Discuss as:

Botnets descend from the skies

Stevens Institute of Technology

A slightly modified off-the-shelf toy drone can be used to hack into wireless networks and build a botnet, cybersecurity experts have demonstrated.

The next time you visit a city park, you might want to be wary of the hipsters in charge of cool-looking remote-controlled helicopters. They could be botmasters aiming to wage a cyber attack via the smartphone in your pants.

"The coolness factor is actually an attraction for attacks," Sven Dietrich, a computer scientist at the Stevens Institute of Technology in Hoboken, N.J., told me Friday.

Dietrich is a cyber security expert who built a proof-of-concept drone that can build a network of compromised computers, called a botnet, by hacking wireless connections to get access to computers.


Botnets perform activities such as distributed denial-of-service attacks, click fraud, identity theft, and cyber war. They are run by botmasters who usually gain access to the botnet via the outside, such as broadband cable or DSL connection.

Wireless networks are, traditionally, much less secure than more heavily guarded broadband connections. Most people view wireless networks as not extending beyond their walls and thus less vulnerable.

"That's where we come in. We come in from the unexpected side," Dietrich said. "We recruit systems by flying from wireless network to wireless network."

They do this with a drone called a quadricopter that is available for less than $400 at gadget stores. Dietrich and his colleagues loaded it up with a couple hundred dollars worth of off-the-shelf computer hardware and software that they customized a bit. Total cost: $600.

This drone is controlled with an iPhone or Android over a 3G network and is equipped with GPS and cameras so that its controllers can see where it is even when it is out of physical sight.

In concept, malicious controllers — botmasters — can land the drone on an apartment building or corporate office and gain access to computers via wireless networks and set up a botnet.

The network is built over the course of a couple of flights. The first flight identifies and collects information on vulnerable networks. The information is then sent off to a cloud computing service such as Amazon EC2 to crack the WEP and WAP wireless security codes.

Then, the drone is flown back and "attacks those vulnerable systems," Dietrich said. "Once we've broken in, as in we've broken the wireless security, we can then proceed to attack the systems that are behind it."

Botmasters who operate in this way are hard to catch since the drone creates a "disconnect between the botmaster and the attacking system," Dietrich added.

In fact, the only way to catch the botmasters is to see them flying the drone or capturing the drone itself. But a captured drone won't have much incriminating information on it, he noted, since it won't tell you what systems are where.

Protection from these sorts of attacks begins with tightened security on wireless networks and further tightening of security of the systems behind the router.

While people and corporations are increasingly taking such steps, many of us don't think much about it when walking around with a smartphone in our pants, which is what makes those hipsters controlling those helicopters at the park suddenly kind of creepy.

"Here I am at the park flying the drone as a toy and people are (gathered) around me, or the drone, and they are moving within the range of its attacking capabilities," Dietrich explained.

For example, the drone can be used to perform what's known as the Café Latte attack, where the drone tricks your smartphone into connecting to it by pretending it is your home or office network that your phone is configured to seek and automatically connect to.

"So the drone actually acts as a magnet by curiosity for people being attacked," he said.

More on cybercrime:

Hat tip to Technology Review

Dietrich and his colleagues presented the details of their drone, called SkyNet, at the USENIX Security Conference in August.

John Roach is a contributing writer for msnbc.com.

To improve results for voice search, Google compiles huge databases of speech samples, so that computers can learn the language for themselves — and understand you're asking for.