Photo via Sauliakas/GettyImages (Licensed)
Heads up: Hackers may be able to knock the drones flying above you right out of the sky.
As of February, over 325,000 registered drones—more than the number of piloted aircrafts—are flying in U.S. skies. Some are used to monitor the U.S. border, while others are simply toys. Whatever the intended use of these remote-controlled aircrafts, new research by a John Hopkins computer-security team has highlighted the potential security risk that hackers can cause to these flying devices.
A team of five graduate students and their professor discovered three computer hacks to interfere with an airborne drone. The rouge commands caused two drastically different outcomes—either the pilotless aircraft landed peacefully or it came crashing down.
“I think for this model and for new tech in general, a lot of time security is an afterthought because vendors want to make sure they deliver their product on time and be competitive,” Lanier Watkins, senior cybersecurity research scientist behind the project, told the Daily Dot. Watkins works in the Whiting School of Engineering’s Department of Computer Science and the Information Security Institute, where he serves as the supervisor of the drone research at JHU’s Homewood campus. “Hackers find the issues and venders have no idea these issues exist.”
This finding is important considering the increasing pervasiveness of drones. However, it’s unclear whether these findings will affect consumers’ desire to purchase these aircrafts. The Federal Aviation Administration predicts that by 2020, an estimated 7 million drones will fly in U.S. skies—triple the number expected to be in circulation by the end of 2016.
According to the Hub, the results of each test are as follows: During the first run, the drone was sent into a “uncontrolled landing” after students bombarded it with 1,000 wireless connection requests each asking for control of the drone. The second attempt ended with another crash after students transmitted “an exceptionally large data packet” to the drone. For the final exploit, researchers “repeatedly sent a fake digital packet from their laptop to the drone's controller, telling it that the packet's sender was the drone itself.” Reportedly the drone then ceased contact with itself, leading to its safe, emergency landing.
Watkins said he hopes the studies will convince vendors to look at security when developing drones.
“There’s a high demand out there for drones because they're a tool that have a certain capability,” Watkins says. “It can fly at heights that are desirable for certain applications, it’s maneuverable, and it can take high quality video–all these capabilities are useful. I don’t think popularity will dwindle, but I do think this type of research will force vendors to fix their security problems.”