From the hobbyist looking for exciting recreation, to air force commanders coordinating military campaigns, Unmanned Arial Vehicles (UAV) – otherwise known as drones – have permeated our everyday lives. As one might expect, where there’s emerging technology based on wireless computer communications, cyber security issues are sure to follow.
Historically, security has followed technology as little more than an afterthought, with predictable results as one hack follows another. Currently drones, even military grade, are developed to maximize flight time, maneuverability, and payload capacity while minimizing production and operational costs. With the focus on efficiency, very little forethought has gone into considering potential attack vectors or uses of a hijacked drone.
Drones Already a Target for Hackers Who See the Potential for Cybercrime
The potential for data breach disaster for drones has been going on for as long as drones have been around. No sooner had Jeff Bezos announced Amazon’s launch of parcel delivery via drones than noted Myspace hacker, Samy Kamkar, announced that he created a software package designed to hack into drones and take over their operational functioning.
In November 2018, DJI, a popular manufacturer of quadcopter drones, revealed that it patched a vulnerability that would allow hackers to intercept drones and compromise data that, in addition to live feed and location data, included:
- Images and video taken by the drone
- User account information
- Flight logs with location data
The potential for account takeover is frightening wake-up call to the privacy and security issues tied to the public drone market.
Early in 2016, US patrol drones were easily redirected from their flight path to allow drug traffickers to cross the US-Mexico border with impunity. Another security researcher demonstrated with ease how hackers can exploit a drone’s “telemetry box” and take over law enforcement drones from more than a mile away. Because attackers are able to find and exploit design and production-level vulnerabilities, the imperative of cyber security officials, engineers – even top managers – is to create a detailed drone threat model at the initial design stages.
Why an Integral Drone Threat Model is Needed
Cybersecurity as an afterthought has left drones wide open to cyber threats. This is why a developers need to incorporate a proactive drone threat model during the design and prototyping phase.
For decades, organizations have developed and implemented software with security as an afterthought. This has allowed cyber criminals to successfully mount spectacular breaches costing targeted companies hundreds of millions and exposing the individuals to inestimable potential collateral damage. If our cyber security history offers any lessons, it’s that patching the vulnerabilities after the exploit is a costly cat-and-mouse game where the attackers control the game dynamics.
Threat modeling is a way of changing the game dynamics by approaching the emerging technology like an attacker: considering potential vulnerabilities and nefarious uses during the design and production stages so that effective countermeasures and security protocols can be integrated into the new software or hardware before the first unit is produced.
Think Like an Attacker
In building a drone threat model, you must start thinking like an attacker. Why would an attacker exert the effort and take the risks of seizing control of a drone? The first thing to consider is that drones are, by design, aerial vehicles often with some manner of payload. By seizing control of the drone, you have at your disposal both the drone and any payload it was carrying.
The payload can be stolen or tampered with in such a way so as to be weaponized. A person anticipating delivery of a legitimately ordered parcel receives instead a bomb, a life-threatening toxin, or an extortion or ransom demand.
The drone itself, because it is an unmanned aerial vehicle and depending upon its size, can be used as a flying weapon against motorists or pedestrians, or loaded with a weaponized payloads and flown to specific targets. The drones can just be forced to crash, damaging both the drone and its payload. Drones can also be breached for their flight data, which contains geolocation information, product information, and flight path histories.
If designers and programmers can visualize the threats that a compromised drone poses and the vectors by which attackers can potentially exploit a drone’s systems, they can then consider and evaluate reasonable defenses against those threats.
Exploiting Drones to Monetize Victims
Professional cyber attackers do what they do for one of two reasons: either to target an individual or a specific group with the intent to do harm, or to covertly gather information which can be monetized. Drones and their easily exploited vulnerabilities provide a vast new array of opportunities for malicious actors.
Some drones, such as those used for law enforcement and border patrol, carry a payload of sophisticated visual and electronic surveillance equipment. Such equipment, in legitimate hands, is intended to keep citizens safe and aid in the capture of criminals. But the data feeds and communications of drones are easy to override, putting the drones into the hands of stalkers, drug traffickers, corporate spies and thieves hoping to look over your shoulder as you conduct an ATM transaction. Likewise, data gathered by law enforcement agents can be stolen or redirected.
Building an effective drone threat model requires that you think about how information can be breached and monetized or used to harm specific individuals.
Understand the Creativity Level Involved in Compromising Surveillance Drones
A key difference between a novice who understands the basics of the game and a seasoned chess master is how far ahead the master thinks compared to the novice. The same is true of cyberattackers. There are those whose sole purpose is to make an immediate profit or find an attended assault target. Then there are those who creatively strategize beyond the lure of a quick result, looking for game-changing advantages and long-term gains.
To what end, then, could a misappropriated surveillance drone be creatively employed? Understanding criminal creativity provides insights to potential attack vectors and misappropriated uses necessary for an effective drone threat model.
The rapid advancements in hardware technology has brought UAVs out of the exclusive domain of the military and increasingly into our common experience. By incorporating an effective drone threat model during the early stages of development, security and attack countermeasures can be integrated at an early stage. The end result will be a new class of drones that are both economical and secure.
Create a Drone Threat Model in ThreatModeler™
ThreatModeler™ makes it easy to produce consistent, actionable threat modeling outputs. Users simply need to create a Visio-like diagram. ThreatModeler’s advanced threat framework – automated by the Intelligent Threat Engine and Centralized Threat Library – does all the rest.
Drones pose a unique threat to privacy and safety. A steady stream of requirements from state and federal regulators, combined with internal security policy, make ThreatModeler an ideal security application. Schedule a live presentation of ThreatModeler™. You can also contact us to speak with a threat modeling expert.