sb-as logo
Story image

Study analyses drones' potential to be weapons of cyber attacks & terrorism

01 Apr 2019

The use of drones and unmanned aerial vehicles (UAVs) in populated areas is often a contentious topic when it comes to privacy, but it turns out they could also be weapons of cyber attacks, terrorism, and crime. That’s according to new research by Fujitsu System Integration Laboratories and Ben-Gurion University of the Negev (BGU).

A study titled 'Security and Privacy Challenges in the Age of Drones' evaluated 200 academic and industry techniques that are used to detect and disable drones that fly in restricted and unrestricted areas.

Those techniques include radar, RF scanners, thermal cameras, sound, and different ways of incorporating those methods. But the biggest challenge, according to the research, is finding out what a drone's purpose is in a non-restricted area.

''The cutting-edge technology and decreasing drone prices made them accessible to individuals and organizations, but has created new threats and recently caused an increase in drone-related incidents,'' explains BGU Cyber Security Research Center researcher Ben Nassi.

''There are many difficulties that militaries, police departments, and governments are seeking to overcome, as it is a recognized threat to critical infrastructure, operations, and individuals.''

Researchers demonstrated that criminals could disguise cyber attacks as a legitimate pizza delivery drone. They could hide the hardware inside the pizza box itself.

''In an unrestricted area, we believe that there is a major scientific gap and definite risks that can be exploited by terrorists to launch a cyber-attack,'' Nassi says. 

''It is inevitable that drones will become more widespread, but we need to recognize that open-skies policy pose multiple risks and that current solutions are unable to solve as a result of a major scientific gap in this area.''

The researchers say that drones should be registered and able to be identified. “This includes dedicated techniques for authenticating drones and their operators.” In the United States, drones are now required to be registered.

''An open-skies policy that allow drones to fly over populated areas pose a significant challenge in terms of security and privacy within society',” adds Professor Yuval Elovici, Nassi’s Ph.D. advisor and director of Deutsche Telecom Innovation Labs at BGU.

In a previous study, researchers demonstrated new ways to detect a spying drone. They say more ways to determine the purpose of a nearby drone must also be developed.

Story image
BlueVoyant acquires Managed Sentinel, builds out Microsoft MSS offerings
“Combining Managed Sentinel’s Azure Sentinel deployment expertise with BlueVoyant’s MDR capabilities will help customers operationalise and maximise Microsoft security technologies."More
Story image
Fujitsu new tech ensures inter-business data trust
The technology can verify when and by whom the data was created, and whether it has been tampered with, to ensure trusted data exchange.More
Story image
Video: 10 Minute IT Jams - Security expert discusses changing cyber-attacker behaviour
In this Jam to SonicWall senior manager of product marketing Brook Chelmo, who talks about the specific changes in cyber-attacker behaviour he's seen unfold this year, as well as some best practices that should be employed by CISOs to combat increasing risk profiles.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
One in five employees download commercially sensitive files onto personal devices
Of these respondents, 40% admitted that the devices either had no password protection or no up-to-date security installed.More
Story image
Interview: How cyber hygiene supports security culture - ThreatQuotient
We spoke with ThreatQuotient’s APJC regional director Anthony Stitt to dig deeper into cyber hygiene, security culture, threat intelligence, and the tools that support them.More