Chinese hackers have control of US power grid

page: 6
27
<< 3  4  5    7 >>

log in

join

posted on Sep, 29 2012 @ 10:03 PM
link   

Originally posted by Laxpla
reply to post by _R4t_
 


Thanks for correcting me, I was basing my information off that forum and some tidbits I picked up along the way. I was inferring about the RQ-170 and Iran's original claim of "hacking" it. I was always under the impression that in order to mimic the controller input signals is to access the sat-com antenna which means you need proper signal coding, wavelength, and protocols, the "access" transmitter has to be above the antenna to be in the proper position. If it was so cut and dry I would suppose Iran would be able to do it again for another propaganda trophy.

Your background, Very cool, you're similar to my friend who is into computer security. He maintains a site called infiltrated.net, and a lot of information about the Flame malware, China and everything in between and could pertain to this thread a lot. Something you might enjoy reading as its up your ally!


np man
pretty much one could "record" the data sent off the satelites and playback the couple seconds before it makes a left turn or a right turn and fool it into doing it as long as you over power the orbital sats you should be fine...

ps: long live Deadmau5
edit on 29-9-2012 by _R4t_ because: (no reason given)




posted on Sep, 30 2012 @ 04:14 AM
link   
reply to post by _R4t_
 



...pretty much one could "record" the data sent off the satelites and playback the couple seconds before it makes a left turn or a right turn and fool it into doing it as long as you over power the orbital sats you should be fine...


It doesn't work like that.

For starters, the sat' link is usually secondary to the AWACS' connection and secondly, the data link is encrypted with an algorithm. Henceforth, the signal will always change and can't be imitated without knowing the algorithm.

If you try and over-power the control signal, the drone will just switch to auto-pilot until a new encrypted connection can be established.



posted on Sep, 30 2012 @ 08:27 PM
link   

Originally posted by OccamAssassin
reply to post by _R4t_
 



...pretty much one could "record" the data sent off the satelites and playback the couple seconds before it makes a left turn or a right turn and fool it into doing it as long as you over power the orbital sats you should be fine...


It doesn't work like that.

For starters, the sat' link is usually secondary to the AWACS' connection and secondly, the data link is encrypted with an algorithm. Henceforth, the signal will always change and can't be imitated without knowing the algorithm.

If you try and over-power the control signal, the drone will just switch to auto-pilot until a new encrypted connection can be established.



Had you read my earlier post and stop to think for a second perhaps you would of understood the concept but seems like you focused your efforts in highlighting the word "encrypted"...

It doesn't matter to the drone whether the signal come from orbit, from an AWAC or from collective asses of the angels above... Signal is signal... the AWAC serve as a "repeater" the signal recorded contain "data" the data is ALREADY encrypted... now the trick is to record the data using a directional antenna from one that's flying and waiting until it makes turns and so on so you can flag where in the recorded data stream the drone made maneuvers... Once you got all you need you use a directional transmitter from the ground and replays the "ALREADY ENCRYPTED" signal to the drone using an directional antenna so you can "FOCUS" it at the drone... from there since the drone pickup a stronger signal than the ones from orbit since its closer well guess what it does... it does the same thing that any performance oriented device does... it sticks to the one thats providing it with the best signal source... I'll let you think of what would happen if it would do the opposite and purge the better connection for the worst ones... cmon think with your head you seem to be an intelligent person...

Drones navigating will swap from one satellite to another as some in orbit may become unavailable depending on the locations they are around the world so they automatically room to the one providing the best signal source... By sending pre-recorded data stream thats "ALREADY ENCRYPTED" on the proper frequency you fool it into believing its legit signal...

Just like you cellphone roam from one tower to another to maintain the best quality of signal possible when your driving around in your car... Its just exploiting that trust relationship... Same type of attack was done but on cellphones at one of the defcons by spoofing a cellsite the dude had every single cellphones in the audience connect to his fake cellsite... since the cells picked a "better source" they where fooled into connecting to it...

