December 17, 2009 3:25 AM
(CBS)Iraqi insurgents have reportedly intercepted live video feeds from the U.S. military's Predator drones using a $25.95 Windows application which allows them to track the pilotless aircraft undetected.
Hackers working with Iraqi militants were able to determine which areas of the country were under surveillance by the U.S. military, the Wall Street Journal reported on Thursday, adding that video feeds from drones in Afghanistan also appear to have been compromised.
This apparent security breach, which had been known in military and intelligence circles to be possible, arose because the Predator unmanned aerial vehicles do not use encryption in the final link to their operators on the ground. (By contrast, every time you log on to a bank or credit card Web site, or make a phone call on most modern cellular networks, your communications are protected by encryption technology.)
Meanwhile, a senior Air Force officer said Wednesday that a wave of new surveillance aircraft, both manned and unmanned, were being deployed to Afghanistan to bolster "eyes in the sky" protection for the influx of American troops ordered by President Obama.
(CBS)When a Predator unmanned aerial vehicle, or UAV, is far from its base, terrain prohibits it from transmitting directly to its operator. Instead, it switches to a satellite link. That means an enterprising hacker can use his own satellite dish, a satellite modem, and a copy of the SkyGrabber Windows utility sold by the Russian company SkySoftware to intercept and display the UAV's transmissions.
The Air Force became aware of the security vulnerability when copies of Predator video feeds were discovered on a laptop belonging to a Shiite militant late last year, and again in July on other militants' laptops, the Journal reported. The problem, though, is that the drones use proprietary technology created in the early 1990s, and adding encryption would be an expensive task.
The implications of the Predator's unencrypted transmissions have been known in military circles for a long time. An October 1999 presentation given at the Air Force's School of Advanced Airpower Studies in Alabama noted "the Predator UAV is designed to operate with unencrypted data links."
In 2002, a British engineer who enjoys scanning satellite signals for fun stumbled across a NATO video feed from the Kosovo war. CBS News correspondent Mark Phillips reported then on the apparent surveillance security shortfall, and the U.S. military's decision to essentially let it slide.
The Air Force had hoped to replace the Predator with a stealthier, high-altitude version nicknamed "Darkstar," and the 1999 presentation by then-Maj. Jeffrey Stephenson noted that the new "high altitude UAVs will be capable of encryption." But the Defense Department informed Lockheed Martin that year that the Darkstar program would be terminated.
Iraqi interest in intercepting U.S. military transmissions is not exactly new. A report prepared for the CIA director after the U.S. invasion and occupation noted that Saddam Hussein assigned a young relative with a master's degree in computer science to intercept transmissions from U.S. satellites. The relative, "Usama," was secretly given office space in the Baghdad Aerospace Research Center, which had access to satellite downlinks.
The 2005 CIA report compiled by special advisor Charles Duelfer quotes Abd al-Tawab Huwaysh, Saddam's minister of industry, as saying he was shown real-time overhead video supposedly of U.S. military installations in Turkey, Kuwait, and Qatar before the invasion. A likely explanation, the report concludes, is that "Usama located and downloaded the unencrypted satellite feed from U.S. military UAVs."
A 1996 briefing by Paul Kaminski, an undersecretary of defense for acquisition and technology, may offer a hint about how the Iraqi's interception was done. Kaminski said that the military had turned to commercial satellites -- "Hughes is the primary provider of direct (satellite) TV that you can buy in the United States, and that's the technology we're leveraging off of" -- to share feeds from Predator drones.
"What this does is it provides now a broader distribution path to anybody who's in that downward receiving beam, for example," Kaminski said.
So why, after the CIA publicly reported that Predator transmissions had probably been intercepted in Iraq, did the Air Force do so little? One explanation is that the contractor, General Atomics Aeronautical Systems of San Diego, built the system in the early 1990s before encryption was common and easier to include. (Computer scientists had warned at the time that the U.S. government's anti-encryption laws were counter-productive because they discouraged the development and routine use of that technology.)
