Gone are the days when companies only had to worry about valuable documents leaving the building in a pocket or briefcase. Today, sensitive and proprietary information can move across networks in digital format – and even be plucked out of these networks from the sky. The need for intrusion detection has expanded beyond the front door of your building to the network and now, thanks to advances in drone technology, the airspace above.
Chances are good you have a drone or someone you know has a drone – they’re amongst the fastest growing technologies available. In just two years, the worldwide market for consumer drones has experienced a 167% increase in sales, according to marketing and investment firm Kleiner Perkins Caufield & Byers (KPCB). World drone sales are estimated to have hit 4.3 million units, and KPCB estimates the market to be worth about $1.7 billion.
Drones are used for a variety of purposes, ranging from farmers checking on livestock to utility companies inspecting power lines and videographers using them to film weddings. As with any technology, as drones become more advanced, they also become more accessible. For example, a drone that can carry up to 11 pounds and fly over a mile can be purchased on the Internet for less than $2,000. As the price continues to go down, we can reasonably expect the risk they pose to increase.
The security risks posed by drones
Drones link physical and cyber security by making it possible to transport snooping devices within close proximity of data centers and networks. What’s more, using a GPS and autopilot, many drones can fly a programmed route without a pilot. This means an attacker can be in a completely different location from the crime scene.
This isn’t just a hypothetical. In 2015 the security industry witnessed several examples of how drones can be used to steal sensitive data:
- Security firm SensePost introduced its Snoopy drone, which is designed to hack smartphones and steal data.
- Aerial Assault’s David Jordan introduced a drone designed to penetrate test networks and collect unencrypted data.
- Student researchers in Singapore developed software that can identify open Wi-Fi printers and then establish a fake access point to intercept documents. The software can be loaded onto a smartphone that is attached to a drone.
It won’t be long before cybercriminals add drones to their arsenal. So how can organizations protect their data? The sophistication of drone technology requires a new kind of intrusion detection system.
The drone detection system
Drones vary in size, speed and shape, which makes it difficult to detect them via any single monitoring method. For example, audio detection would fail to recognize silent drones like gliders or fixed-wing drones. Cameras are unable to detect all shape-changed drones, such as those designed to look like birds. Even radar, which is traditionally used in the detection of aerial vehicles, must be modified to effectively detect drones.
The best solution uses a drone detection system that incorporates multiple mechanisms, or sensors, to detect and identify drones in real time based on signatures. The cloud-based network of sensors helps ensure accuracy under varying conditions and reduces false alarms. You can think of it as an intrusion detection system for the sky. By analyzing characteristics like flying behavior and silhouette and neural network classification of the cross-section, the system can determine whether the entity flying through the air space is a drone or, for example, a bird.
Drone detection systems are still young, but vendors are working hard to advance the technology. For example, organizations can expect drone detection systems to integrate with their network-based intrusion detection and prevention systems, physical security dashboards. Also radar and other long-range technologies will enhance drone detection technology.
Interdiction and countermeasures, though still early in the game are progressing as well.
This is a tricky challenge due to a variety of legal uncertainties. Shooting down a drone or interfering with the radio and GPS signals could result in an out-of-control drone that causes property damage or – worse, yet – physical harm to those in the vicinity.
In the meantime, security staff can take safety measures offline, such as leading people to safety, blocking the view, locking doors and gates, searching the site for dropped objects and searching for the pilot. Alert videos can also serve as evidence and play an important role in helping to identify the culprit.
[su_box title=”About Jörg Lamprecht” style=”noise” box_color=”#336588″][short_info id=”64695″ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.