Researchers at the University of Texas discovered a gaping hole in the government’s plan to open US airspace to thousands of drones, shocking members of Congress and the highest levels in Washington.
Professor Todd Humphreys and his team at the University of Texas at Austin's Radionavigation Laboratory found a way to hack into drones, unmanned aerial vehicles (UAVs) , which are operated by Global Positioning System (GPS) signals, and can take control of these drones.
The House Homeland Security Subcommittee on Oversight, Investigations and Management subsequently examined the Department of Homeland Security's ability to oversee the domestic use of drones Thursday.
GPS signals are vulnerable to counterfeit 'spoofing', can be hijacked, controlled and could be turned into weapons alluding to enormous implications for terrorism, explained Dr. Humphrey, Assistant professor at School of engineering in Austin, before the Subcommittee.
Spoofing a GPS receiver on a UAV is just another way of hijacking a plane and there is no built in protection against spoofing, he said. “Just like monopoly money they have a detailed structure, but they don’t have any built in protection against counterfeiting or spoofing.”
Congress in February, under pressure from the Pentagon and drone manufactures, ordered the Federal Aviation Administration (FAA) to come up with rules to allow government and commercial use of UAVs over American soil by 2015.
Americans could eventually see drones guided by GPS pilotlessly delivering packages across the country, police drones keeping watch over U.S. cities and cargo plane-size drones monitoring transmission lines for power companies.
The Deparment of Homeland Security refused to attend the hearing and "seems disinterested or unprepared to step up to the plate to address a proliferation of unmanned aerial systems in US air space," says Rep. Mike McCaul, Chairman of the Homeland Security Oversight Subcommittee.
"DHS's lack of attention on this issue is not comprehensable. It should not take a 9/11 terrorist style attack like Hezbollah or lone wolf to address guidance and security implications of domestic drones," he said. "I had shut not take a hearing to force DHS to develop policy when it comes to the security of our homeland."
DHS fired back saying of jurisdiction this issue is of the Federal Aviation Administration. DHS's effort to identify and mitigate GPS interference through its new “Patriot Watch” and “Patriot Shield” programs is still in its infancy, poorly funded, and is mostly geared toward finding people using jammers, not spoofers.
Hijacking cannot be done to military UAVs used on the border, because military UAVs are encrypted, but any domestically used UAVs are not encrypted and wide open to infiltration.GPS spoofing can create national disasters with the ability to crash power generators and cell phone towers.