As more drones come to market, security teams must mitigate cybersecurity risks through airspace awareness
The commercial and consumer drone market is exploding, with new applications emerging, solving problems, and engaging new users. Drones deliver medical supplies, find lost hikers, take property photos, survey land for vulnerable crops, inspect pipelines for weaknesses, and delight audiences by dancing in the sky. At the same time, regulators worldwide are advancing laws to enable and even promote innovation of drone applications.
However, pilots with malicious intentions can take advantage of drones as a quiet, discreet technology, capable of carrying heavy payloads over fences without attention. Public and private organizations will struggle to determine how many drones are entering their airspace, who is flying them, where they are flying, and what their intentions are. Imagine a drone with a detection device in its payload lands on top of a building to start sniffing for available WiFi networks. How does a security professional secure their airspace against this persistent and escalating drone threat?
Without knowledge of drone activity in their airspace, an organization opens a dragnet of new legal and information vulnerability issues, including cybersecurity, hacking threats, and compromised employee privacy. Few protections exist for these enterprises to prevent drone intrusions. Before the security team can put together a program to mitigate risks, they must first gain situational awareness and determine how many drones are entering their airspace and where are they flying/landing.
Enterprises are bracing for the next generation of hacking tools and vulnerabilities that exist in unprotected airspace.
No enterprise is immune to drone threats, and ground security is certainly not enough to protect vulnerable airspace. Similar to physical security breaches, the consequences of a cybersecurity breach are becoming more complex and costly. One only needs to examine the Gatwick Airport shut down due to a drone in 2018 for 36 hours, costing over $64.5 million in lost revenue.
Expanding from Two-Dimensional to Three-Dimensional Security
Corporations and enterprises invest significant financial resources to secure their grounds and networks to ensure the safety of their intellectual property and employees. Now enter drones – and the need for the third dimension of airspace security. Drones carry threatening payloads including spying cameras, network sniffers, IoT hacking devices, and sensitive microphones.
ID and Follow Targets: Financial institutions have cameras in every direction of an ATM to protect the safety of their customers. Data centers have multiple security checkpoints to ensure authorized access to sensitive infrastructure. They share vulnerable airspace, and drones are designed to identify and follow targets to observe security gaps, surveil activities and even detect and manipulate susceptible networks.
Spy on Operations: Apple has invested millions of dollars into building the most innovative corporate campus, and yet, drone spies can easily evade the most vigilant security teams and even crash into their buildings. Tesla Motors observed drones in their airspace, capturing footage and production information on their new automobiles. Nothing is stopping motivated drone pilots from spying on Facebook data centers and posting footage publicly. Drones can also drop high-gain microphones in high-activity areas to gain sensitive information.
Snoop On and Infiltrate Networks: In addition to using cameras for spying and computers for hacking, drones are also discretely delivering snooping devices to discover vulnerabilities in a corporation’s security protocols. A sniffing device, Raspberry Pi, or transceiver can easily be dropped on an unmonitored rooftopor hack into wireless activity, or intercept and log data.
Drone Espionage & Risk to Employees: Cameras on drones can watch and record all sorts of campus activities, from recording new build progress, observing employee/guard movements, and surveying the property for security gaps to flying by unshaded windows and recording sensitive documents. Drones are also creating a distraction hazard for employees who may not be aware of the nature of the drone or why it’s in their airspace.
Smart Airspace Security Enabling Companies to Protect People, Property and Information Against Drone Threats.
How many drones are in your airspace? Initial airspace assessment reveals all drone activity, whether it is a commercial drone authorized for use at a nearby worksite, a registered and FAA-compliant hobbyist drone, or a non-cooperative and potentially malicious drone.
Detect, identify, locate, and mitigate drones with smart airspace security. Once a drone is detected, an automated alarm can be deployed as well as a countermeasure, such as lowering blinds, closing doors, shutting off systems, or directing security personnel to monitor a specific area for any interruptions. Flightpaths can determine pilot location, and security teams can approach the pilot or share information with law enforcement.
With this information, security personnel can adjust ground patrols, determine vulnerable areas, and analyze the severity of their threat. Defense cannot exist without first understanding and diagnosing the problem. Once an enterprise gains situational awareness of their airspace activity, they can create new security protocols to protect their site and cyber operations. In the event of damages from an errant drone, this data will become invaluable to insurance providers and to risk management teams to recoup any losses sustained.
Take Action Against Rogue Pilots Before Your Operations are Compromised
Airspace security technology is designed for easy and quick integration into existing security ecosystems. Enterprises require solutions that meet security standards, integrate with current procedures, and enable multi-user management at scale.
Ultimately, an enterprise that takes proactive measures to build intelligence surrounding its airspace activity will strengthen its existing security programs. Organizations must be proactive and hold themselves accountable for unauthorized drones’ risks to their building, networks, and employees. They must also ensure that no drone pilot interrupts operations or causes harm.