Skip to main content

Drones Hacked? The Cost of No Security

(Wall Street Journal) Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations. Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes' systems. Shiite fighters in Iraq used software programs such as SkyGrabber -- available for as little as $25.95 on the Internet -- to regularly capture drone video feeds.

This silly security breach got a chuckle but is deadly serious business. It could literally cost some soldiers their lives. One wonders about the deadlines and contraints that lead some project manager to say "We don't have time for that fancy security stuff the designer wants to include, and what backwoods dirty militant is going to have the brains to do go after our drones. We'll worry about security in the next version."

SOA and Web Services allows quick and easy exposure of important system and application functionality. Integration can be fast and easy. Security and control are seen as overhead, and frequently avoided by the development team just trying to get the job done (under tight time and budget constraints).

An example: A major annuities (insurance) application for a top 10 insurance company needed to be connect to the customer service web site. A series of web services were quickly created, adhereing to standards for transaction and data formats. But, SSL was avoided because of concerns over processing overhead. Basic clear text security was placed on the services, mostly to prevent accidental connection between test and production servers.

Two years later the application was moved from one outside hosting vendor to inside the company network, but the web servers were placed into the DMZ (the network zone allowing access from the internet). Because web services commonly route through the web server, this meant that the unencrypted clear-text password services were now routing out from the company network to the internet, then back in to the DMZ. Meaning company business traffic was traveling unencrypted over the internet.


- Encrypt your data! Encryption overhead is (with today's processors) minimal, and you can never be sure exactly what path your service may travel (now and in the future). Even further, much hacking (sniffing) occurs from inside the network, from an employee or accessing a company network port.

- Service access control is critical! Obscurity is not security.

- Validating the source of requests is also important!

Security doesn't happen accidentally or by itself. It has to be planned, will require some tools (such as Amberpoint or IBM Datapower or Intel SOA Expressway), time and budget.

After all, you don't want the enemy watching your survellience video. Or the hackers accessing your business transactions.

Popular posts from this blog

Integration Spaghetti™

  I’ve been using the term Integration Spaghetti™ for the past 9 years or so to describe what happens as systems connectivity increases and increases to the point of … unmanageability, indeterminate impact, or just generally a big mess.  A standard line of mine is “moving from spaghetti code to spaghetti connections is not an improvement”. (A standard “point to point connection mess” slide, by enterprise architect Jerry Foster from 2001.) In the past few days I’ve been meeting with a series of IT managers at a large customer and have come up with a revised definition for Integration Spaghetti™ : Integration Spaghetti™ is when the connectivity to/from an application is so complex that everyone is afraid of touching it.  An application with such spaghetti becomes nearly impossible to replace.  Estimates of change impact to the application are frequently wrong by orders of magnitude.  Interruption in the integration functioning are always a major disaster – both in terms of th

Solving Integration Chaos - Past Approaches

A U.S. Fortune 50's systems interconnect map for 1 division, "core systems only". Integration patterns began changing 15 years ago. Several early attempts were made to solve the increasing problem of the widening need for integration… Enterprise Java Beans (J2EE / EJB's) attempted to make independent callable codelets. Coupling was too tight, the technology too platform specific. Remote Method Invocation (Java / RMI) attempted to make anything independently callable, but again was too platform specific and a very tightly coupled protocol. Similarly on the Microsoft side, DCOM & COM+ attempted to make anything independently and remotely callable. However, as with RMI the approach was extremely platform and vendor specific, and very tightly coupled. MQ created a reliable independent messaging paradigm, but the cost and complexity of operation made it prohibitive for most projects and all but the largest of Enterprise IT shops which could devote a focused technology

From Spaghetti Code to Spaghetti Connections

Twenty five years ago my boss handed me the primary billing program and described a series of new features needed. The program was about 4 years old and had been worked on by 5 different programmers. It had an original design model, but between all the modifications, bug fixes, patches and quick new features thrown in, the original design pattern was impossible to discern. Any pattern was impossible to discern. It had become, to quote what’s titled the most common architecture pattern of today, ‘a big ball of mud’. After studying the program for several days, I informed my boss the program was untouchable. The effort to make anything more than a minor adjustment carried such a risk, as the impact could only be guessed at, that it was easier and less risky to rewrite it from scratch. If they had considered the future impact, they never would have let a key program degenerate that way. They would have invested the extra effort to maintain it’s design, document it property, and consider