How do you think you hack a wifi to get the "encryption key"... first you gather some "already encrypted" packets then you play then back on repeat at insane speed to force the wifi AP to reply to you... by generating a stream of data you can pickup IV's at 100 times faster pace than you would on an AP that would have low traffic... Same principle.. you DONT have the encryption cypher but you can force a response from the device by fooling it with data that it will trust since even though its not "legit" data so to speak it has the proper cypher so it fools the device...

The overpowering part is by sending a signal that with be stronger and be clearer than the one it already has so the drone will do whats its supposed to and "roam to the better satellite".. similar to evil twin AP attack and others...

In most case the technologies are different but the attacks are the same or the principal are close if not at times one and the same...
edit on 30-9-2012 by _R4t_ because: (no reason given)
edit on 30-9-2012 by _R4t_ because: (no reason given)



posted on Sep, 30 2012 @ 09:54 PM
link   
reply to post by _R4t_
 


Wow. You really don't have a clue about the system you are describing.

In critical systems, the encryption key has many variables that ensure that the encryption signal constantly changes. Time synchronisation plays a big part in these encrypted systems....if you were to record a control signal and then tried to play it back....the drone would instantly know that the control signal is compromised as the time signature would not match the on-board system and the signal would just be garbled.

Note- The time signature actually makes up a part of the key.

This means that the signal will always be unique because the structure of the encryption system NEVER REPEATS!


edit on 30/9/2012 by OccamAssassin because: (no reason given)



posted on Sep, 30 2012 @ 10:22 PM
link   
reply to post by _R4t_
 



How do you think you hack a wifi to get the "encryption key"... first you gather some "already encrypted" packets then you play then back on repeat at insane speed to force the wifi AP to reply to you... by generating a stream of data you can pickup IV's at 100 times faster pace than you would on an AP that would have low traffic... Same principle.. you DONT have the encryption cypher but you can force a response from the device by fooling it with data that it will trust since even though its not "legit" data so to speak it has the proper cypher so it fools the device...


What kind of encryption system/algorithm are you talking about?

How long would it take to hack a WPA2 wi-fi access point, with a passkey of 30+ - mixed - characters?

Considering how long it takes to breakdown weak WPA keys, do you really think you could identify the encryption systems (remember that each frequency/channel used by the drone and yes there are many, both in & out, uses a unique, dedicated system) used by a drone and break it down whilst the drone is still in range?
edit on 30/9/2012 by OccamAssassin because: (no reason given)



posted on Sep, 30 2012 @ 10:45 PM
link   
reply to post by OccamAssassin
 


I'm sure you'll argue with an entire university research team that actually did highjack it spoofing said encrypted signal with a cheap ass built 1000$ transmitter..

www.ae.utexas.edu...



posted on Sep, 30 2012 @ 10:52 PM
link   

Originally posted by OccamAssassin
reply to post by _R4t_
 



How do you think you hack a wifi to get the "encryption key"... first you gather some "already encrypted" packets then you play then back on repeat at insane speed to force the wifi AP to reply to you... by generating a stream of data you can pickup IV's at 100 times faster pace than you would on an AP that would have low traffic... Same principle.. you DONT have the encryption cypher but you can force a response from the device by fooling it with data that it will trust since even though its not "legit" data so to speak it has the proper cypher so it fools the device...


What kind of encryption system/algorithm are you talking about?

How long would it take to hack a WPA2 wi-fi access point, with a passkey of 30+ - mixed - characters?

Considering how long it takes to breakdown weak WPA keys, do you really think you could identify the encryption systems (remember that each frequency/channel used by the drone and yes there are many, both in & out, uses a unique, dedicated system) used by a drone and break it down whilst the drone is still in range?
edit on 30/9/2012 by OccamAssassin because: (no reason given)


You talk alot of stuff for a guy that can't make the different between WEP and WPA when given all the the required info in the post to identify which one I was pointing out...

WEP can be compromised by identifying weak packets but said weak packets can be rare to find on a network with low or little activity... By cherry picking some weak ones and replaying them over the "encrypted" network you can generate a data storm hence multiplying the time it takes you to gather enough weak packets to use the weakness WEP has and decrypt it...

