Commercial drones highly vulnerable to cyber-attacks and criminal misuse
31 July 2017 |
The future of commercial drone technology is significant, but it is equally important for drones of the future to have adequate security in place.
Hackers are developing new technologies and exploits to target drones used for law enforcement, deliveries, filming, and other purposes.
A few days ago, the UK's Department for Transport announced a new regulation that mandated all drone owners to get their drones registered with the state and clear all relevant safety tests.
Applicable to all drones weighing over 250 grams, the regulation aims to control arbitrary usage of drones by amateur users as well as ensuring the security of such devices and the privacy of their owners.
At the same time, the government is planning on geo-fencing critical areas so that people cannot use drones to survey or monitor zones like prisons and airports. No-fly zones can be programmed in all drones using GPS coordinates to ensure that the latter cannot be misused by criminals or enemy states.
However, such issues are only the tip of the iceberg. According to security solutions provider McAfee, 'drone jacking' is among the top potent security threats the world may witness this year. Drones are now being used by almost everyone including law enforcement agencies, media, and farmers and are thus very enticing to cyber criminals who can easily hack into such machines.
McAfee adds that drone exploit toolkits are now finding their way into the Dark Web and advises governments to implement device security standards as well as usage restrictions to ensure the security of drones and critical installations.
Writing for the Scotsman, cyber security expert Nick Gibbons suggests that businesses must consider cyber risk policies available for first and third parties to help protect against business interruption, reputational risks, loss or theft of third party corporate data.
'Hacking of the drone itself or its supporting software may result in either physical misuse or data breaches. Hacking for the physical diversion of a drone carries the potential for personal injury or property damage, actual theft of the drone or indeed, the item it was carrying.
'Theft of data is another real risk, particularly if the drone contains personal or sensitive information, whether customer data included for delivery purposes or footage collected via an attached camera,' Gibbons adds.
He concludes by saying that an outbreak of drone-jacking can be very costly for businesses, especially considering the implications that will follow the rollout of the GDPR in May next year. Businesses should not only invest in drone security technologies but should also invest in effective insurance policies to protect themselves if drone-jackings do occur in the future.