..... Like this from 12/2009:

"Insurgents Intercept Drone Video in King-Size Security Breach (Updated, with Video)

In Iraq and Afghanistan, the U.S. military depends on an array of drones to snoop on and stalk insurgents. Now it looks as if insurgents are tapping into those same drones’ broadcasts, to see what the flying robot spies see. If true — and widespread — it’s potentially one of the most serious military security breaches in years.

“U.S. military personnel in Iraq discovered the problem late last year when they apprehended a Shiite militant whose laptop contained files of intercepted drone video feeds,” Wall Street Journal reports. “In July, the U.S. military found pirated drone video feeds on other militant laptops, leading some officials to conclude that militant groups trained and funded by Iran were regularly intercepting feeds.”

How’d the militants manage to get access to such secret data? Basically by pointing satellite dishes up, and waiting for the drone feeds to pour in. According to the Journal, militants have exploited a weakness: The data links between the drone and the ground control station were never encrypted. Which meant that pretty much anyone could tap into the overhead surveillance that many commanders feel is America’s most important advantage in its two wars. Pretty much anyone could intercept the feeds of the drones that are the focal point for the secret U.S. war in Pakistan.

Using cheap, downloadable programs like SkyGrabber, militants were apparently able to watch and record the video feed — and potentially be tipped off when U.S. and coalition forces are stalking them. The $26 software was originally designed to let users download movies and songs off of the internet. Turns out, the program lets you nab Predator drone feeds just as easily as pirated copies of The Hangover.

And here’s the real scandal: Military officials have known about this potential vulnerability since the Bosnia campaign. That was over 10 years ago. And, as Declan McCullagh observes, there have been a series of government reports warning of the problem since then. But the Pentagon assumed that their adversaries in the Middle East and Central Asia wouldn’t have the smarts to tap into the communications link. That’s despite presentations like this 1996 doozy from Air Combat Command, which noted that that “the Predator UAV is designed to operate with unencrypted data links.

If you think militants are going to be content to just observe spy drone feeds, it’s time to reconsider. “Folks are not merely going to listen/watch what we do when they intercept the feeds, but also start to conduct ‘battles of persuasion’; that is, hacking with the intent to disrupt or change the content, or even ‘persuade’ the system to do their own bidding,” Peter Singer, author of Wired for War, tells Danger Room.

This has long been the nightmare scenario within Pentagon cybersecurity circles: a hacker not looking to take down the military grid, but to exploit it for his own purposes. How does a soldier trust an order, if he doesn’t know who else is listening — or who gave the order, in the first place? “For a sophisticated adversary, it’s to his advantage to keep your network up and running. He can learn what you know. He can cause confusion, delay your response times — and shape your actions,” one Defense Department cybersecurity official tells Danger Room.

Despite this rather massive vulnerability, drone operations show no signs of letting up. According to the Associated Press, “two suspected U.S. missile strikes, one using multiple drones, killed 17 people in a Pakistani tribal region.”

Meanwhile, military officials assure are scrambling to plug the hole. “The difficulty, officials said, is that adding encryption to a network that is more than a decade old involves more than placing a new piece of equipment on individual drones,” the Journal notes. “Instead, many components of the network linking the drones to their operators in the U.S., Afghanistan or Pakistan have to be upgraded to handle the changes.”

So it may be quite some time before this enormous security breach is filled."

http://www.wired.com/dangerroom/2009...ecurity-breach

....or this:

"U.S. was Warned of Predator Drone Hacking

CBS News December 17, 2009 3:25 AM

By Declan McCullagh Topics Technology .

Iraqi insurgents have reportedly intercepted live video feeds from the U.S. military's Predator drones using a $25.95 Windows application which allows them to track the pilotless aircraft undetected.

Hackers working with Iraqi militants were able to determine which areas of the country were under surveillance by the U.S. military, the Wall Street Journal reported on Thursday, adding that video feeds from drones in Afghanistan also appear to have been compromised.

This apparent security breach, which had been known in military and intelligence circles to be possible, arose because the Predator unmanned aerial vehicles do not use encryption in the final link to their operators on the ground. (By contrast, every time you log on to a bank or credit card Web site, or make a phone call on most modern cellular networks, your communications are protected by encryption technology.)

Meanwhile, a senior Air Force officer said Wednesday that a wave of new surveillance aircraft, both manned and unmanned, were being deployed to Afghanistan to bolster "eyes in the sky" protection for the influx of American troops ordered by President Obama.



(CBS)
When a Predator unmanned aerial vehicle, or UAV, is far from its base, terrain prohibits it from transmitting directly to its operator. Instead, it switches to a satellite link. That means an enterprising hacker can use his own satellite dish, a satellite modem, and a copy of the SkyGrabber Windows utility sold by the Russian company SkySoftware to intercept and display the UAV's transmissions.

