Noah Schactman at Wired has a report claiming that the computers controlling America’s Predator and Reaper drone fleets have been attacked by a computer virus. The virus itself is a keylogger – a piece of software that records all of the keystrokes made by drone pilots. No damage appears to have been caused, and it’s unclear as to whether the virus attack was intentional or if someone just clicked the wrong link on Facebook. Either way, this points to a vulnerability in the security of the drone fleet, as the report goes on to claim that the virus hasn’t been cleaned off the systems yet.
Moreover, it appears that the virus has hit both classified and non-classified systems. If the attack was intentional, then it’s possible that data keyed into the systems has been transmitted to parties unknown. Though as of this time there’s no evidence of that.
Given that the use of drones has significantly escalated in the past few years, a breach in security is worrisome. Especially considering that it’s not the first time. As Schactman notes:
But despite their widespread use, the drone systems are known to have security flaws. Many Reapers and Predators don’t encrypt the video they transmit to American troops on the ground. In the summer of 2009, U.S. forces discovered “days and days and hours and hours” of the drone footage on the laptops of Iraqi insurgents. A $26 piece of software allowed the militants to capture the video.
The more that America’s security capabilities depend on data transmission and computerized weapons, attacks of this nature are inevitable, and computer security should be a significantly high priority. If keylogger software can infect these systems, how long will it be until another program captures more data from UAV surveillance missions? Or worse – enables someone else to take control of the drones?
I imagine that this will be a key problem in security going forward. Especially as the military looks into more remote controlled and autonomous robotics systems.Forbes