Skip to main content

This guy claims he can hijack San Francisco’s $35,000 police drones from a mile away

hacker claims ability to hijack police drones drone
Image used with permission by copyright holder
Think drones are scary? Then you might not like the notion of hackable $35,000 police drones flying in your airspace. Unfortunately, that notion is something of a reality — at least according to one hacker who says he’s capable of commandeering a very expensive, very high-tech quadcopter from over a mile away.

On Wednesday’s RSA security conference in San Francisco, security researcher Nils Rodday revealed a number of rather alarming flaws in the city’s advanced, police-grade unmanned aerial vehicles (UAVs) that make it possible for him “to take full control over the quadcopter with just a laptop and a cheap radio chip connected via USB.” Due to the absence of any sort of encryption technology between the drone and its controller (called a “telemetry box,”), taking over one of these UAVs isn’t a particularly complicated process. In fact, if you’re able to reverse engineer the flight software, you’re able to completely hijack the quadcopter, sending your own controls while blocking all signals from the legitimate operator.

Recommended Videos

“You can inject packets and alter waypoints, change data on the flight computer, set a different coming home position,” Rodday says. “Everything the original operator can do, you can do as well.”

Please enable Javascript to view this content

So what’s leading to this massive security flaw? Rodday has narrowed it down to two primary culprits — the weak “WEP” or “wired-equivalent privacy” encryption used to connect the telemetry module and a user’s tablet, and even worse, the incredibly insecure encryption (or lack thereof) that connects the telemetry model to the UAV itself.

Rodday, who now works at IBM, has since informed drone manufacturers to the breaches he’s uncovered, and tells Wired that the company plans to address the issue when it updates its line of drones. But that means that the UAVs already on the market are fair game for hacking, and from quite a distance at that.

This is by no means the first time that the security of such drones has been called into question. A few years ago in 2013, Samy Kamkar, a hacker in his own right, showed how his homemade Raspberry Pi equipped drone could be used to hack into other drones mid-flight. The vast majority of the problems he discovered, he said, were contingent on insecure Wi-Fi connections. “It’s all the same story: really poor authentication or no authentication,” Kamkar told Wired.

So before drones can be used by police, they need to be secured. Because nothing could be worse than a gun-equipped UAV that has been taken over by malicious hackers.

Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
U.S. EVs will get universal plug and charge access in 2025
u s evs will get universal plug charge access in 2025 ev car to charging station power cable plugged shutterstock 1650839656

And then, it all came together.

Finding an adequate, accessible, and available charging station; charging up; and paying for the service before hitting the road have all been far from a seamless experience for many drivers of electric vehicles (EVs) in the U.S.

Read more
Rivian tops owner satisfaction survey, ahead of BMW and Tesla
The front three-quarter view of a 2022 Rivian against a rocky backdrop.

Can the same vehicle brand sit both at the bottom of owner ratings in terms of reliability and at the top in terms of overall owner satisfaction? When that brand is Rivian, the answer is a resonant yes.

Rivian ranked number one in satisfaction for the second year in a row, with owners especially giving their R1S and R1T electric vehicle (EV) high marks in terms of comfort, speed, drivability, and ease of use, according to the latest Consumer Reports (CR) owner satisfaction survey.

Read more
Hybrid vehicle sales reach U.S. record, but EV sales drop in third quarter
Tesla Cybertruck

The share of electric and hybrid vehicle sales continued to grow in the U.S. in the third quarter, the Energy Information Administration (EIA) reported this month.

Taken together, sales of purely electric vehicles (EVs), hybrids, and plug-in hybrids (PHEVs) represented 19.6% of total light-duty vehicle (LDV) sales last quarter, up from 19.1% in the second quarter.

Read more