From Drone to Counter-Drone: The Shifting Role of Cybersecurity

Cybertechnology has always been an issue in the drone industry, but its reach is expanding and evolving in multiple dimensions. Traditional cybersecurity concerns in the drone world referred either to the vulnerability of drone data and operations to cyberattacks, or the role that drones played in perpetrating cyberattacks themselves. 

But a new challenge has appeared, shifting the focus from drone to counter-drone. Cybersecurity techniques will play a central role in comprehensive, sophisticated counter-drone defense programs that cover full, end-to-end rogue drone incident detection and mitigation. 

Legitimate Drones’ Vulnerability to Cyberattack

The vulnerability of drones to cyberattacks—such as when internal enterprise drones or external supply chain partner drones are hacked for nefarious purposes—has long been a concern. In 2011, an entire fleet of American unmanned aerial systems (UASs) were infected with a mysterious keylogger. In 2015, drug traffickers succeeded in hacking U.S. surveillance drones at the U.S. border so they could bypass them and smuggle contraband into the U.S. 

Hostile Attacks

A Booz Allen Hamilton report on cybersecurity highlighted the role that external drones could play in corporate or governmental espionage, sabotage and surveillance: “The use of drones as rogue Wi-Fi access points may be one of the most simplistic yet effective tactics for targeting individuals. Drones equipped with a device like a Wi-Fi Pineapple can be placed in proximity to a targeted company and used to harvest credentials, perform man-in-the-middle attacks, and conduct network reconnaissance. Even users connected to legitimate company access points could conceivably be forced to connect to the drone’s Wi-Fi if the target’s network does not prevent forced de-authentications,” the report said. 

The Other Side of the Equation

Drones can be used to initiate a number of attack types, including cyberattacks, terror attacks, collisions, smuggling or surveillance. Which type of counter-drone defense should be deployed by organizations concerned with any or all of these kinds of drone attacks? 

Traditional counter-unmanned aerial systems (C-UAS) technologies, originally from the battlefield, have a role to play in a layered defense strategy, but they are insufficient in sensitive scenarios or urban environments. For example, C-UAS radar often has trouble during detection when they are the main counter-drone component differentiating between small drones and other flying objects. They also are complicated to operate. Radar can generate false positives and C-UAS acoustic detection solutions are often ineffective in noisy environments, especially as drones become quieter. Optical detection solutions are ineffective without clear line of sight.

On the mitigation side, jamming-based C-UAS solutions or hybrid solutions featuring jammers for mitigation emit large amounts of energy to block drones’ controller signals. Jammer-based tools may affect other radio communications, which could pose a threat to nearby broadcasts or security personnel. Jamming solutions do not provide full control, as drone operators can regain control of the drone once the jamming ceases. 

Kinetic C-UAS mitigation methods, which involve shooting down the small UAS (sUAS), are risky in densely populated areas or over crowds because they can cause collateral damage. 

Counter-Drone Cybersecurity for a Safer World

Cyber-based counter-drone techniques can be deployed as the centerpiece of an effective defense against hostile or dangerous drones engaged in attacks, smuggling or espionage. Cyber-based, counter-drone methods can protect resources, safeguard civilians and keep watch on our cities and streets. 

How would it work? It helps to understand the components of a drone system. The ground control station that pilots the drone has two parts: operator and communication links. Meanwhile, the drone itself has a base system, sensors, avionics and communication links that speak to ground control. UASs hold a lot of data—much of it potentially sensitive. 

Cyber-based counter-drone systems can detect and penetrate the unique communication signals used by commercial drones. Once detected, a cybersecurity system can extract the drone identifiers for an identification: Friend or foe (IFF) process that distinguishes between hostile and friendly drones. Such a system can also extract the drone’s position with GPS accuracy, including the take-off position near the pilot, in real-time. 

Emerging Momentum

Harnessing cybersecurity as a cornerstone in a counter-drone defense strategy is gaining industry attention because of the many benefits it offers compared to traditional legacy concepts from the military realm. In the not-so-distant future, our skies will be filled with drones. Pedro Pacheco, senior director analyst at Gartner, predicts that in five years, there will be one million drones carrying deliveries. Drones bring tangible value and benefits to millions around the world and are reshaping the way modern societies function.

Cyber-based C-sUAS systems are unique in their ability to allow authorized drones to continue to operate while hostile drones are detected and then mitigated (or fended off).  

Continuity is also critical. C-UAS mitigation technologies based on jamming and/or kinetic mitigation have achieved limited successes, but these methods are insufficient as a main defense component. They are less suitable for sensitive and challenging environments due to the high risks of collateral damage, interference, disturbance and disruption.

A cyber-based counter-drone takeover system offers complete control of a ‘rogue drone’ situation with no interruptions or collateral damage. The smooth flow of communications, commerce, transportation and everyday life is enabled by surgically precise detection and then takeover/mitigation.

A third benefit is the ability to focus on the actual threat—the most dangerous drones. Not all drones pose an equal threat. Small, short-range drones employed by hobbyists often possess a flight range measured in yards or meters, are controlled by a smartphone and generally will not carry much of a payload. 

But there are longer-range drones with heavy payload capacity and weather and wind resistance that could carry out a significant disruption or attack. In addition to presenting a threat, these drones are technologically advanced and could possess evidence or intelligence. The value of capturing and preserving them rather than destroying them on sight is high. 

Effective cybersecurity systems must employ drone risk analysis, assessment and prioritization that considers drone prevalence, payload capacity and flight range. 

The past involvement of cybersecurity in the drone arena was mostly relegated to drone vulnerability or drone attack. But the innovative benefits of cybersecurity solutions on the other side of the equation have shifted. Cybersecurity is now an important part of the counter-drone solution, rather than the drone problem. 

Avatar photo

Jeffrey Starr

Jeffrey Starr, AlgoSec CMO, has a record of experience in generating revenue and market expansion through visionary business strategy, robust marketing expertise, and insightful executive leadership. Mr Starr’s professional experience covers information, security, compliance, and risk management, and he has held executive roles at fast-growing companies including Cellebrite, Verisk Analytics’ 3E Company, Magic Software Enterprises and Amdocs. He holds an MBA from Harvard and a BA from Columbia.

jeffrey-starr has 2 posts and counting.See all posts by jeffrey-starr