Computer security experts state that dronejacking attacks (malware attacks against drones) may be a dangerous threat in the near future. Continue reading our article to learn more about this proposition.
The Emerging Dronejacking Threat Explained
Experts from McAfee Labs have stated that in the near future hackers might use malware and others types of attacks against drones that are used by individual citizens, delivery companies, law enforcement or camera crews.
Drones are increasingly becoming more and more popular which is a good call for any malicious user. Drones are going to become a major tool for shipping companies, photographers, media and other types of users.
The concept was demonstrated in a security conference this year where researchers demonstrated how a malicious user can execute a “dronejacking” attack which takes over control of a toy drone.
Like the popular IoT (Internet of Things) devices drones also feature abysmal security measures. Hackers can use various types of attacks to take over control of drones and cause a variety of actions:
- Shipping drones can be hijacked to steal delivery packages
- Drones can be used destroyed by manipulating them to crash
- Drones can be manipulated to modify their direction thereby disrupting their commands
- The cameras of the drones can possibly be used for criminal surveillance
Popular businesses and institutions such as UPS and Amazon are expected to use drones for the delivery of customer orders which is a serious security risk if hackers are truly envisioning such types of attacks. A recent example has shown a drone equipped with a full hacking suite that is able to land on the roofs of business, home or critical infrastructure facilities and attempt to hack the target local wireless networks.
The security researchers expect to see dronejacking exploit kits in the coming months available on the underground black markets. The potential damage output and financial gain is considerable. Most consumer drones that are used for aerial photography are expensive and hijacked equipment that can easily be sold on black markets for profit. The security researchers have stated that this could literally mean “making money fall from the sky”.
The researchers have discovered that the majority of discovered vulnerability found through testing can easily be fixed via a software update. And here comes the same problem that is also shared with the majority of IoT devices – most vendors and manufacturers don’t take the time to release any major security updates after the product is released to the market. This is the primary concern why large-scale attacks and botnet networks are formed.