Parrot drones 'vulnerable to flying hack attack'

Parrot drone Parrot's drones allow their owners to see video taken from an altitude of 165m (540ft)

Related Stories

A security researcher has created a flying contraption that he says can hijack control of other flying drones made by one of the industry's leading manufacturers, Parrot.

Samy Kamkar said he was able to achieve the feat because the company's products do not support a way of encrypting or authenticating the wi-fi data they use.

The BBC understands that the company is looking into the allegation.

Other experts said Parrot appeared to have ignored well-known guidelines.

Samy Kamkar Mr Kamkar says that Parrot drones can be hijacked as they are operated through a "entirely open network"

However, they played down Mr Kamkar's suggestion that the technique might one day be adapted to hijack drones used by Amazon and others.

A spokesman for Parrot said he was unable to comment yet.

Mr Kamkar has previously made a name for himself by developing malware that exposed a flaw in the MySpace social network and for revealing that several smartphones were sending back location data identifying their owners' movements to the makers of their operating systems.

"I think it's critical that drones have some additional protection," he told the BBC.

"While the drones I'm demonstrating this attack on are consumer-based, they're still flying unmanned-vehicles, and the fact that they're this easy to take over is scary, especially when they will be much more ubiquitous soon."

'Design blunder'

In his latest blog - entitled Skyjack - he reveals how he combined a Parrot Drone with a Raspberry Pi computer, a wi-fi transmitter, a battery pack, existing hacking software and his own code.

"The Parrots actually launch their own wireless network which is how the owner of the drone connects," he explained.

"We take over by deauthenticating the owner, then connecting now that the drone is waiting for its owner to connect back in, exploiting the fact that we destroyed their wireless connection."

He said that the hack took advantage of the fact that Parrot's drones used a specific block of publicly registered MAC addresses to identify themselves, meaning the attack drone could pick them out from other wi-fi connected equipment in the area.

Parrot showed off its drone at the CES tech show earlier this year

Mr Kamkar added that the SkyJack technique could also be run from computer equipment on the ground to hijack Parrot drones flying overhead.

"This appears to be a basic design blunder," Prof Ross Anderson, head of the University of Cambridge's computer security research group, told the BBC.

He explained Parrot had two easily implemented options to prevent the hack:

  • Use a secret key, shared by the controller and the drone, to authenticate each command message sent to the drone
  • Encrypt the data sent between the machines, which has the added benefit of ensuring the content of any message remains private

Parrot targets its drones at enthusiasts who want to take videos or photos from above, controlling the devices via their smartphones or tablets.

The firm's latest model can fly at up to 40km/h (25mph) and at altitudes of 165m (540ft).

The news site Ars Technica has highlighted the fact that at least half a million Parrot drones have been sold since 2010.

Delivery drones

Mr Kamkar's blog appears to have been inspired by Amazon's announcement that it is carrying out tests of drone-based deliveries.

Amazon Prime Air drone Amazon is testing the use of drones to make deliveries

"How fun would it be to take over drones, carrying Amazon packages… or take over any other drones, and make them my little zombie drones?" Mr Kamkar wrote.

Package service UPS and Domino's Pizza are among other companies to have declared they are investigating a similar use of the technology.

However, one security consultant suggested such firms would be unlikely to ignore security guidelines if they ever brought their products to market.

"Both the ISO27001 and PCI DSS voluntary best practice standards state that any management traffic must be authenticated and encrypted," said Vladimir Jirasek from Jirasek Consulting Services.

"If Parrot is not following good practice this could lead to security incident, potentially followed by an accident. Imagine a drone disturbing traffic on a motorway.

"But I do not think Amazon would be lax in its security measures."

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

  • Shinji Mikamo's father's watchTime peace

    The story of the watch that survived Hiroshima


  • Northern League supporters at the party's annual meeting in 2011Padania?

    Eight places in Europe that also want independence


  • Elephant Diaries - BBCGoing wild

    Wildlife film-makers reveal the tricks of the trade


  • Hamas rally in the West Bank village of Yatta, 2006Hamas hopes

    Why the Palestinian group won't back down yet


  • A woman dining aloneTable for one

    The restaurants that love solo diners


BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.