Home Resources Latest News & Insights Spy in the sky

Spy in the sky

The use of commercial drones in Australia is growing exponentially. The technology can deliver big benefits but also poses cybersecurity risks.
Published: 18/07/2024
Cyber Insurance
loading...

Rise of the machines – the cybersecurity threat of drones 

It wasn’t that long ago that unmanned aerial vehicles – UAVs or drones – were the stuff of science fiction. Today, drones can be seen in the skies right across the country. While there are numerous recreational drones hovering around parks over the weekend, the commercial application of the technology has really taken off. 

Drone technology is being harnessed by all manner of industries for all kinds of purposes – from surveying rooftops to mine sites, monitoring crops to coastlines, delivering pharmaceuticals to pizzas. Then of course there are the military and security applications. 

The global proliferation of drones has been rapid and significant. It is estimated the size of the global drone market will hit US$67.64 billion by 2029, with the number of drones produced set to grow from two million units in 2021 to 6.5 million in 2030. 

The Australian market for commercial drones is growing apace. According to Statista, the revenue generated in 2024 amounts to US$98.1 million, with annual growth forecast at 2.08%. The volume of drones is expected to reach 190,300 pieces by 2028.   

A report by Scyne Consulting for Air Services Australia notes that approximately 1.5 million drone flights will take place this year. Drone flights are projected to grow on average by 20% per annum over the next 20 years, culminating in around 60.4 million flights each year by 2043. 

According to the Sizing the future drone and advanced air mobility market in Australia report, by 2043: 

  • The total number of drone flights will be around 60 million. 
  • The total number of flying hours will rise to over 15 million. 
  • Over 3.5 million flights will monitor protected areas, coastline and wildlife. 
  • Farmers will make almost 500,000 flights to monitor and support their crops. 
  • Surf lifesaving clubs will be supported by almost 80,000 annual drone flights. 
  • There will be over 500,000 medical deliveries. 
  • Just over 1.5 million food deliveries will be made across Australia. 
  • Around 310,000 drone flights will be used to support frontline policing. 
  • The mining industry will operate almost 500,000 drone flights. 
  • Goods deliveries will reach 46 million – growing at a CAGR of 31%. 
  • Almost one million passenger transportation flights per year. 
  • Approximately 100,000 patients will be transported using drones. 

Currently, drones are mostly used in the agricultural and mining industries, and for surveying properties.  

In the years to come, growth in the drone industry in Australia is expected to be driven by the transport and logistics industry, with the devices being used for goods deliveries – an industry that is projected to grow exponentially over the next 20 years. Transport and logistics are forecast to account for 77% (45.7 million) of all drone flights in 2043. The industry will be dominated by goods delivery such as takeaway food, groceries, last-mile parcels, B2B deliveries, prescription medication, blood delivery and pathology samples. Passenger transportation will also be included later in the 20-year horizon.   

It is also forecast that industries already implementing drone technology will steadily increase its use over the next 20 years. By 2043, the three largest industry groups (outside of transport and logistics) are expected to be safety and security, environment, and agriculture. 

Cybersecurity threat 

Businesses are leveraging drone technology for increased efficiency and data collection. Although there are numerous benefits for business, drones also pose a cybersecurity threat. 

As the technology behind drones continues to advance and their popularity in commercial applications grows, so does the potential for cybercriminals to exploit them. 

With the emergence of new technologies, such as autonomous flight capabilities, drones are vulnerable to a variety of cyberattacks. 

This vulnerability is in large part due to the drone’s reliance on wireless communications and the tendency for the drone to be operated from a distance. They are therefore more susceptible to interception, spoofing, and hijacking. In addition, the data transmitted between the drone and its operator can be intercepted and used to gain access to sensitive information or networks.  

Put simply, the drone can be hacked or used to hack other electronic devices – and the cybercriminal doesn’t even need their own drone, they can hack someone else’s in several ways to make it serve their own purposes. 

Once a drone has been located, the cybercriminal can take control of the drone, or downlink video or other images which the drone is broadcasting to its base station. 

Cybersecurity company Kaspersky notes that technologies such as Wi-Fi, Bluetooth and RFID generally work only within a limited area, so physical access restrictions can often prevent hacking. But drones give hackers more mobility. For example, a small computer could be loaded onto a drone and dropped onto the roof of an office building. It could then be used to carry out cyberattacks exploiting Wi-Fi, RFID or Bluetooth vulnerabilities. It could mimic a Wi-Fi network in order to steal data from tablets and smartphones, or hijack Bluetooth peripherals, such as mice and keyboards. Keylogging would enable a drone-mounted computer to steal passwords from users.  

