Presented at
DEF CON 22 (2014),
Aug. 8, 2014, 4 p.m.
(60 minutes).
The coupling of unmanned aerial vehicles (UAVs) with hacking & surveillance devices presents a novel way to track and profile individuals, as well as attack infrastructure. Whilst there have been numerous stories of stunt-hacking (attaching any existing hack to a flying toy) our research aimed to be practical and add use beyond the capability of ground based units. In this talk we will discuss how people are already and unwittingly being tracked and surveilled by private, law enforcement, and military organizations. We will then present and demonstrate Snoopy, a mass data collection and correlation framework that uses information leaked from the wireless devices that people carry. The framework identifies, tracks, and profiles people by passively collecting wireless information from devices, as well as optionally interrogating devices for further information. We will then discuss the advantages of having Snoopy attached to a UAV and present data and scenarios where altitude and speed are beneficial. Furthermore, we will demonstrate aerial hacking capabilities against both client devices and more generic infrastructure. Expect audience interaction, tool releases, and Snoopy drones / t-shirts / stickers to be handed out for good audience questions.
Presenters:
-
Glenn Wilkinson
- Security Analyst, SensePost
Glenn is a Zimbabwean currently working for SensePost's UK office as a security analyst. His research has been presented at security conferences such as Black Hat (Las Vegas), 44Con (London), ZeroNights (Russia), and Hackito Ergo Sum (Paris). As a Rhodes Scholar, he holds two master's degrees from the University of Oxford.
Links:
Similar Presentations: