Drone Misuse: A Threat To Be Reckoned With
A recent report published by the Department for Business, Energy & Industrial Strategy (BEIS) through the Regulatory Horizons Council (RHC) and featured in Computer Weekly discussed the UK Government’s desire to progress commercial drone deployment. The report outlined the potential uses of drones and the impact on public acceptance but did not address or give any real analysis of the potential threats involved and any safeguarding recommendations.
Back in 2010, the drone market exploded with the launch of the very first consumer drone, fast forward and the global commercial drone market is projected to reach the size of around 58.4 billion U.S. dollars in 2026 according to Statista.
Advances in drone technology means that drones could have a myriad of applications. Business Insider has cited that the future uses of drones can range from disaster relief, exploration for mining, weather forecasting and surveying in the construction industry, surveillance and to support military efforts.
It seems the sky really is the limit for the scope for drone technology but the inherent risk of drone misuse, especially when applied to military, emergency services or infrastructure where the threat of damage to life or terrorism is implicated, shows there is no capacity for error.
The threat of security breaches and exploitation from rogue sources is a crucial source of concern for the manufacturers, organisations and users alike. The security of these devices is paramount.
As a result, counter-drone technology, referred to in the industry as Anti-Drone or Counter-UAS (C-UAS) is a new and fast evolving sector. Drone monitoring systems are becoming crucial for safety and security across the board.
In simple terms, drone monitoring systems can either be passive (listening) or active (sending a signal out and analysing what comes back). They all typically perform detection, identification, tracking and alerting functions using radio frequency, microphones, optical sensors and radar systems.
These systems are technical and complex and can be very effective. But these technologies are often focussed on protecting an organisation from a drone attack rather than protecting the drone’s data from abuse or misuse. So what's the solution?
Identifying the challenges
The main challenges facing the drone industry are hijacking, identification issues and regulatory compliance. Drone communications with remote controllers are often encrypted. However, the encrypted codes are often the same (i.e. static), which makes it a preferred and easy target for hijacking.
Much like commercial aircrafts, identification is key when multiple aircrafts, both manned and unmanned, are flying, as each device needs to identify and communicate to each other to guarantee safety and mission success. There is currently no standard identification system for drones and its operators which has huge implications for the safety of our skies. The economic cost of an unidentified drone near an airport is 500,000 euros for every 30 mins an airport is stopped from operating.
Aviation authorities such as the Federal Aviation Administration (FAA) in the U.S have started to introduce a number of new regulations as more people own drones, and to give guidance on how to operate drones in a safe and useful manner. One of the key regulations to take effect very soon is Remote ID. This is a new regulation introduced by the FAA and it is the “ability of a drone in flight to provide identification and location information that can be received by other parties”, such as law enforcement. In the UK, it is illegal to fly a drone without registering and passing a theory test, however, there is little enforcement of this and currently no regulatory standard for the identification or communication specifications for drone users.
Prevention is better than a cure
Whilst drone technology is considered to be cutting edge, their purpose is as old as the digital dawn of time - data collection. Whilst Counter-Drone Technology can protect hardware, the latest authentication technology is necessary to fully protect the data it carries.
The introduction of passwordless, two factor and biometric authentication technology are in response to more complex security threats. These can include mobile apps, touch ID, one time password tokens. swIDch’s own OTAC (one-time authorisation code) technology provides secure authentication for all digital identities even in an off-the-network environment. Using a patented IFF (Identification Friend or Foe) solution it can identify and evaluate friendliness of the drones in specific airspace scenarios.
Having data protected by passwordless authentication is a preventative measure and means your data is safe whether there is a threat or not. Whilst many of the potential uses of drones could have a really positive impact on our society, there are significant risks that have not yet been addressed to allow drone usage to be safe, both for the user and for society as a whole.