For at least two years, the Palestinian terror group Islamic Jihad
could see what the Israeli military’s surveillance drones saw. That’s
the accusation of Israeli prosecutors, who this week arrested a man they
saw hacked into the drones’ video feeds. If true, the hack had obvious
value to terrorist leaders as they planned their operations against
Israeli troops and civilians.
Israeli
authorities arrested the alleged hacker, 23-year-old Maagad Ben Juwad
Oydeh, this year. On March 23 the Beersheba District Court indicted
Oydeh on charges of spying, conspiracy, contact with enemy agents, and
membership in an illegal organization.
The
Israeli press has referred to Oydeh as a “master hacker.” But his
alleged crimes were, on a technical level, probably far less impressive
than whatever methods the Israelis used to appprehend him. In fact, American drones were for years succeptible to the same kind of hacks.
Israeli
authorities have provided only the barest details of Oydeh’s background
and alleged crimes. Press reports citing the indictment claim Oydeh
first came into contact with Islamic Jihad while working in his father’s
electronics store in Gaza.
The
terror group reportedly provided Oydeh a satellite dish for picking up
radio signals and a frequency counter for pinpointing the signals’
location on the electromagnetic spectrum.
It reportedly took Oydeh three tries to intercept the signals from Israeli drones
flying over Gaza. On the third attempt in 2012, Oydeh was allegedly
able to record the video that at least one of the unmanned aircraft was
beaming to a military ground station.
The
court claimed that during his alleged four-year terror career, Oydeh
also tapped into ground-based security cameras belonging to the Israeli
military and police—and also electronically infiltrated the data network
of Israel’s Ben Gurion Airport.
The drone hack is possibly the most dramatic of Oydeh’s alleged crimes, if not the most useful for terrorist planners.
Viewing
the video drone would have allowed Islamic Jihad leaders to determine
where in Gaza Israeli authorities were focusing their attention—and
possibly deduce from that information which of the terror group’s own
operatives were under surveillance.
But
intercepting a drone’s video feed isn’t exactly difficult. It’s
actually much harder to tell when someone is illegally hacking a feed
than it is to illicitly capture the feed in the first place. Indeed, for
many years now insurgents, terrorists, and even professional spies have
been surreptitiously tapping into America’s drone video streams.
In
2009, U.S. authorities admitted that Iranian-backed insurgents in Iraq
had used consumer-grade hardware and software to intercept and record
video feeds from U.S. military drones flying overhead.
More
recently, whistleblower Edward Snowden—a former U.S. National Security
Agency analyst—provided to The Intercept evidence that American and
British spies based in Cyprus had tapped into Israeli drones feeds in 2009 and 2010.
That’s
not hard to do because drones’ video streams are, by design, meant to
be easily accessible. To that end, the feeds might be totally open and
unencrypted.
That’s
especially true of drones belonging to the Israeli Defense Forces,
which tries to make overhead video available to as many frontline
soldiers as possible. “It’s hard to make this feed both secure and
conveniently accessible to any IDF forces who need it,” Todd Humphreys, a
professor at the University of Texas’ Radionavigation Laboratory, told
The Daily Beast in an email.
“With
the right encryption and strict security protocols, there is no way
even a ‘master hacker’ like Juwad Oydeh could get access to these
feeds,” Humphreys added. “But sometimes the strict security put in place
also keeps IDF Lieutenant X from seeing the feed when he desperately
needs it. It’s a classic security-convenience tradeoff"
To tap
into an unencrypted video feed, all you really need is a satellite dish
and a radio receiver. The frequency counter can help to speed up the
hacking process. All these items “exist in the marketplace with no
problem whatsoever to acquire them,” Richard Langley, a satellite
tracking expert at the University of New Brunswick in Canada, told The
Daily Beast.
Prop
up the dish, tune the radio, pinpoint the signals from drones flying
overhead—and voila. You’ve hacked the drone. What you’re likely to get
is a stream of digital code. “You need to decode it,” Langley explained.
“You have to figure our what protocol is being used to transmit the
bits of information that make up picture or video that's being
transmitted.”
But
for convenience, most drone operators probably use the same video
standards that, well, everyone else does. “There are standards such as
MP4, which is commonly used by almost everyone to take video,” Langely
pointed out. “You could certainly transmit that via drone.” And anyone
with even the barest experience in software engineering could easily
decode the raw data into a viewable video, Langely said.
But
what’s missing from the video stream is arguably more important than
what’s present—namely, the drone’s command signal, which is transmitted
to the robotic aircraft from a single, secure ground station via a
highly encrypted radio link.
Sure,
any hacker can intercept a drone’s raw video, which the robot
broadcasts for the benefit of potentially hundreds of soldiers and
analysts on the ground. But that’s what Humphreys called a “passive
hack.” You can see what the drone sees, but you can’t control the drone.
So yes, Oydeh allegedly tapped into Israeli drone feeds. But what’s really impressive
is the fact that Israeli authorities caught him allegedly doing so.
That’s because there’s no easy way to know whether someone has
intercepted your drone video.
U.S.
troops discovered the drone-hacking going on in Iraq only after
apprehending an insurgent fighter—and happening across recorded drone
video on his laptop. It took Snowden, arguably the world’s most
notorious whistleblower, to reveal to the world that American and
British spies had tapped Israel’s drone feeds.
It’s
possible Oydeh blabbed about his hacking—in person, on the phone, or in
an email—while Israeli agents were listening in. It’s also possible an
Islamic Jihad double agent implicated Oydeh.
But
absent that traditional tradecraft, there’s just one way that Langley
said he can think of for Israel to have detected Oydeh’s intrusion.
Recalling how the British government requires TV owners to pay a user
fee, Langley explained that—to catch freeloaders—government officials
drive around in specially equipped vans that can detect the oscillators
inside unregistered televisions.
Oscillators
help a device capture a signal. And—this is key—they emit tiny, nearly
undetectable signals of their own, ones that can give away their own
location. If the Israelis are using equipment similar to British T.V.
enforcers, they could—in theory—detect the drone-video detector. “But
you’d have to be pretty close to the receiver to pick up its local
oscillator signal,” Langley said.
If the Israelis used this method to catch Oydeh, they were either acting on a tip—or they got lucky.
In
any event, the Israeli government claimed it succeeded in blocking
Oydeh’s electronic intrusion in 2014 —two years before authorities
finally arrested the alleged hacker. Perhaps like their American
counterparts, the Israelis have begun adding some encryption to their
drone feeds.
But
Humphreys warned that fully protecting drone data streams can be “hard
and expensive.” Hackers just might adapt faster than the drone operators
do.
thedailybeast
thedailybeast