Researcher Claims Ability to Hack Police Drones From a Distance

This is probably just the first of many.
Publish date:
Social count:
This is probably just the first of many.
Police drone

(Image: CorbettReport / Youtube)

Speaking at a cyber security conference in San Francisco, security consultant Nils Rodday put law enforcement agencies relying on expensive Unmanned Aerial Vehicles—UAVs, or drones—on notice. Some of these $30-35,000 devices currently in use by police can be hacked. Rodday said he could do it from as far as a mile away

Rodday, who now works at IBM but conducted his drone research while working as a graduate researcher at the University of Twente in the Netherlands, won’t reveal the specific drone he tested or who sells it. The unnamed UAV manufacturer had him sign a non-disclosure agreement in return for loaning him the pricey quadcopter for testing. He hinted, however, that the three-foot wide quadcopter has a flying time of around 40 minutes and has been deployed by police and fire departments, though it’s also marketed for use in industrial applications like inspecting power lines and windmills and aerial photography.

Rodday isn't actually comfortable with the term "hacker," reported CNET, but he still managed to do precisely what a hacker with ill intent could conceivably do if he or she replicated Rodday's research: he discovered that one tactical drone model had coding errors that permitted seizure and issuing rogue commands from as much as a mile away. So—say a police surveillance drone was flying above a stadium. In a hacking scenario like the one Rodday uncovered, a malicious actor could take control of the drone and fly it into the crowd. Or more likely steal it outright. 

The good news here is Rodday was able to work with the company that made the drone he tested. According to CNET's report, the unnamed company is working to fix the problem.

Unfortunately, the discovery of a hack, error or problem like this could give ideas to others with skill sets similar to Rodday's. As is often the case with cyber-security, sometimes just opening the bag to let the cat out is enough to create a whole host of new issues. 

In the brave new world full of a wide variety of UAVs buzzing the skies every day, it's probably a good time for someone to to manufacture a kevlar-based drone-proof umbrella. Just in case.

h/t Wired, CNET