Impact of Drones on Cybersecurity

Published on October 9, 2022

While there are several forms of drones, the focus of this article is on unmanned aerial vehicles ( UAV).  These vehicles provide immersive experience to user and can be autonomous or  operated manually.

Organisations which own and use drones have to care about selecting the right drones ,implementing and operating in safe manner. However organisations which don’t use drones also have to care about it. Let me explain how and this is also basis of this article.

Crimes committed using drones 

  • Filming of passwords entered into ATM machines
  • Bringing drugs and weapons into correction facilities
  • Reconnaissance of facilities
  • Flying in restricted access areas
  • Drones used in attacking cyber infrastructure 
  • Smuggling of goods

Any of the above crimes can happen with or around any organisation .

Popular Attack Targets

·      Public events

·      VIP or executives  infra /Facilities (Imagine High Gain Microphones dropped near the board rooms)

·      Critical infrastructure

·      Manufacturing sites

Organisations now have to consider risks both from physical and logical security perspective due to the impact of drones to their security posture.

We have seen increasing regulation on usage of drones and in many countries one  has to obtain licences for using certain type of drones. Can you take comfort in the fact that governments across the world are tightening the regulations and as organisations we worry    little less? From time immemorial, when did regulations limit the criminals from doing what they’re good at?

Visibility

There are different ways to detect drones in or near your facilities. Yet some of these technologies have their own limitations including ability to operate in all weather, distances from where it could be spotted, size of the drones, false positives and of course the cost.

Organisations will have to combine multiple solutions to get the desired coverage, right level of detection and operating at all weather conditions -as these solutions are deployed mostly in open environment. Also due care must be followed to ensure these are legal to be deployed in respective countries. 


Drone Detection Technologies

There has been continuous enhancements to enhance the visibility of drones by bringing technologies used in defense space. Usually these technologies have helped to ensure to increase the distance from monitoring drone perspective and accuracy.

Protection

I’m restricting the focus to technologies available to civilians only.  Some of the technologies one can consider include:

Anti Drone Protection Technologies


Also some of the actions one can take like Jamming/Destruction & capture of devices is not available to organisations in certain countries.


Conclusion

Organisations can look at drones as one of the physical threat which facilities team need to  look closely similar to unauthorised physical entry, Electrical Surges etc. 

For IT and cybersecurity teams  this could be  perceived as extensions to wireless monitoring capabilities and ability to detect and thwart rogue devices in the network. Also strengthen monitoring around particularly towards adhoc networks, Bluetooth networks ( PAN ) etc. Also conversations with Legal and Compliance team is recommended as organisations frame their policies and response to intrusions due to drones.

What do you think ? Will this help covering the relevant threat surface due to Drones?