Provided that Iran was indeed able to pinpoint the drone overhead, the next step – jamming the GPS signal – might have been comparatively easier, US experts say.
"We have known about the weakness of GPS signals since we invented the system," says retired Air Force Lt. Gen. Harry Raduege Jr., now chairman of the Deloitte Center for Cyber Innovation. "This is not like a surprise or revelation to us."
But he and others say jamming at such high altitudes is no easy feat. Iran would have to have a very sophisticated electronic-warfare group to identify and continuously jam an encrypted signal between a drone and the satellite – and it would have to have been jammed for a long time at high altitudes, they say.
The toughest trick, though, would come in the third step: commanding the drone to land in Iran. Even if Iran managed to jam the drone’s communications, the drone would have gone on autopilot, retracing its steps back to the Afghan base from which it took off. To override this function, the Iranian team would have had to offer fresh commands.
"The problem is that the GPS signals used for this bird are encrypted, which creates a whole level of complexity to take it over," says Mr. Bumgarner.
The Iranian engineer said his team accomplished this by making the hack as simple as possible. The team found a location in Iran that shared the same altitude as the Afghan base, as well as one of the same landing axes (longitude or latitude). That means the team only needed to change one axis to have the drone land in Iran. He said Iran used information gleaned from the capture or shooting down of several nonstealth drones in recent years, which have similar navigation systems.
A new Air Force report from April, leaked this week, also indicates serious vulnerabilities and ways to hack into and "spoof" encrypted military GPS systems.