While passing through an airport recently, a news headline on one of the televisions in the terminal caught my attention. The story was that North Korea had attempted to test a ballistic missile, but that computer hackers had put a stop to the test by causing the missile to explode less than five seconds after ignition.
So was the story true? Did computer hackers really bring down a North Korean missile? I honesty do not know. In spite of my background with the Department of Defense, I admittedly know very little about ballistic missiles. However, having spent the last few years training to go to space, I do know quite a bit about the rockets used for manned space flight, and I also have a background in computer security. Although I do not know whether or not hackers brought down the North Korean missile, I tend to think that the missile malfunctioned on its own, and that the story of the hack was little more than propaganda and wishful thinking. Even so, one has to question what the limits of hacking are when it comes to affecting physical objects in the real world.
Back in the dotcom era, I briefly wrote for an ill-fated magazine that was all about home automation. I jokingly wrote in one of my columns that I wanted to be the first person to develop a virus that attacks home automation systems. I would never actually do something like that, of course, but the point of the article was that a malware developer could cause havoc for some poor victim if they could take control of a connected home.
Hacks or pranks?
To date, I have not heard any verified stories of home automation malware, but a while back I did overhear a rather amusing conversation on an airplane. A guy who was seated near me told his travel companion that he was going through a nasty divorce, and that his ex had kicked him out of the house. From what I could gather, his former home was equipped with a WiFi thermostat. According to the man’s story, he decided to spite his ex-wife by remotely reprogramming the thermostat so that soon after she went to sleep each evening, the air conditioner would run at full blast. The temperature would reset back to normal just before she woke up. His idea was that he could increase his ex’s electric bill, and make it tough for her to sleep at night, while hopefully leaving her none the wiser as to why to was happening. The man said that he had even gone so far as to remotely change the thermostat’s password.
Of course remotely accessing an IoT device is one thing, but hacking such a device is quite another. After all, many IoT devices are specifically designed to provide remote access capabilities, but there is a big difference between remotely accessing a device, and hacking a device. Even so, many IoT devices are not only easy to hack, but a compromised device can also be used as a platform for launching attacks against other connected resources.
Hacking a drone?
Some of the higher-end, consumer-grade drones for example, make use of WiFi. The 3DR drone that I fly, for instance, contains an onboard WiFi-enabled, Linux computer. The drone’s controller contains an integrated wireless access point. Control inputs are sent to the drone over a WiFi link, and the drone sends back a live video feed over the same link.
A couple of years ago, I saw a demonstration in which someone took control of an airborne drone, using little more than a laptop. At the time, the hack made for an impressive proof-of-concept demonstration, but since that time, hacks against airborne drones have become more sophisticated. Some engineering students at Johns Hopkins University, for example, found three different ways to hack (and crash) a flying drone.
Although the idea of a hacker being able to hijack or crash a drone is probably unsettling for most drone pilots, not all drone hacks are designed to interfere with the drone itself. Instead, an airborne drone could potentially serve as a point of entry into hacking a higher-value target.
I mentioned earlier that the drone that I fly uses WiFi. Control inputs are sent from the controller to the drone, and the drone transmits video, flight data such as altitude, position, and battery remaining to the controller. What I did not mention is that the screen that is built into the controller only displays flight data. If you want to see a live video feed from the drone, then you have to connect an iOS or an Android device. This device not only displays the live video feed, but it also sends GPS data to the drone.
This type of setup is not exclusive to the 3DR drone. Each drone manufacturer has its own way of doing things, but many utilize iOS and Android devices in at least some way. In fact, there are drones on the market that do not even use a controller, but are instead controlled through a smartphone app.
So with this in mind, imagine that someone is flying a consumer-grade drone that is configured with its default settings. Anyone with a laptop and a bit of know-how could look up the drone’s WiFi password, and connect to the drone’s WiFi network. This connection can then be used to hack other devices on the network, namely the pilot’s tablet or phone. In other words, the pilot’s phone or tablet is the real target, the drone merely serves to assist with the hack.
Right now, I’m sure that some of you may be wondering how widespread this problem can possibly be. After all, not everyone is a drone pilot, and I don’t actually know anyone who has had their drone hacked. Even so, some law enforcement agencies have openly admitted to experimenting with drone hacking techniques as a countermeasure for bringing down a rogue drone. There are also countless Web pages dedicated to the subject of drone hacking.
IoT the big target
The main reason why I took the time to explain the drone hack, however, is because this technique, and countless variations of it, are being used to hack IoT devices in an effort to gain access to otherwise secure networks. In fact, this concept was demonstrated on stage at last year’s BlackBerry Summit.
For this demonstration, the speaker managed to hack a WiFi network by exploiting a weakness in a smart tea kettle. It was explained, however, that the device type didn’t really matter. Any IoT device could potentially be exploited. IoT devices are notorious for having very weak security. If you want to know exactly how the hack was performed, you can read the technical details here.
A credible threat
IoT devices have the potential to transform the way that we live and work. Even so, many of the IoT devices that are available today have very weak security. These security flaws can potentially be exploited in an effort to take control of the device itself, or to gain access to the underlying network and the resources that are connected to it. As such, IoT devices must be treated as a credible threat to network security.
Given how common IoT devices have become, it is somewhat unrealistic to expect to be able to keep these devices off of your network. A better alternative may be to connect IoT devices to a dedicated wireless network segment, so that IoT devices are completely isolated from sensitive network resources.
Photo credit: Wikimedia
