Drones: The new attack vector for malware and cybercriminals

Far from being the novelty item they once were, drones now play an important role in industries like manufacturing, agriculture, and construction. They can be used to survey the land, transport materials, and reach areas inaccessible to people.

However, the fact that they’re primarily used for surveillance means they’re an increasingly popular target for hackers. Criminals may even use drones themselves to conduct illegal surveillance activities. Today’s organizations need to prepare themselves for this new attack vector that’s able to exploit air delivery services and deliver malware airborne.

Drones as devices for spying

Until recently, drone attacks were a sandbox for researchers, but that’s not the case anymore. London’s Gatwick airport, for example, was forced to ground flights on December 2018 after drones were sighted flying over the runway. Events such as these have led to many countries introducing strict limitations on drone usage, but that’s not going to be enough to stop criminals from misappropriating the technology. The fact that some drones can see through walls using infrared sensors and 3D imaging causes even greater concern.

Many organizations have areas which are off-limits to the general public and even to certain employees. Given that, it’s important to be able to detect if a drone is operating in the restricted area without authorization. Geofencing can help prevent surveillance through virtual boundaries defined by GPS- or RFID-enabled software. Most drones themselves have built-in geofencing software to let users know if they’re flying into restricted areas, but as with any digitally enabled technology, these can be hacked and disabled.

Another way to prevent unauthorized surveillance is to use radar, which has long been the standard for detecting aerial vehicles. Other methods include acoustic sensors, RF scanners, and thermal imaging. Organizations may also need to train their employees in matters of physical security, including how to recognize drones as a potential threat. While drone-based attacks are still rare, the increasing popularity of unmanned aerial vehicles (UAVs) makes them a growing threat for more innovative criminals, particularly state-sponsored attackers and hacktivists.

How hackers steal data from drones

It’s not just malicious UAVs that companies need to worry about. Companies deploying drones themselves also have to realize that UAVs are another potential entry point to the corporate network. Just like any connected device, drones can be hacked and exploited. Imagine, for example, a hacker gaining control of one of your drones only to deliberately crash it or worse, injure someone in the process. One way this may happen is by transmitting fake GPS signals to make the drone use the wrong location information.

Drone hijacking is just one of the threats your company faces. Attackers may also use your UAVs to gain access into your network, much like with any other connected device. If a drone is hovering outside an office window, for example, it can hijack a wireless device and install malware on the computer it’s connected to. This, in turn, can quickly spread over the network, causing widespread damage and disruption.

Another simple but effective tactic is turning drones into rogue wireless access points. This is possible by equipping them with a small, single-board computer, such as a Raspberry Pi, and creating a virtual wireless network. Unsuspecting users in the vicinity may then connect to the network and unwittingly send sensitive information that’s intercepted by the drone. To protect against the latter attacks, businesses should require their employees to connect only via approved networks and preferably with an enterprise-grade virtual private network (VPN).

While drone-enabled attacks aren’t likely to equal the scale of more conventional attacks, they do increase the potential entry points into a business and must therefore be considered another potential threat which business leaders and individuals alike need to think about.

Considering that cybercriminals continue to find new ways to breach business systems, it’s more important than ever to partner with a managed IT services provider like Online Computers. We offer state-of-the-art cybersecurity solutions and high-quality support to keep a wide array of threats at bay. Call us to ensure your company is safe from the cyberthreats of today and tomorrow.