Anyone with basic knowledge of wifi hacking would know WPA isn't succeptible to this form of attack hence wouldn't of even ever mention WPA and would of known instantly I was making reference to WEP.

Aren't you that dude I had a thing with in another thread who said he worked for the government or some sh!t?

And it was given as example...
edit on 30-9-2012 by _R4t_ because: (no reason given)



posted on Sep, 30 2012 @ 11:12 PM
link   

Originally posted by _R4t_
reply to post by OccamAssassin
 


I'm sure you'll argue with an entire university research team that actually did highjack it spoofing said encrypted signal with a cheap ass built 1000$ transmitter..

www.ae.utexas.edu...


Look at image # 8 from your link.

Now look at the image on the top right of this page .... en.wikipedia.org...

Can you spot any differences?

My point about the encryption still stands.....You cannot just record the control signal and play it back!

Did you really think that the military encryption system will be susceptible to the style of attack, one would use on a WEP access point, if the current generation of routers for home use WPA/WPA2 are not?

BTW.... I started in networking in the early 80's.....I was well aware that WPA2 is considered uncrackable(with a sufficiently long enough key - >22 characters). - That was a point of the post.



edit on 30/9/2012 by OccamAssassin because: (no reason given)
edit on 30/9/2012 by OccamAssassin because: (no reason given)
edit on 1/10/2012 by OccamAssassin because: (no reason given)



posted on Oct, 1 2012 @ 12:39 AM
link   
reply to post by OccamAssassin
 


Replay attack...

en.wikipedia.org...



A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution (such as stream cipher attack).


Be it packets on a computer network or Data on a RF Carrier wave the principle and the results are the same... It all boils down to 1's and 0's only different media of transfer...

Replay attack against encryption STRAIGHT from a US Navy mil site... wanna argue more?

www.dtic.mil...

First 3 lines... Its strange the US naval labs spent time on researching attacks that you've proven impossible perhaps you should send them an email and explain them your theories...



Abstract
This paper presents a taxonomy of replay attacks on
cryptographic protocols in terms of message origin and
destination.


...



BTW.... I started in networking in the early 80's....


No offense bout you need to sharpen your pencils my friend...

I code in C and you have to program your own TCP sockets from scratch in C there's no pre-defined stuff if you want the program to communicate with the outside world... You can't just call a function like PHP or other languages thats going to do all the dirty work for you... You have to make it from the ground up bits by bits... This involved including encryption protocols and #... I'm more than aware on how these attacks can be implemented and what counter measures can be put in to prevent them... But the thing is that humans make mistakes and when you trust your encryption too much sometimes you make mistakes and forget about the "small" things amongst other things...

Had they used a nonce this drone would of never been compromised unless they would have cracked the encryption protocol but had they done this it would be the first thing they would have bragged about because they couldn't of only controlled its flight path but they could get it to do ANYTHING it would be compromised inside out... Hence my understanding they DIDN'T crack it... beside cracking it completely your left with very little you can do to pass codes to it and have it do things you want... Replay attack being the nail that stands out...

Had you taken 10 minutes to google what I was saying you would of found out the possibility of such attack but it seemed that attaching more importance to validating a point than understanding the logic behind it has brought us here...

Nowwww I'ma lay back and listen to the grillons...
edit on 1-10-2012 by _R4t_ because: (no reason given)



posted on Oct, 1 2012 @ 02:24 AM
link   
reply to post by _R4t_
 


Wow. You really run on "ego-drive" don't you.




Replay attack against encryption STRAIGHT from a US Navy mil site... wanna argue more?
www.dtic.mil...
First 3 lines... Its strange the US naval labs spent time on researching attacks that you've proven impossible perhaps you should send them an email and explain them your theories...


Logically, I must point out that you have referenced a style of attack that was identified and a subsequently had a paper written - by the military itself - in 1994, your inferring that - despite the public sector figuring out a way to protect against this type of attack - military drones are still susceptible.



BTW, if you were really tech savy, you would know that it matters not, what language the system is based around. A much larger concern is how the data is structured and parsed.

Maybe you should call up your daddy and show him your posts so he can point out where you have crossed your wires.

It would save a lot of frustration, because I am sick of trying to explain this to you.