Bureaucratic inertia is another. As CBSNews.com reported last month, messages from President Clinton's entourage were intercepted in 1997, but Secret Service agents continued to use unencrypted pagers to share sensitive information about threats to the president's life on September 11, 2001. Perhaps it takes a front-page story in the Wall Street Journal to prod government officials into rethinking their views on the desirability of encryption.
Update 1 p.m. ET: A spokesman for the Air Force, Maj. Cristin Marposon, sent us this statement: "The Department of Defense constantly evaluates and seeks to improve the performance and security of our various (intelligence, surveillance, and reconnaissance) systems and platforms. As we identify shortfalls, we correct them as part of a continuous process of seeking to improve capabilities and security. As a matter of policy, we don't comment on specific vulnerabilities or intelligence issues."
(CBS)Iraqi insurgents have reportedly intercepted live video feeds from the U.S. military's Predator drones using a $25.95 Windows application which allows them to track the pilotless aircraft undetected.
Hackers working with Iraqi militants were able to determine which areas of the country were under surveillance by the U.S. military, the Wall Street Journal reported on Thursday, adding that video feeds from drones in Afghanistan also appear to have been compromised.
This apparent security breach, which had been known in military and intelligence circles to be possible, arose because the Predator unmanned aerial vehicles do not use encryption in the final link to their operators on the ground. (By contrast, every time you log on to a bank or credit card Web site, or make a phone call on most modern cellular networks, your communications are protected by encryption technology.)
Meanwhile, a senior Air Force officer said Wednesday that a wave of new surveillance aircraft, both manned and unmanned, were being deployed to Afghanistan to bolster "eyes in the sky" protection for the influx of American troops ordered by President Obama.
(CBS)When a Predator unmanned aerial vehicle, or UAV, is far from its base, terrain prohibits it from transmitting directly to its operator. Instead, it switches to a satellite link. That means an enterprising hacker can use his own satellite dish, a satellite modem, and a copy of the SkyGrabber Windows utility sold by the Russian company SkySoftware to intercept and display the UAV's transmissions.
The Air Force became aware of the security vulnerability when copies of Predator video feeds were discovered on a laptop belonging to a Shiite militant late last year, and again in July on other militants' laptops, the Journal reported. The problem, though, is that the drones use proprietary technology created in the early 1990s, and adding encryption would be an expensive task.
The implications of the Predator's unencrypted transmissions have been known in military circles for a long time. An October 1999 presentation given at the Air Force's School of Advanced Airpower Studies in Alabama noted "the Predator UAV is designed to operate with unencrypted data links."
In 2002, a British engineer who enjoys scanning satellite signals for fun stumbled across a NATO video feed from the Kosovo war. CBS News correspondent Mark Phillips reported then on the apparent surveillance security shortfall, and the U.S. military's decision to essentially let it slide.
The Air Force had hoped to replace the Predator with a stealthier, high-altitude version nicknamed "Darkstar," and the 1999 presentation by then-Maj. Jeffrey Stephenson noted that the new "high altitude UAVs will be capable of encryption." But the Defense Department informed Lockheed Martin that year that the Darkstar program would be terminated.
Iraqi interest in intercepting U.S. military transmissions is not exactly new. A report prepared for the CIA director after the U.S. invasion and occupation noted that Saddam Hussein assigned a young relative with a master's degree in computer science to intercept transmissions from U.S. satellites. The relative, "Usama," was secretly given office space in the Baghdad Aerospace Research Center, which had access to satellite downlinks.
The 2005 CIA report compiled by special advisor Charles Duelfer quotes Abd al-Tawab Huwaysh, Saddam's minister of industry, as saying he was shown real-time overhead video supposedly of U.S. military installations in Turkey, Kuwait, and Qatar before the invasion. A likely explanation, the report concludes, is that "Usama located and downloaded the unencrypted satellite feed from U.S. military UAVs."
