The Next Wave of Botnets Could Descend from the Skies

Robert Lemos from MIT technology review reports a hacking task for a simple platform.

Researchers are developing hacking drones that could build a wireless botnet or track someone via cell phone.

The buzz starts low and quickly gets louder as a toy quadricopter flies in low over the buildings. It might look like flight enthusiasts having fun, but it could be a future threat to computer networks.

In two separate presentations last month, researchers showed off remote-controlled aerial vehicles loaded with technology designed to automatically detect and compromise wireless networks. The projects demonstrated that such drones could be used to create an airborne botnet controller for a few hundred dollars.

Attackers bent on espionage could use such drones to find a weak spot in corporate and home Internet connections, says Sven Dietrich, an assistant professor in computer science at the Stevens Institute of Technology who led development of one of the drones.

“You can bring the targeted attack to the location,” says Dietrich. “[Our] drone can land close to the target and sit there—and if it has solar power, it can recharge—and continue to attack all the networks around it.”

The researchers showed that the drone can even be used to create and control a botnet—a network of compromised computers. So instead of controlling a botnet via a command-and-control server on the Internet—a common technique that can lead investigators back to the operator—the hackers can issue commands via the drone. This method creates an “air gap”—the weak spot represented by a wireless network—that could prevent investigators from identifying those responsible for an attack.

Full story http://www.technologyreview.com/computing/38512/?mod=chfeatured