the landing
Folding the aircraft's wings mid-flight
And just generally making the craft dive nose-first into the ground.
Exc exc, I am sure there are many other ways to do so. The bolded one would be my preferred way. But if I can't figure out how to do it that way, I can do it another way....
-
I'm not saying that would not be effective, or even a good ROI, but I think if you are in for a penny, you might as well be in for a pound, might as well see if you can get full control of the thing and have it blow up a few 'good guy' tanks. if you can't THEN nose dive it, preferably into a medical shelter.
-
No what's more scary is didn't we have a predator on site at Obama's inauguration? You figure out how to hack them,
then wait for a larger class of target where we deploy these as overwatch... then in the space of a minute shove our
own drone, in a protected area, right back at us. Classic sleeper agent tactic.
-
I'm not saying that would not be effective, or even a good ROI, but I think if you are in for a penny, you might as well be in for a pound, might as well see if you can get full control of the thing and have it blow up a few 'good guy' tanks. if you can't THEN nose dive it, preferably into a medical shelter.
To accomplish that, the virus needs to:
- Cut off ALL controls from the bewildered pilots. If you miss one, they will fold the drone's wings on you and thus avert a disaster.
- Have some sort of AI to keep the drone from crashing. Autopilot MIGHT be able to do this if you hijack it.
- Same AI needs to be able to get the drone from where it is at to where whatever it wants to shoot is at. This involves actually turning the plane - traditional autopilots only keep it flying straight. Preferably without crashing.
- Needs to be able to line up for an attack run. Again, without crashing, as such kills your chances of a successful attack run.
- Bypass weapon failsafes. Stuff like the missiles maybe not arming without a lock or whatever classified stuff is on the drone weapons to keep exactly this from happening...
- And other stuff I haven't thought of.
Sounds less like a virus and more like a AI to me, which would take a lot of effort to program. If the drone is fully automated, this might be possible with a mere virus. But the picture the article shows of the drone controls kinda gives me the impression that it is -not- fully automated....
Plus programmers are lazy. I think the terrorist programmer will just settle for folding the drone's wings in-flight.
-
but like I said it would be worth it to try.
-
the article said that the drone system is on a closed system. so nothing comes in or out via network/internet. seems chances of reverse engineering the drone from that are not going to happen if the data goes nowhere.
EDIT: define worth a try. I would prefer our drones remain in the hands of the military trained to operate them.
-
the article said that the drone system is on a closed system. so nothing comes in or out via network/internet. seems chances of reverse engineering the drone from that are not going to happen if the data goes nowhere.
There surely are individuals in the inside that have the knowledge and/or means to do so. If this actually happens, cue real life spy drama/massive counterintelligence operations, that will either result in some sort of 'witch hunt' or otherwise have aftereffects that would be felt by every nation which has spies in the US (and what nation doesn't?)
-
But despite their widespread use, the drone systems are known to have security flaws. Many Reapers and Predators don’t encrypt the video they transmit to American troops on the ground.
From the wired.com article. What other security flaws are there? Quite clearly there is a way to hack the system, otherwise the keylogger would not of gotten into the drones in the first place.
-
But despite their widespread use, the drone systems are known to have security flaws. Many Reapers and Predators don’t encrypt the video they transmit to American troops on the ground.
From the wired.com article. What other security flaws are there? Quite clearly there is a way to hack the system, otherwise the keylogger would not of gotten into the drones in the first place.
If you'll note the article, it mentions that the virus was introduced during internal maintenance, transferring maps with external hard disks.
Basically, it's the equivalent of plugging a "dirty" USB drive into a non-networked computer. Sure, it'll get infected, but the infection isn't capable of doing anything without an outgoing network connection, and it's already established that these systems are closed-loop... so the keylogger can log the data, but it can't send.
It's unsurprising, really - anywhere that allows USB functionality is going to get infected by something sooner or later through bad user practices, but if the secure systems are closed to external traffic (or not even physically connected, as in this case) then there's no actual harm done.
The keylogger is probably something from the wild that made it onto military networks because some dumbass opened the wrong email/website, or brought in a USB key with pictures of their last vacation to show their work buddies.
-
unless they get infected by an autonomous virus, that is programed to perform specific actions under specific conditions, or better yet, to open that loop (if possible, big if)
-
I saw this the other day and the thread title was pretty much my initial thought.
Closed system or not, it had to have been exposed to the outside world to get this infection in the first place. If the military ever finds out who's responsible for bringing in a thumb drive for their porn collection, they'll be shuffled off to Camp X-ray and never see the light of day again. This is absolutely unacceptable in every way, and one of the biggest reasons why we're not ready to take humans out of the cockpit at this particular point in time. We're lucky we're fighting a bunch of dirty goat farmers hiding in caves, because an enemy with similar technological capabilities would have already found a way to either disable these drones, or worse, jack into the signal and turn them against us. Hubris, the greatest human folly, strikes again.
-
I'm not necessary talking about viruses. I am talking about the other 'security flaws' that the article mentions but the the US military understandably doesn't want us to know exactly what they are.