A 1996 briefing by Paul Kaminski, an undersecretary of defense for acquisition and technology, may offer a hint about how the Iraqi's interception was done. Kaminski said that the military had turned to commercial satellites -- "Hughes is the primary provider of direct (satellite) TV that you can buy in the United States, and that's the technology we're leveraging off of" -- to share feeds from Predator drones.
"What this does is it provides now a broader distribution path to anybody who's in that downward receiving beam, for example," Kaminski said.
So why, after the CIA publicly reported that Predator transmissions had probably been intercepted in Iraq, did the Air Force do so little? One explanation is that the contractor, General Atomics Aeronautical Systems of San Diego, built the system in the early 1990s before encryption was common and easier to include. (Computer scientists had warned at the time that the U.S. government's anti-encryption laws were counter-productive because they discouraged the development and routine use of that technology.)
Bureaucratic inertia is another. As CBSNews.com reported last month, messages from President Clinton's entourage were intercepted in 1997, but Secret Service agents continued to use unencrypted pagers to share sensitive information about threats to the president's life on September 11, 2001. Perhaps it takes a front-page story in the Wall Street Journal to prod government officials into rethinking their views on the desirability of encryption.
Update 1 p.m. ET: A spokesman for the Air Force, Maj. Cristin Marposon, sent us this statement: "The Department of Defense constantly evaluates and seeks to improve the performance and security of our various (intelligence, surveillance, and reconnaissance) systems and platforms. As we identify shortfalls, we correct them as part of a continuous process of seeking to improve capabilities and security. As a matter of policy, we don't comment on specific vulnerabilities or intelligence issues."
###
Another reason I don't join public networking sites.
".....is it safe to Tweet yet?"
December 17, 2009 10:40 PM PST
From cnet Security News
Twitter Hijacked by 'Iranian Cyber Army'
Twitter's home page before it went offline Thursday evening.
Updated at 11:15 p.m. PST to include comment from witness and reflect Twitter.com accessible again.
Updated at 11:50 p.m. PST with status update from Twitter.
Twitter.com was down Thursday evening, and it appears that the microblogging site may have been hacked or the victim of a DNS hijacking.
The site, which was inaccessible for about an hour starting around 10 p.m. PST, was defaced with the above image before it was taken offline.
The message at the bottom of the image appears to be written in Perso-Arabic script and when translated to English it read:
Iranian Cyber Army
U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don't, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To....
NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA?
WE PUSH THEM IN EMBARGO LIST
Take Care.
Twitter's status blog was also inaccessible. CNET has inquiries out to Twitter and we will let you know more when we hear back.
Chris Hoare, a Flickr user in Leicester, England, captured the screenshot above and said his attempt to connect to Twitter bounced through a second Web-hosting server before the image was displayed but that he couldn't catch the address.
"The HTML was pretty basic, and everything that it showed was local on the server it was being sent from," Hoare told CNET News.
A Twitter update message posted at 11:28 p.m. said the site was "working to recovery from an unplanned downtime" and indicated that the incident was indeed a hijacking of Twitter's DNS records: Twitter's DNS records were temporarily compromised but have now been fixed. We are looking into the underlying cause and will update with more information soon.
Security has been a thorny issue for Twitter in the past. In January, a hacker hijacked CNN anchor Rick Sanchez's feed and proclaimed the journalist was "high on crack." Twitter users have also been the target of a password-stealing phishing scam. Disguising itself as a private message that led to a fake Twitter log-in screen, the scam was widespread enough for Twitter to put a warning message on all members' home pages alerting them of the issue.
Certainly, there is a contentious history between Twitter and Iran. In the wake of supposed results of that nation's presidential election in June, protesters in Iran used Twitter to skirt government filters to report events, express outrage, and get people out to opposition rallies.
Twitter even rescheduled some planned downtime in order to stay accessible for Iranian users in the midst of political upheaval at the request of the U.S. Department of State.
No comments:
Post a Comment