430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Security

The System-Aware Secure Sentinel against drone hacking

The System-Aware Secure Sentinel system is the solution able to prevent cyber attacks against drones by detecting “illogical behaviors” of the vehicle. The US Defense has sponsored the development of the System-Aware Secure Sentinel, a system to shield unmanned aerial vehicles from cyber-attacks. The system developed with funds from the US Department of Defense, the […]

The System-Aware Secure Sentinel against drone hacking

The System-Aware Secure Sentinel system is the solution able to prevent cyber attacks against drones by detecting “illogical behaviors” of the vehicle.

The US Defense has sponsored the development of the System-Aware Secure Sentinel, a system to shield unmanned aerial vehicles from cyber-attacks. The system developed with funds from the US Department of Defense, the project involved research teams at the Georgia Institute of Technology and the University of Virginia.

Drones are widely used in both military and private industry, but threat actors are increasing the number of cyber attacks against these versatile vehicles.  As military and commercial drone use continues to grow in a significant way, protecting them against cyber attacks will become a priority.

For this reason, the US Government is investing to improve the resilience through research and development of new solutions.

The System-Aware Secure Sentinel is a new system designed to detect “illogical behavior” compared to normal operating patterns of the aircraft.

“Detections can serve to initiate automated recovery actions and alert operators of the attack,” explained Barry Horowitz, a systems and information engineer at the University of Virginia in Charlottesville.

The system is crucial to prevent cyber attack against US drones that could cause damages or hijacking of the vehicles, as happened in 2011 when a US spy drone RQ-170 Sentinel drone was brought down by Iranians cyber units while it was flying in the country.

System-Aware Secure Sentinel

The Iranian Government claimed to have hit the drone with a “spoofing” attack that allowed to force the UAV landing in the territories controlled by Iranian militia.

“The principle behind the GPS spoofing attack is that sending to control system of the drone fake geographic coordinates it is possible to deceive the on board system hijacking the vehicle in a different place for which it is commanded.

A similar attack is possible due the leak of use of encrypted GPS signal, a common occurrence for civilian aviation, according to Noel Sharkey, co-founder of the International Committee for Robot Arms Control.

“It’s easy to spoof an unencrypted drone. Anybody technically skilled could do this – it would cost them some £700 for the equipment and that’s it,” Last year he declared to the BBC News.

A UAV could be directed somewhere using its GPS, a spoofer can make drone think it’s somewhere else and make it crash into a specific target, contrary to what we can think it wouldn’t be too hard for a very skilled attacker to manipulate an unencrypted signal sent to a drone and spoof them.” I wrote in a past blog post.

The System-Aware Secure Sentinel was tested against different cyber threats during a five day test session. The experts tested the capability of the system to prevent drone hacking with cyber-attacks launched from the ground, by other flying vehicles and interference with supply chains and attacks from military insiders.

The test session stressed the capabilities of the System-Aware Secure Sentinel on four different areas:

  • GPS data;
  • location data;
  • information about imagery;
  • on-board surveillance and control of payloads and took place over five days;

and as explained by the researchers the test results are exciting, the system was able to detect cyber-attacks in evry circumstance.

“The inflight testing gauged the effectiveness of the countermeasure technology in hardening the unmanned system’s cyber agility and resiliency under attack conditions,” the researchers said.

The University of Virginia recently licensed the technology to software firm Mission Secure Inc., which is currently working to commercialize the solution.

Pierluigi Paganini

(Security Affairs –  drone hacking, System-Aware Secure Sentinel)