Now Reading
Hacking Drones Close to Being Drawn up by Boeing and Hacking Team

Hacking Drones Close to Being Drawn up by Boeing and Hacking Team

by Ali RazaJuly 21, 2015

Leaked emails between Italian spyware vendor Hacking Team and Boeing subsidiary Insitu revealed that drones carrying malware to infect targeted computers via Wi-Fi by flying over their proximity is close to becoming a reality.

Spyware-carrying drones were being discussed by Insitu, a division of Boeing and now-disgraced malware firm Hacking Team, according to leaked emails from the recent breach of the Italian company which have been posted on WikiLeaks, Engadget reported.

It was only the failure to come to terms over a non-disclosure agreement that kept Insitu and Hacking Team ‘teaming up’ together in order to create the malware infesting drone.

Early conversations took place regarding the inception and the possibility of a spy drone created by Boeing’s aircraft expertise, carrying malware that Hacking Team is notorious for. The concept was designing a drone capable of intercepting communications and hacking on-the-fly, via Wi-Fi. Discussions didn’t get far, however, when lawyers representing both companies couldn’t see eye-to-eye on a viable non-disclosure agreement.

Drone HackedThe Talks Behind the Flying, Hacking Drone

Initial discussions kicked off when Giuseppe Venneri, a mechanical engineering graduate from UC and internee at Insitu took notice of Hacking Team’s “Galileo”, a piece of hardware otherwise known as the Tactical Network Injector. This is essentially designed to infiltrate networks and insert the malicious code via Wi-Fi networks to launch man-in-the-middle attacks and other exploits.

Venneri wrote to Emad Shehata, Hacking Team’s key account manager, stating:

We see potential in integrating your Wi-Fi hacking capability into an airborne system and would be interested in starting a conversation with one of your engineers to go over, in more depth, the payload capabilities including the detailed size, weight, and power specs of your Galileo System.

Shehata replied by sending in the standard Hacking Team NDA, to which Venneri responded with Boeing’s own PIA (Proprietary Information Agreement) which the intern noted “must be signed before we engage with potential partners.”

“Signing our PIA (attached) will dramatically shorten the authorization process at our end,” Venneri added. “Let me know if you are willing to sign our document to engage in conversations with us.”

It was at this point when Hacking Team’s Chief Operating Office Giancarlo Russo stepped into the conversation, taking the authority and stating: “I saw your document and it will require additional legal verification from our side regarding the applicability of ITAR and other U.S. Law,” he said. “In my opinion, for a preliminary discussion our non-disclosure agreement should be sufficient to protect both companies and as you will see it is including mutual provision for both parties and it will make things easier and faster for us.”

Venneri’s response was short and succinct: “If you are unable to review/sign our form, know it will take some time on our side to seek approval from our Boeing parent. Are you willing to consider our form?”

Communications went quiet for about a month after this exchange and Venneri sent in another email on 11 May 2015: “We corresponded with you about a month ago and were unsure about the progress going forward with preliminary discussions regarding any future collaborations. If you could please reconsider our mutual PIA, know that the questionnaire at the beginning of the document is just for gathering information and has no impact on the PIA itself. We have lots of Non-US companies under our PIA. If you or your legal team have any requested changes to our PIA please don’t hesitate to add them in the attached document.”

This was the last known correspondence taken from the leaks which came from the data breach two months later in July 2015. All NDAs are have been rendered obsolete and ineffective due to the Hacking Team hack.

Images from Wikimedia Commons and Shutterstock.

Advertised sites are not endorsed by us. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
What's your reaction?
Love it
Hate it
  • This was the first purpose I thought drones would have.

    • Micheal Justin

      there would be drone pizza delivery in the future, except people would shoot down the drones to get the pizza.

  • Sunspot369

    How sad humans are -here we have all this wonderful technology, and all we can seem to do with it is wage war. Oh well, the humans will be extinct soon, through climate disaster or unleashing the nukes, so I guess it doesn’t really matter any more, but the potential for so many to live wonderful lives has always been there if we weren’t so greedy and willing to screw over the person next to us.

  • Eddie Smith

    This will present grounds for justification in blasting someones expensive drone out of the sky, it’s going to cause all kinds of problems which could result in draconian restrictions on drones.

    • Sunspot369

      We’ll see – it’s a multi-billion dollar, rapidly growing industry, and money is what’s more important.

    • JessicaEndi

      Well three things.

      First, it’s Boeing, not DJI. So you’re not going to be “blasting” anything out of the sky if it’s flying at 20,000′ and a couple hundred miles an hour.

      Second, I 100% guarantee that you are not interesting enough to be worth spying on.

      And third, anyone with a laptop and an hour to kill can already break into your network pretty easily.

      • What WiFi network is reachable from “20,000′ and a couple hundred miles an hour.” ??? I can barely connect from my bedroom to the den.

        • Malik Nawaz

          Scenario that Isitu wants to create is to fly the drone to a targeted premises and hover over the roof top close enough to sniff target’s wifi connection. A sniffer with high gain antenna can capture wifi packets up to 50 meters distance, then send ARP attack and do man-in the-middle attack. Best is to use a WIPS sensor to disrupt drone frequency and bring it down or protect your own wifi. Shooting drones down is not the answer, its not logical.

      • Shawn Paul Neckelmann

        What WiFi is broadcasted 20,000′? An hour to break into your network?

        Sorry but you don’t know what you’re talking about.

      • Eddie Smith

        Where did I claim to be doing any of these things? I just postulated a possible conflict, Jesus, turn the smarminess down a notch before you hurt yourself.

  • god

    Boeing = Skynet. It’s here folks.

  • Mic Justin

    It’s gonna be cool when the southern states start passing laws allowing you to shotgun drones flying over your property.