Maybe there is yet a way to crash the drone that we haven't discussed yet. Maybe a saboteur could be able to physically jam the flaps on the drone or something, resulting in serious flight problems once it gets off the ground.
unless they get infected by an autonomous virus, that is programed to perform specific actions under specific conditions, or better yet, to open that loop (if possible, big if)
Right, it won't take much in that regard to create a serious panic along the people who operate the drones.
-
Closed system or not, it had to have been exposed to the outside world to get this infection in the first place.
RTFA.
-
Closed system or not, it had to have been exposed to the outside world to get this infection in the first place.
RTFA.
Oh look, snark. How original.
I did read the article. If it's a closed system, it doesn't get a virus. The virus has to come from somewhere outside, and someone is responsible for exposing it. Maybe I have more experience reading between the lines of military-spec canned bull**** but they basically admitted as much.
-
Could a virus then put whatever data was collected on the next hard drive that gets plugged in?
-
Closed system or not, it had to have been exposed to the outside world to get this infection in the first place.
RTFA.
Oh look, snark. How original.
I did read the article. If it's a closed system, it doesn't get a virus. The virus has to come from somewhere outside, and someone is responsible for exposing it. Maybe I have more experience reading between the lines of military-spec canned bull**** but they basically admitted as much.
I literally JUST posted how they plugged external drives into the machines in order to transfer maps across. So, had you read the article in its entirety, or just read my previous post, you would have seen that staring you in the face. So yes, snark, and well-deserved snark too.
The keylogger came from an external hard drive plugged into the closed-system in order to transfer maps. This is neither surprising nor particularly frightening... well, except that they don't scan external drives moving around the department, but the drone systems themselves appear to have been just fine. The fact that a computer somewhere in the military got a malware infection isn't in the slightest bit surprising either - plenty of systems with low-clearance requirements and fairly open access in government, and security on those systems will be by the lowest bidder. And if one of those was used to put the maps on the external drives in the first place, there's your source.
This isn't like someone hacked a top-secret military network, guys. This literally could have happened because a frickin' secretary brought pictures of her kids into work on a thumb drive.
-
Could a virus then put whatever data was collected on the next hard drive that gets plugged in?
Possible but unlikely. That's not usually how keyloggers work.
-
But time and time again, the so-called “air gaps” between classified and public networks have been bridged, largely through the use of discs and removable drives. In late 2008, for example, the drives helped introduce the agent.btz worm to hundreds of thousands of Defense Department computers. The Pentagon is still disinfecting machines, three years later.
Use of the drives is now severely restricted throughout the military.
Again, from the wired.com article. THIS is how a virus spreads within a closed system, and likely how the drones got infected in the first place.
EDIT: Someone beat me to it already....
-
Possible but unlikely. That's not usually how keyloggers work.
Perhaps that's because no one has realised the kind of non-networked computer keyloggers can sometimes end up on.....until now at least. It wouldn't surprise me one bit if someone was right now creating a keylogger designed to do exactly that.
-
Closed system or not, it had to have been exposed to the outside world to get this infection in the first place.
RTFA.
Oh look, snark. How original.
I did read the article. If it's a closed system, it doesn't get a virus. The virus has to come from somewhere outside, and someone is responsible for exposing it. Maybe I have more experience reading between the lines of military-spec canned bull**** but they basically admitted as much.
I literally JUST posted how they plugged external drives into the machines in order to transfer maps across. So, had you read the article in its entirety, or just read my previous post, you would have seen that staring you in the face. So yes, snark, and well-deserved snark too.
The keylogger came from an external hard drive plugged into the closed-system in order to transfer maps. This is neither surprising nor particularly frightening... well, except that they don't scan external drives moving around the department, but the drone systems themselves appear to have been just fine. The fact that a computer somewhere in the military got a malware infection isn't in the slightest bit surprising either - plenty of systems with low-clearance requirements and fairly open access in government, and security on those systems will be by the lowest bidder. And if one of those was used to put the maps on the external drives in the first place, there's your source.
This isn't like someone hacked a top-secret military network, guys. This literally could have happened because a frickin' secretary brought pictures of her kids into work on a thumb drive.
Well deserved snark? We're saying the exact same thing. Somebody had a thumb drive that had been outside of the network, they brought it in (likely flying in the face of regulations), the closed system got exposed. Chill.
-
Possible but unlikely. That's not usually how keyloggers work.
upon reading this my immediate thought was "hmmm... I bet I could make one that did that" what do you thing the people who make these things are thinking right now?
-
Possible but unlikely. That's not usually how keyloggers work.
upon reading this my immediate thought was "hmmm... I bet I could make one that did that" what do you thing the people who make these things are thinking right now?
Sure, just saying that if this was one of the multitudes in the wild right now then it probably doesn't have that functionality.
-
Our (British Army) MilCommNet is codenamed Skynet V.
Could it be related? :shaking:
-
... and thus, by 2367, we still have manned space fighters :D
-
... and thus, by 2367, we still have manned space fighters :D
WIN.
-
There is no fate but the one the drones make for us.
-
That reply must've come with this username.