The encryption layer is at a lower lever.

Now try and understand this.........If you capture this data......you do not see the normal encapsulated packet headers with encrypted content. You see one massive stream of encrypted data. No starts. No Stops. Just one amazing stream of data that can only be decrypted with the appropriate hardware & software.

Pay Attention.

THE ENTIRE PACKET IS ENCRYPTED AND FED IN A TIME & ALGORITHM REGULATED STREAM!

This is fundamental to you understanding how retarded your posts have been since you first jumped in on this conversation and began spouting crap.

I really don't care what you know about the structure of TCP, it is not relevant here.

You made the claim that you could simply record a transmission and play it back to influence the drones flight.

THIS WILL NOT HAPPEN.

At best/worst, the drone will detect that the data link is compromised and will ignore anything feed via that frequency and switch to a predetermined course - Auto pilot - until the link can be re-established.

edit on 1/10/2012 by OccamAssassin because: (no reason given)
edit on 1/10/2012 by OccamAssassin because: (no reason given)



posted on Oct, 1 2012 @ 02:57 AM
link   
reply to post by OccamAssassin
 

You are absolutely correct. First of all...there is NO WAY that even the best out there would be able to Hack an Algorithmic Encryption in REAL TIME such as a DRONE about to attack. Drones use Multiple Algorithmic Encryption Sends and Returns and any change in a Drones Attack Run that is not aborted by a specific Procedure will cause the Drone to IGNORE ANY OVERRIDE COMMAND.

You cannot just Hack a Drone and Fly as you choose. The Drone has built in Protocols for Attack Runs...Abort Protocols...angle of flight pattern is programmed in to avoid...if in Day Time...any Turn that would allow large Reflection of the Sun off a wing. The Drone takes into account where the Sun is as well as where any possible enemy Missile Batteries might be. If in the extreme unlikely even a Drone was hacked...it would last about two seconds as the moment any change of flight path that does not match up with standard protocols that take into account all and more of the Protocols I have listed...the Drone would switch Data Links to another Multi-Algorithmic Encrypted Signal.

In order to actually hack a drone and use it...it would have to be an inside job. Something as simple as a turn of the wing in the wrong direction or too slow or too fast after receiving the Data...will cause the Drone to simply SWITCH TO A DIFFERENT DATA STREAM. The GLOBAL HAWK has 12 possible Data Streams and 3 must be in use at any one time. How would any hacker know which 3? And as far as Breaking an Algorithmic Encryption that also changes data streams in another Algorithmic Pattern but 3 Must always be sending and receiving...to hack that is IMPOSSIBLE! Split Infinity



posted on Oct, 1 2012 @ 04:08 AM
link   
Then if your oh so great care to explain the world how they did this?

www.ae.utexas.edu...

They certainly didn't crack the fkin encryption cuz it would be the headline... so go ahead and show the world how you know more than a team of university researcher and I...

And NO "AN ENTIRE PACKET" isn't encrypted the payload is not the header otherwise IF THE WHOLE THING WOULD BE how the fkin hell do you think a router could route it and know where it goes if it can't read the god damn SRC and DEST addresses...

An an algorithm has nothing to do with the damn stream and flow of the data that controlled by the TCP protocol as in "Transfer Control Protocol"....

And YES is 1 friggen stream of giberish but if you can SEE a drone turn WHILE your recording the damn data stream then you can guess Ohhh well damn... I saw that sucker turn left at 1:00PM so we're gonna try to replay to it from 12:55 in increments of 1 minutes in hope to catch the string containing the proper section of code... Thats what a replay does for ya...

edit on 1-10-2012 by _R4t_ because: (no reason given)



posted on Oct, 1 2012 @ 04:18 AM
link   
reply to post by _R4t_
 




Then if your oh so great care to explain the world how they did this?
www.ae.utexas.edu...


I did answer you above.



Originally posted by OccamAssassin

Originally posted by _R4t_
reply to post by OccamAssassin
 

I'm sure you'll argue with an entire university research team that actually did highjack it spoofing said encrypted signal with a cheap ass built 1000$ transmitter..
www.ae.utexas.edu...

