Experts from the Ruhr University in Bochum and the Helmholtz Center for Information Security in Germany (CISPA) claim that DJI drones disclose information about their operators.
The media, by the way, wrote that hacking Mars rovers and drones could be quite easy.
Let me remind you that we also talked about Fast Company Hacker Says ‘Anyone Could Have Done It’, and also that Pirated Software for MacOS Comes with Malware.
The researchers were able to decipher the signals transmitted by DJI drones. It turned out that the devices broadcast not only their GPS coordinates and the unique ID of the drone, but also the GPS coordinates of their pilot.
The researchers presented the results of their work at the Network and Distributed System Security Symposium (NDSS) event, held in San Diego. For their study, the experts chose devices from DJI, one of the pioneers and leaders in the market for unmanned aerial vehicles (UAVs), drones and video stabilization equipment.
The fact is that these devices are becoming increasingly popular in war zones, because they can conduct surveillance at high altitude, conduct reconnaissance and even can be used as a weapon, while their operator is securely hidden at a distance of up to several kilometers from the drone.
However, experts warned that the location of the pilots is not such a big secret. In fact, anyone with simple and cheap radio equipment can intercept drone signals and decode them, thus obtaining the pilot’s coordinates.
In their report, scientists say that they were able to decipher the radio signals of DJI drones and decode the DroneID radio protocol they use.
After deconstructing the signals, the researchers saw that each DJI drone transmits not only its GPS coordinates and unique drone ID, but also the GPS coordinates of its operator via the DroneID protocol.
Initially, the DroneID system was created in order to allow governments, regulators and law enforcement agencies to control drones and prevent various abuses of them. But hackers and security researchers have long been saying that DroneID is unencrypted and open to anyone who can receive radio signals.
It is worth noting that DJI’s DroneID system was already under fire last spring, when the Ukrainian authorities criticized the company for the Russian military using DJI drones to target missiles.
At the same time, the Chinese manufacturer DJI has long been selling a special Aeroscope device to government regulators and law enforcement agencies, which allows you to intercept and decode DroneID data, determining the location of any drone and its operator at a distance of up to 48 kilometers.
At the same time, the company first emphasized that DroneID is encrypted and, therefore, inaccessible to those who do not have an Aeroscope device, which anyone can not purchase.
However, security researcher Kevin Finisterre later demonstrated the interception of some DroneID data using the freely available Ettus SDR. As a result, a DJI representative admitted in an interview with The Verge that the transmissions were not actually encrypted.
In their report, German scientists demonstrated that drone signals can indeed be decoded and read without any Aeroscope, which allows you to “listen” to DroneID to accurately determine the position of both the drone itself and its operator.
As proof of their findings, the research team has published a prototype tool to retrieve and decrypt DroneID data on GitHub.
In doing so, the researchers went even further than Finisterre: they studied the firmware of the DJI drone and its radio communication, reversed DroneID and created a tool that can receive DroneID transmissions using the already mentioned Ettus or the cheaper HackRF, which costs only a few hundred dollars (compared to $1000+ for Ettus devices). As a result, this allows carrying out all the functions available to Aeroscope without the drone itself.
Security experts and journalists now believe that, regardless of DJI’s motives for creating DroneID and advertising Aeroscop as the only suitable device for intercepting signals, the availability of information about the location of the drone operator and the fact that this data can be easily intercepted (not only with Aeroscope devices) will have a major impact on the use of quadcopters in war zones and other hostile environments.
Leave a Comment