Iraqi insurgents appear to have been hacking into the live video feeds from U.S. spy drones using $25.95 software, the Wall Street Journal reports. Intelligence officials told reporters that
insurgents intercepted the video feeds by taking advantage of an
unprotected communications link in some of the remotely flown planes'
systems." Security experts are puzzled and outraged that the military allowed video
feeds to go unencrypted, spurring questions about what other mistakes we're making
in the field. How did this happen?
- Two Reasons This Is Really Bad Wired's Noah Shachtman and Natha Hodge evaluate "potentially one of the most serious military security breaches in years." They find "the real scandal: Military officials have known about this potential vulnerability since the Bosnia campaign. That was over 10 years ago. And, as Declan McCullagh observes, there have been a series of government reports warning of the problem since then. But the Pentagon assumed that their adversaries in the Middle East and Central Asia wouldn't have the smarts to tap into the communications link." They also look at the possibility insurgents could one day push orders into the system:
This has long been the nightmare scenario within Pentagon cybersecurity circles: a hacker not looking to take down the military grid, but to exploit it for his own purposes. How does a soldier trust an order, if he doesn't know who else is listening -- or who gave the order, in the first place? "For a sophisticated adversary, it's to his advantage to keep your network up and running. He can learn what you know. He can cause confusion, delay your response times -- and shape your actions," one Defense Department cybersecurity official tells Danger Room.
- The Military's Dangerous Arrogance Spencer Ackerman blasts the military for assuming that Iraqis wouldn't uncover the gaping security hole. "This ought to be the subject of immediate congressional hearings. As The Journal points out, the Air Force is (somewhat reluctantly) accepting that unmanned flights are the service's future. Can that future really be compromised by a $26 hack and ignorant, arrogant, xenophobic assumptions?" Ackerman adds, "Arrogance like this gets people killed. [...] A proper respect for the capabilities and the intelligence and the resilience of human beings across cultures is the best remedy. But it's the hardest one to absorb."
- How We Underestimated Them Foreign Policy's Thomas Ricks explains, "If anything, I think the enemy, being smaller and less bureaucratic, tends to be more technologically agile than us. I remember after the Anaconda battle in Afghanistan in the spring of 2001 seeing solar collectors in an al Qaeda command and control bunker high atop 'Roberts Ridge,'" he writes. "Anyway, solar power sure beats carry hauling batteries up the pathways along those 10,000-foot-high razorback ridges."
- Bad in Iraq, Worse in Af-Pak DefenseTech's Christian Lowe worries, "If they have this technology in Iraq and Afghanistan, they certainly have it in Pakistan where the AQ and Talib chieftans are holed up." He writes, "[C]learly this is the opening salvo in low-cost exploitation of our most high-tech assets and should be locked up before the administration sends even more drones to Afghanistan for operational overwatch."