Look at image # 8 from your link.
Now look at the image on the top right of this page .... en.wikipedia.org...
Can you spot any differences?
edit on 1/10/2012 by OccamAssassin because: (no reason given)



posted on Oct, 1 2012 @ 04:25 AM
link   
PS: we're arguing for no fkin reasons, I just read a paper on it and DHS isn't even using encryption in the GPS navigation system of the drones they have... they are using reg civilian GPS... unsure about the military ones but alot of suspicions are pointing toward that Iraq may have used spoofing too...



posted on Oct, 1 2012 @ 04:37 AM
link   
reply to post by _R4t_
 

R4t...You are WRONG! The Global Hawk uses 3 Algorithmic Encrypted Data Streams at the same time. It has a total of 12 possible data streams and these 3 data streams change from one combination of 3 to another combination of 3 rapidly. There is a Chaos based Random Pattern Algorithmic Program which basically changes which of the 3 of the 12 Data Streams will be used at every change.

This means that there is no pattern and it is COMPLETELY RANDOM. Each of the 12 Data Streams has an Identifier so even if someone could hack a GLOBAL HAWKS ALGORITHMIC DATA STREAM WHICH WOULD HAVE TO BE FROM BOTH ENDS SENDING AND REPLY....then if they did this they would have to be able to change the Data Streams at both ends to 3 of the 12 Possible Streams which are a RANDOM GENERATION...then they would have to hack the Algorithmic Encryption that determines length between the changes of which 3 of the 12 will be used and THEN if that was possible...WHICH IT IS NOT...the Hacker would have to know the Flight Protocols as any change in the act of a Attack Run or even tipping the wing in the wrong direction as the Global hawk takes the Sun and Moon and even VENUS into consideration when changing flight vectors as this will prevent reflection upon a wing surface....FACE IT...IT CANNOT BE DONE! Split Infinity



posted on Oct, 1 2012 @ 08:44 AM
link   
This old thread explain things more accuraetly
www.abovetopsecret.com...



posted on Oct, 2 2012 @ 12:48 PM
link   
reply to post by xavi1000
 


Thanks for the post to the alternate thread.... It did a better job than I of explaining the true threat.

As I said before, there are serious breakdowns in the supply chain. Our enemies have found many a modern day trojan horse to get access into critical systems, even those considered "offline."

What annoys me are the posters who walk into a thread like this and say "hey, my daily life hasn't been affected or changed so it must not be too serious!!" Seriously??? It's the apathy such as that which leads to the breakdown of rights, freedoms, and vigilance needed to maintain our security because they don't want to come out of their happy little bubble to understand the real implications of how society is being affected.

*okay....off my soapbox for the day*



posted on Oct, 2 2012 @ 07:29 PM
link   
reply to post by CIAGypsy
 


this is one of the many reasons why its so important for us to get off the grid...im not there yet, but its definetly a goal.

everyday im seeing more cheap options though, as the technology becomes less complicated



posted on Oct, 2 2012 @ 11:26 PM
link   

Originally posted by _R4t_
PS: we're arguing for no fkin reasons, I just read a paper on it and DHS isn't even using encryption in the GPS navigation system of the drones they have... they are using reg civilian GPS... unsure about the military ones but alot of suspicions are pointing toward that Iraq may have used spoofing too...


The bigger problem with regards to hacking drones, at least hacking drones that are used by the military, is how do you hack the other navigational systems? Most prominently, INS (Inertial Navigation System) is apparently used regularly within even civilian aircraft in conjunction with GPS. Since INS regularly calculates the vehicle's position and distance from objectives independently of external references, if a spoofed signal sent it off track it would probably do as Occam said and just autopilot until it received an update.



posted on Oct, 3 2012 @ 12:38 AM
link   
to the people who are saying that they shouldnt or cant cause too much damage remotely, just keep in mind that Iran's centrifuges were damaged from the outside (we know it was probably either Israel or the US or both), and how secure do you think those systems would have been? At least as secure as any domestic power grid, and more than likely much more secure





new topics
top topics
 
27
<< 3  4  5    7 >>

log in

join