Drones are still new to the cyber security world, but they are not eliminated from it. Malicious hackers use drones to deploy attacks because they are low in cost and are hard to be detected. There are more tools available for drones now-a-days that are being used by companies for legitimate purposes. With the greater amount of tools, comes a greater need for usage.
Industrial drones have lower security controls than military drones. Many of the attacks that drones are causing are considered to be part of CIA (confidentiality, integrity, and availability).
Confidentiality attacks: stealing confidential data
Integrity attacks: manipulate controls to cause inefficiencies or disabling of alarms
Availability attacks: take a service offline to cause the slowing or stopping of operational processes
From wifi to GPS Spoofing, drones are sometimes just being used to crash into a piece of equipment whether it’s another drone or an aircraft. Some drones are sent to also hack other drones to fight or take control of it or embed malware into it. Malicious drones can also carry a payload to conduct surveillance or capture data. Bluetooth sniffing is another way to steal data from a device, perform RFID (electromagnetic wave) scanning of access cards, credit cards or other sensitive information. GPS Spoofing is a method used to send drones to the wrong address. Carrier drones also exist and allow one to set-up a malicious wifi network that copy an organization wifi network, which in turns allows hackers to see all traffic.
Data being carried by drones:
- flight logs shown where the drone had flown on each trip
- photos and videos taken by the drones during its flight
- live video feeds taken from drones in real-time during flights
- map views from the drone user control feed in real-time
Ways to protect companies:
Geo-fencing the area, using sound wave detection tools or other scanning methods common in counter drone solutions to help keep drones away from the property.
How to protect company drones:
- Keep them updated especially those built with protection against hijacking (security patching)
- Make data transfer unidirectional and protected
- Assign responsibility and accountability for the protection of the OT (operational technology) network
- Add drone security to the current cyber security program
- Keep in a safe and secure place
- Remove SD cards from the device
- Delete data from the camera and Log SD after downloading to the computer
- Delete back-up footage
- Immediately upload after mission
Risk Assessment:
Risk assessment needed for the company who uses them and the individual who pilot them. The risk assessment should cover physical risks, privacy risk and cyber security risks.
Overall, drone security is still new to many. Since drones have the capability to see and detect many things malicious hackers would like to gain access to, that information needs to be secure as well. Drones are being more commonly used because of its cost, benefits and availability of tools. Industrial companies have to find better ways to protect them. Performing simple tasks such as keeping them updated, making them unidirectional for data transfer, securing them physically when not in use, protecting the data they store and making users accountable for them makes them even more vital than before. Without protecting them and their information, companies and/or pilot drivers could be at fault. Knowing ones’ risk when pilot driving a drone may prevent many from wanting to drive one which in turns may reduce air traffic. Understanding best practices and risks when owning a drone can help reduce ones’ risk level and increase need for better controls.
Resources:
Drones and Cybersecurity: An Expert Opinion on Protecting Industry Against Drone and Data Attacks
Hacking Drones: The Cybersecurity Risks You Need To Know
https://www.flyability.com/knowledge-base/cyber-security-with-flyability-drones
MillerOnCyber 