There are some people for whom being told that something is impossible is all the motivation they need. That seems to be the case for Richard Perkins and Mike Tassey, who were told that an in-flight hacking platform was impossible. In response, the pair plan on showing off their off their Wi-Fi hacking, phone-snooping, home-made UAV at the Black Hat and Defcon hackerfests in Las Vegas. They call their creation the Wireless Aerial Surveillance Platform, or WASP.
Built from an old Air Force target drone, the WASP packs a lot of technological power into a flying high-endurance package. A tiny on-board computer (Linux powered, natch) is bristling with hacking tools, along with a custom-built 340 million word dictionary for brute-forcing passwords, the BackTrack suite, a 4G T-Mobile card, an HD camera, and 32 GB onboard storage.
Just what does WASP do with those gigabytes? Originally, it was designed for Wi-Fi penetration — cracking network passwords while loitering above a target area. But the newly upgraded WASP can now trick GSM phones into connecting with its 4G card as if it were a standard cellphone tower. Once connected, the WASP quietly records any phone conversations or text messages while connecting the call via VOIP, thus giving the mark the impression that the call went through normally.
Keep in mind that nothing on the WASP is particularly new. The password cracking techniques have been around for quite some time, and the phone-spoof is based off a trick shown off at Defcon last year. But by placing them on a flying platform, Perkins and Tassey have shown that consumer technology and hacking techniques have progressed to the point where once untouchable targets are now vulnerable. In an enlightening quote from Forbes, they explain:
A military base like Area 51, Tassey points out, is surrounded by more than 25 miles of empty land to obscure it from outside snoops. “With WASP, we can cover that distance in about 20 minutes,” he says. “With radar designed specifically not to see birds, it’s very difficult to protect yourself from an object coming out of the sky and flying low.”
Not that they would ever dream of taking on Area 51, of course. Tassey and Perkins are both respected security researchers with lives and day jobs. Even when testing the hacking capabilities of the WASP, they took pains to ensure that they stayed within legal boundaries. They seem to have that motivation that has driven so many geeks, engineers, and tinkerers: Just to see if they can pull it off.