The Air Force became aware of the security vulnerability when copies of Predator video feeds were discovered on a laptop belonging to a Shiite militant late last year, and again in July on other militants' laptops, the Journal reported. The problem, though, is that the drones use proprietary technology created in the early 1990s, and adding encryption would be an expensive task.

The implications of the Predator's unencrypted transmissions have been known in military circles for a long time. An October 1999 presentation given at the Air Force's School of Advanced Airpower Studies in Alabama noted "the Predator UAV is designed to operate with unencrypted data links."

In 2002, a British engineer who enjoys scanning satellite signals for fun stumbled across a NATO video feed from the Kosovo war. CBS News correspondent Mark Phillips reported then on the apparent surveillance security shortfall, and the U.S. military's decision to essentially let it slide.

The Air Force had hoped to replace the Predator with a stealthier, high-altitude version nicknamed "Darkstar," and the 1999 presentation by then-Maj. Jeffrey Stephenson noted that the new "high altitude UAVs will be capable of encryption." But the Defense Department informed Lockheed Martin that year that the Darkstar program would be terminated.

Iraqi interest in intercepting U.S. military transmissions is not exactly new. A report prepared for the CIA director after the U.S. invasion and occupation noted that Saddam Hussein assigned a young relative with a master's degree in computer science to intercept transmissions from U.S. satellites. The relative, "Usama," was secretly given office space in the Baghdad Aerospace Research Center, which had access to satellite downlinks.

The 2005 CIA report compiled by special advisor Charles Duelfer quotes Abd al-Tawab Huwaysh, Saddam's minister of industry, as saying he was shown real-time overhead video supposedly of U.S. military installations in Turkey, Kuwait, and Qatar before the invasion. A likely explanation, the report concludes, is that "Usama located and downloaded the unencrypted satellite feed from U.S. military UAVs."

A 1996 briefing by Paul Kaminski, an undersecretary of defense for acquisition and technology, may offer a hint about how the Iraqi's interception was done. Kaminski said that the military had turned to commercial satellites -- "Hughes is the primary provider of direct (satellite) TV that you can buy in the United States, and that's the technology we're leveraging off of" -- to share feeds from Predator drones.

"What this does is it provides now a broader distribution path to anybody who's in that downward receiving beam, for example," Kaminski said.

So why, after the CIA publicly reported that Predator transmissions had probably been intercepted in Iraq, did the Air Force do so little? One explanation is that the contractor, General Atomics Aeronautical Systems of San Diego, built the system in the early 1990s before encryption was common and easier to include. (Computer scientists had warned at the time that the U.S. government's anti-encryption laws were counter-productive because they discouraged the development and routine use of that technology.)

Bureaucratic inertia is another. As CBSNews.com reported last month, messages from President Clinton's entourage were intercepted in 1997, but Secret Service agents continued to use unencrypted pagers to share sensitive information about threats to the president's life on September 11, 2001. Perhaps it takes a front-page story in the Wall Street Journal to prod government officials into rethinking their views on the desirability of encryption.

Update 1 p.m. ET: A spokesman for the Air Force, Maj. Cristin Marposon, sent us this statement: "The Department of Defense constantly evaluates and seeks to improve the performance and security of our various (intelligence, surveillance, and reconnaissance) systems and platforms. As we identify shortfalls, we correct them as part of a continuous process of seeking to improve capabilities and security. As a matter of policy, we don't comment on specific vulnerabilities or intelligence issues.""

U.S. was Warned of Predator Drone Hacking - Taking Liberties - CBS News

Mebbe it's a bogus bogey...

Ex-Pentagon official: Captured spy plane seems fake
14 Dec.`11 - The unmanned spy plane recently captured by Iran appears to be a fake, according to a former Pentagon official.

I kind of like to see something out of the "X-Files", where a UFO/spaceship all of a sudden takes a life of its own and starts wreaking havoc among those surrounding the ship. If those Iranian engineers were studying the drone they say they intercepted and wanted to know, they would have an unpleasant surprise coming at them.

The Iranians don't mind lying, I guess.

"Signs of a Covert War Between the U.S. and Iran

NEWS ANALYSIS by RICHARD CLARKE
Dec. 17, 2011
There are unavoidable signs that the U.S. and Iran are engaged in significant covert actions against each other, including cyber war. Among the alleged covert activities that have been reported are:

Attacks on U.S. troops in Iraq and Afghanistan directed by the secretive Iranian Qods Force, often using Iranian designed improvised explosive devices;

U.S. manipulation, tampering, and contamination of parts and materials bought by Iran from other countries for use in its missile and nuclear programs;

An attempt by members of Iran's elite Quds Force to hire paramilitaries from Mexico's Zetas drug cartel to conduct a terrorist bombing in Washington;

