BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Watch GPS Attacks That Can Kill DJI Drones Or Bypass White House Ban

Following
This article is more than 8 years old.

When a government intelligence staffer managed to crash his DJI Phantom drone on White House property, the Chinese manufacturer took the decision to issue a no-fly zone over the DC area. DJI already used GPS to implement invisible demarcations stopping users flying their machines into no-fly zones like airports, forcing them to land when they hit certain coordinates.

Unfortunately, as noted in a FORBES report on smartphone issues yesterday, there's a vulnerability in GPS affecting most commercial drones that would allow a nearby hacker to spoof signals, change coordinates and commandeer an Unmanned Aerial Vehicle (UAV) and take it wherever they wanted, whether that’s the White House or Dulles airport. That’s according to researchers from China’s Qihoo, who demonstrated their attacks using the free and open source GNU Radio, amongst other tools, to alter the GPS coordinates on a DJI Phantom 3. Thanks to free or cheap software defined radio tools, and the old, broken GPS standard, it's now inexpensive and relatively straightforward to carry out attacks on GPS, Lin Huang and Qing Yang warned.

Any hackers wanting to land a DJI or other drone on Obama’s lawn, or into other no-fly zones, can send spoof signals that would make it seem the UAV was in a safe zone, said Qing Yang, a member of Qihoo's Unicorn Team , a specialist research arm at the company that famously hacked a Tesla last year for a $10,000 prize. Being close enough to the drone to hack it would be a problem for attackers, though the Qihoo researchers set a radius of 100 metres in their tests.

Alternatively, it's possible to take drones out of the sky by making them believe they're in a no-fly area. In the video below, filmed from a camera on the UAV itself, the benevolent hackers do just that, forcing it to crash land:

The researchers said the weaknesses could be fixed by DJI and other drone makers, but they would have to do so at the GPS chip level, meaning any drones already out there are unlikely to receive an update.

DJI has been contacted for comment, but had no official line at the time of publication.

Drone attacks over GPS have long-been known and exploited, though spoofing signals has rarely been seen in the wild. In 2011, a Lockheed Martin drone was knocked out of the sky and captured in Iran. Reports suggested that along with some signal jamming, GPS spoofing was used to take it out of action.

There are other novel ways to knock out a drone, including hitting the natural resonant frequency of a UAV’s gyroscope. For whatever reason, that frequency is within the audible spectrum and can therefore be vulnerable to interference from noises transmitted at certain pitches.

In a separate showcase at DEF CON on Friday, a Parrot drone was killed mid-flight by researcher Ryan Satterfield who took advantage of an open Telnet port.

Qihoo researchers also showed off GPS exploits on car systems. In the video below, they make it appear that a BYD electric car, a Tesla competitor, is located in Tibet when it's actually in a car park in Beijing:

It’s not as catastrophic as, say, a remote attack killing a car’s brakes, but it could be a pain for anyone who relies too heavily on their navigation systems, i.e. 99 per cent of today’s drivers.