Story image

Study analyses drones' potential to be weapons of cyber attacks & terrorism

01 Apr 2019

The use of drones and unmanned aerial vehicles (UAVs) in populated areas is often a contentious topic when it comes to privacy, but it turns out they could also be weapons of cyber attacks, terrorism, and crime. That’s according to new research by Fujitsu System Integration Laboratories and Ben-Gurion University of the Negev (BGU).

A study titled 'Security and Privacy Challenges in the Age of Drones' evaluated 200 academic and industry techniques that are used to detect and disable drones that fly in restricted and unrestricted areas.

Those techniques include radar, RF scanners, thermal cameras, sound, and different ways of incorporating those methods. But the biggest challenge, according to the research, is finding out what a drone's purpose is in a non-restricted area.

''The cutting-edge technology and decreasing drone prices made them accessible to individuals and organizations, but has created new threats and recently caused an increase in drone-related incidents,'' explains BGU Cyber Security Research Center researcher Ben Nassi.

''There are many difficulties that militaries, police departments, and governments are seeking to overcome, as it is a recognized threat to critical infrastructure, operations, and individuals.''

Researchers demonstrated that criminals could disguise cyber attacks as a legitimate pizza delivery drone. They could hide the hardware inside the pizza box itself.

''In an unrestricted area, we believe that there is a major scientific gap and definite risks that can be exploited by terrorists to launch a cyber-attack,'' Nassi says. 

''It is inevitable that drones will become more widespread, but we need to recognize that open-skies policy pose multiple risks and that current solutions are unable to solve as a result of a major scientific gap in this area.''

The researchers say that drones should be registered and able to be identified. “This includes dedicated techniques for authenticating drones and their operators.” In the United States, drones are now required to be registered.

''An open-skies policy that allow drones to fly over populated areas pose a significant challenge in terms of security and privacy within society',” adds Professor Yuval Elovici, Nassi’s Ph.D. advisor and director of Deutsche Telecom Innovation Labs at BGU.

In a previous study, researchers demonstrated new ways to detect a spying drone. They say more ways to determine the purpose of a nearby drone must also be developed.

Tech Data to distribute Nutanix backup solution in A/NZ
Tech Data will distribute HYCU Data Protection for Nutanix backup and recovery software to their network of partners across Australia and New Zealand.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.