RF Enables Takeover of Hostile Drones
Tempting as it may be to blast drones out of the sky, a less aggressive approach may yield better data about attackers — and keep bystanders safe.
The security team suddenly hears buzzing overhead at a seemingly secure government site, or critical facility such as a chemical plant. It's a small, unmanned aerial system (sUAS) – also known as a drone – that's entered the airspace, presenting an immediate, yet unpredictable threat to the sensitive site. What happens next? That largely depends on what type of counter-drone system has been deployed.
Most people are familiar with UASs used for warfare and know that unauthorized aircraft of all shapes and sizes present a growing terror threat. But a new generation of ubiquitous drones are posing security risks to enterprises and other civilian organizations. They are cheap, powerful and easy to acquire or build. Security teams need to be alert and ready for their appearance.
Flights have been grounded and delayed at major airports worldwide, including in Newark, Dublin, and Dubai. Even the world's most secure airplane is not immune – Air Force One narrowly missed a collision with a drone in August as it descended in Washington, D.C.
Drones have menaced stadiums and disrupted four Major League Baseball games in 2020. Not long ago, a drone smuggling marijuana, cell phones, and cigarette lighters was caught in a net just above the fence at a prison in Mississippi.
Drones of every shape and size are increasingly breaching the security lines of restricted areas, and whenever a drone crosses into unauthorized territory, security teams first must make a critical determination: Is it friendly or hostile?
Not all drones pose an equal threat. Small, short-range drones employed by hobbyists often have a flight range of only a handful of yards or meters. They can be controlled by a smartphone and generally will not carry much of a payload. But there are longer-range drones, with heavy payload capacity, and weather and wind resistance, that can carry out significant attacks. In some scenarios, these drones may also carry evidence or intelligence, so the value of capturing and preserving them is high, assuming legal authorizations are in place to allow access to law enforcement personnel.
Most traditional methods of drone mitigation have their origins in the military counter-sUAS space and tend to utilize either jamming or kinetic methods. Jamming disrupts communication between pilot and drone, forcing the drone to land, or return to its home base. Security teams should note that jamming can cause serious communications interference to nearby operational or security communications, GPS navigation, or control systems, and can disrupt Wi-Fi and cellular networks. Also, a jamming-based system's effectiveness lasts only until the jamming stops, at which point the pilot may retake control of the drone.
The kinetic approach involves forcefully taking down the drone with ballistic systems or even using another drone. This creates shrapnel, which can cause collateral damage. The kinetic method destroys the drone, along with all the intelligence data the drone contains.
In the not-so-distant future, our skies will be filled with drones. Gartner predicts that in five years, there will be 1 million drones carrying deliveries. As drones are increasingly used for security and emergency response, and by hobbyists and nefarious actors, organizations are significantly more likely to face drone infiltrations.
A newer technological alternative: radio frequency (RF), cyber-takeover of rogue drones allows for a safe landing of hostile sUAS and will help teams control the prospective threat and make safer, real-time, proactive decisions in sensitive environments.
How Does It Work?
The ground control station that pilots the drone has two parts: operators and communication links. Meanwhile, the drone itself has a base system, sensors, avionics, and communication links that speak to ground control. UAVs may hold a lot of data – much of it potentially sensitive.
RF cyber detection and takeover mitigation allows security teams to overtake a rogue drone and safely take full control, without needing to jam, damage or otherwise destroy the drone – and the accompanying, possibly high-value security intel that the drone itself may provide to authorized investigators.
Let's return to that government or enterprise site, with its security team that is surprised when it notices a drone has entered its air space and must figure out how to proceed.
Traditional methods may work. The team could either use a jamming-based solution, or shoot down the drone and disable the threat. But jamming could also affect the organization's ability to communicate internally and shooting at the drone risks collateral damage.
A cyber takeover approach would offer the security team full control of the drone and a safe landing. Maintaining control preserves continuity of communications, transportation, commerce, and everyday life. In this case, the GPS of the drone and its home location are identified, allowing the security team to describe the pilot's location at the time of the drone's takeoff to law enforcement.
The drone can now be collected and examined so that proper information can be gathered according to local and federal regulations to learn about where the drone came from and what its operator's intentions were.
The goal of all security teams is to prevent incidents from spiraling into crises. As drones become ever smaller, quieter, more affordable, and durable, smarter takeover methods are required for them to proactively manage all incidents confidently.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024