The destruction of Iranian nuclear centrifuges by a U.S. computer virus, known as Stuxnet, and the creation of a cyber warfare unit by Iran to retaliate;

An unusually high rate of explosions at key facilities in Iran, including a missile development center, and at refineries and pipelines;

U.S. drone over-flights of Iranian nuclear facilities, and the Iranian response. Two drones were shot down over Iran before the recent Iranian capture of a U.S. stealth drone;

This photo released, Dec. 8, 2011, by the Iranian Revolutionary Guards, claims to show US RQ-170 Sentinel drone which Tehran says its forces downed earlier this week, as the chief of the aerospace division of Iran's Revolutionary Guards, Gen. Amir Ali Hajizadeh, right, listens to an unidentified colonel, in an undisclosed location, Iran. The discovery and arrest of a network of Iranians and Lebanese spying on behalf of the CIA, perhaps involving Iranian counter-intelligence agents breaking into a CIA covert communications computer network;

The assassination on the streets of Tehran of Iranian nuclear physicists, probably by agents hired by Israel;

The insertion of U.S. reconnaissance teams inside Iran.

It is against that backdrop of rumored covert action that Iran now claims to have captured a U.S. stealth drone, the RQ-170 Sentinel. Pentagon spokesmen quickly denied that Iran had outwitted the U.S., claiming that Iran had "lucked out" when U.S. pilots "lost control" of the RQ-170 and it just crashed in Iran. But is there a chance that Iran is right; how could Iran have done it? It might have happened something like this:

Iran could easily have learned where the U.S. RQ-170s are based in Afghanistan and might even have been able to notice when they take off and head toward Iran. They might well have guessed, correctly, that the RQ-170 was headed for an Iranian nuclear facility.

Iran could have stationed its newly acquired Russian Electronic Warfare (EW) truck mounted system, known as Avtobaza, near the nuclear facility. The Russian export is designed to manipulate the guidance and communications system of U.S. weapons. Using that system, Iran might have jammed the command-control link between the U.S. drone and the commercial satellite the drone uses to link back to its pilot.

When the drone can't talk to its pilot, after a while, it aborts its mission and goes home. To find its way home, the drone uses signals from the Global Positioning System (GPS) satellites. Unfortunately, the signal strength of the GPS satellites is relatively weak and a strong signal from something like the Russian EW systems can overpower it. This technique has been frequently demonstrated and allows something like the Russian trucks to "spoof" the GPS signal, pretending to be the satellite and providing false data to GPS receivers.

Iran Claims Electronic Attack Brought Down Drone

To avoid being spoofed, U.S. military systems listen to a different frequency than civilian GPS receivers, an encrypted channel from the satellite. How could Iran get around that? Iran could have gotten its hands on the encryption key used on U.S. drones, perhaps in the wreckage of the Reaper drones it has already shot down. Alternatively, Iran could have jammed the military GPS frequency, forcing the RQ-170 to shift to the civilian GPS channel.

If they did that, the RQ-170, unable to phone home, would have tried instead to fly home, but it would do so using a GPS signal that Iran was spoofing. By telling the drone that west was east and then giving it more detailed mis-directions, Iranian electronic specialists could have flown the aircraft to a base where Iranian intelligence officers were waiting for it. When the RQ-170 got to where it thought its home base was located, it would have landed on auto-pilot.

That's the story one Iranian official told the Christian Science Monitor (though other Iranian officials claim they did more than just "spoof" the drone.) Is the story plausible? Pentagon and U.S. intelligence experts say no, but they may underestimate Iran and overestimate their own systems. That kind of arrogance has happened before, when the U.S. was confident that the Soviet Union could not be reading the American Navy's encryption codes (but it was, thanks to the Walker family spy ring.). If the U.S. story is right, that the American pilot "lost control" of the RQ-170, the drone should have automatically flown home. It did not. If the U.S. is right and then drone just flew the wrong way and ran out of fuel, it should have crashed and been seriously damaged. In the Iranian pictures, the RQ-170 isn't badly damaged, or at least is made to look undamaged.

It is impossible for outside observers to know for sure which side's claims are right. It may even be hard for senior U.S. government officials to be sure that what they are being told by their experts is right. One lesson I learned over and over is that initial reports are almost always wrong. What we do know, however, is that Iran is seeking revenge for what it believes are CIA attacks, including the cyber weapon Stuxnet. And we can be sure that with both sides continuing to employ covert-action programs against the other, the risk of escalation and miscalculation increases, as does the risk of military hostilities."

Covert War Between the U.S. and Iran - ABC News

Hmmmmmmm..........

While looking for another news story I found this. Seems Iran has more than we thought and a few new items are reveled. Picture at the site. It looks nothing like any drone I have seen.

US Data In Iranian Hands After Downed Drone? | Fox News

__________________
"There are two ways to conquer and enslave a nation... One is by sword... The other is by debt."

John Adams 1826