According to the Cyber Security Cooperative Research Centre, there are several major cyber-related threats that relate to the use of drones: 

  • GPS spoofing – occurs when the drone is fed false GPS coordinates, enabling the cybercriminal to take control of the drone, diverting its course or causing it to crash. A hijacked drone can also be used to hijack other drones, potentially resulting in a drone swarm under the control of the cybercriminal. 
  • Command and control (C2) interception – occurs when a drone’s communication link is intercepted by a cybercriminal, allowing them to take full control of the drone and its systems. 
  • Downlink interception – occurs when a cybercriminal accesses data transmitted between the drone and its controller (base station). 
  • Distributed Denial of Service (DDoS) attack – occurs when an information exchange or network is overwhelmed by a flood of rapid requests, which prevents legitimate requests from being fulfilled. Such an attack could cause an inability for the drone to receive control signals, resulting in the drone crashing or being overridden by the cybercriminal.  
  • Signal jamming – disrupts the communication between a drone and its controller. This could render the drone unable to receive or interpret comms properly, potentially sending it off-course or resulting in it crashing. 
  • Data exploitation – occurs when drones are able to penetrate physical protections and be used for data exfiltration. For example, if a small drone is fitted with a minicomputer, which can ‘mimic a wi-fi network’, it could steal data, hijack Bluetooth peripherals, perform keylogging operations to steal sensitive passwords, as well as compromise access points, unsecured networks, and devices. 

Security Intelligence notes that drones are useful to cybercriminals because they can perform a range of high-flying functions: 

  • Physical surveillance – drones equipped with high-quality cameras can be used to observe operations, gather information (e.g. on security protocols) and plan physical attacks. 
  • Network sniffing and spoofing – cybercriminals can equip drones with small, modifiable computers (known as ‘sniffers’) to find out information about a Wi-Fi network, allowing the drone to then mimic the known Wi-Fi network. If unwitting employees connect to this fake network, cybercriminals can access sensitive information. This approach can be used to bypass security protocols and gain direct access to a network. 
  • Denial-of-Service attacks – drones can carry devices to perform local de-authentication attacks, a type of Denial-of-Service (DoS) attack that targets communication between a user and a Wi-Fi wireless access point. They can also carry devices to jam Wi-Fi or other communications. 

With the increased use of automated drones (AUAVs), emerging risks may arise. According to RAND Corporation research, cyberattacks on AUAVs are more difficult to detect because, by removing the human in the loop, it is less likely that unusual or unauthorised system behaviour will be noticed. This makes it difficult to distinguish anomalous – possibly malicious – activity from normal activity.   

As the technology advances, so too the risk. As drones become quieter and faster, fly further from their operators, fly around all obstacles, track moving objects and take much higher-resolution pictures and videos, their value to the cybercriminal increases. 

Impact 

The potential impact of drone-based cyberattacks is far-reaching, with the drone able to be used to disrupt operations and cause significant financial losses. Impacts range from data theft and disruption of services to physical damage or injury. Cybercriminals may use a drone to gain access to sensitive data or disrupt operations by interfering with communications or navigation systems. In addition, physical damage or injury could occur if the drone is weaponised.  

Mitigating the risk 

Prudent protections, if you are operating a drone as part of your business, include: 

  • Subscribing to a VPN service to encrypt the drone’s connection. 
  • Ensuring strong authentication and access controls are put in place. 
  • Applying the manufacturer’s patches for the software. 
  • Updating the drone’s firmware.  
  • Using strong passwords for the base station application. 
  • Using updated anti-virus software for the drone controller device. 
  • Limiting the number of devices that can connect to the base station. 
  • Ensuring the drone has a return to home (RTH) mode (enables the drone to return if it loses signal, if the signal is jammed, or if the battery becomes depleted). 
  • Keeping any smartphone or laptop you use to control the drone secure and protecting it from becoming infected by malware. 

To help protect your business networks and airspace against drone attacks: 

  • Use a VPN if you’re working on Wi-Fi. 
  • Secure all IoT devices in the premises and configure them to a guest network. 
  • Don’t leave your Wi-Fi router with the default username and password. 
  • Don’t use identical passwords for different networks or devices. 

Insurance also has role to play in protecting your business. Talk to your EBM Account Manager about cyber insurance and also about cover for your drone. 

Published: 18/07/2024
Cyber Insurance