Foxnews.com – Drones, Malware and a Continued Lack of Infosec – Rinse and Repeat

A couple of years back we reported on Skygrabber and the Predator drones. https://blogs.csoonline.com/it_is_not_a_hack_if_there_is_nothing_to_hack

Now we have malware in the ground control stations which seem to run the old Sun Sparc 10 as the main systems. Keystroke loggers, trojans, air gapped systems that are not, malware that cannot be removed without a bare metal wipe; all characteristics of the event. (Treadstone 71 interview on Foxnews: https://video.foxnews.com/v/1212998285001/how-do-we-police-hackers/ )

How the Predator works so you get an undrstanding on the intelligence, surveillance and recon activities: https://science.howstuffworks.com/predator6.htm

The host-based security system (HBSS – https://www.disa.mil/Services/Information-Assurance/HBSS ) used to protect these devices somewhere in the defense in depth environment seems to have failed. Looks like it is McAfee based upon the admission online at the link above:

End of Life Notice: Policy Auditor 5.2

DISA and McAfee no longer support the use of Policy Auditor 5.2. It is recommended that you visit the HBSS Patch Repository and update your installation of HBSS.

More information on the Ground Control Stations is here https://www.globalsecurity.org/intell/systems/uav_gcs.htm  At least this does not coincide with Global Hawk and Darkstar.  The Predator is the least sophisticated of this type of drone. Let’s just hope we have not, once again, lost the family jewels.  Would not be much fun to have the remote control capabilities shifted back against our own troops. 

Cyber espionage still in the works…

Rinse and repeat.