Surveillance Drones Easily Hacked

Surveillance Drones Easily Hacked

A security researcher from IBM has said that a $20,000 to $35,000 police drone used for surveillance can be hacked with a $40 kit.

Vulnerabilities of the flying machine allow it to be controlled or knocked out of the sky within a mile range. Findings were presented at the RSA security conference in San Francisco on March 2.

Security researcher Nils Rodday showed how flaws in the security of the drone’s radio connection allowed him to take full control over the unmanned machine with just a laptop and a cheap radio chip connected via USB. By exploiting a lack of encryption between the drone and its controller module, any hacker who’s able to reverse engineer the drone’s flight software can impersonate that controller to send navigation commands while blocking commands from the drone’s original controller.

Rodday, who works with IBM but conducted the drone research while working as a graduate researcher at the University of Twente in the Netherlands, won’t reveal the specific drone he tested or who sells it. He hinted, however, that the drone did have a flying time of about 40 minutes and that it was deployed by many police and fire departments.

Rodday has alerted the drone’s manufacturer to the security flaw s he’s found, and the company plans to fix the issue in the next version of the quadcopter that sells. Since the drones don’t connect to the internet, there isn’t an easy fix for those that have already been manufactured. They can’t just download the new upgrade like we do with our iPhones.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.