Drone hacking: threat actors capitalize on fast-growing market

Drones pose an increasingly bigger threat to organizations since threat actors exploit the technology for surveillance and kinetic operations and hack into enterprise-owned drones, causing monetary loss and reputational damage.

Criminals can deploy a drone to visually map out physical security barriers before a robbery and smuggle drugs, cellphones, or weapons into prisons. High-security objects, including prisons, usually use drone monitoring devices. However, drone contraband deliveries have an alarming success rate.

According to research by Cybernews, the global retail drone market is expected to reach $90 billion by 2030. Given that cybercriminals are following and exploiting the booming market, it is vital that enterprises are aware of the risks and able to respond to these threats.

Aerial trespass is just one example of how malicious actors exploit the technology. Cyberattacks against enterprise-owned drones are another common attack vector.

“Common attacks against enterprise drones include platform takeover, where an attacker uses RF, Wi-Fi, or a subscription service like Aerial Armor to detect flight paths of a drone in a geographical area, perform de-authentication attacks, take over control of the drone and land the stolen drone in a location of its choosing,” cybersecurity researcher Adam Kohnke said.

From there, attackers can physically remove the onboard storage and pilfer the contents, even introduce malware via the SD card port, and then leave the drone for its owner to find.

“Cybercriminals may also attempt to poison the geolocation instructions or Return To Home (RTH) coordinates of the drone to intentionally damage the aircraft or use it for other nefarious purposes causing the enterprise monetary damages in lost drone equipment, legal trouble, and reputational harm,” Kohnke added.

Threat actors exploit legit pentesting tools to hack into drones. Experts use platforms like Dronesploit and Danger Drone to test the effectiveness of drone defenses and eliminate attack vectors. Unfortunately, malicious actors turn these legitimate tools into weapons.

What is more, drones are currently classified as both aircraft and networked computing devices.

“From a malicious drone operator perspective, this inherently grants a high level of advantageous legal ambiguity and protection to criminals operating drones as counter-attacking efforts taken by victims may violate protective regulations or laws applicable to aircraft, but also anti-hacking laws meant to provide protections to personal computers, their data, and networks,” Kohnke said.

Another research by Cybernews revealed how the booming drone market poses a more significant threat to our privacy. Used by the military, businesses, and consumers, drones are “fundamentally changing aviation.” Therefore, the US introduced remote ID – analogous to license plates for drones – to identify owners of all drones in case they are flying in an unsafe manner or where they are not allowed to fly.

Within the United States alone, nearly 300,000 commercial pilot licenses have been issued as of 2022, compared to nearly 1 million individual drones that have been registered with the Federal Aviation Authority(FAA) per weight and commercial compliance rules.

In China, the retail drone market reached $15 billion in 2021, with projections to exceed $22 billion by 2024. There are more drone pilot licenses issued throughout China than in the United States, with over 780,000 registered pilots and close to 850,000 registered drones.

The Biden Administration blacklisted Chinese DJI for its alleged involvement in the surveillance of the Uyghur Muslim minority in China. The US Defense Department added DJI and a dozen other companies to a list of Chinese entities believed to be connected to the Chinese military.