Drone Threat Intel Report: DroneSec Notify #50
This summary has been extracted from our weekly public threat intelligence report. For more information on the platform or weekly email PDFs, please visit: dronesec.com/pages/notify or email us at [email protected] or join the slack group at dronesec.slack.com
In this week’s news, MilSOFT release an AI-based software for weaponised, combat drone swarms. The kicker? An hour flight time and a 1kg-payload carry weight, all whilst 100% autonomous operation from launch to land. Over in Kenya, two government officials claim that drones surveilling their homes have also been loaded with electronic equipment, citing some of their in-home gadgets have been hacked or manipulated. There is a long history of equipping drones with technology capable of conducting air-borne network and wireless attacks, but almost all of this has been white-hat, experimental or research based. DroneSec is investigating any further truth to these claims.
From a cyber-security standpoint, a drone-hacking group has released a hardware board for the DJI Mavic 2 Enterprise that can be bought with permanent root access – that is, it will bypass all future DJI updates to things like geofences or security updates, allowing users to use drones without limits or re-configuring their systems each time. In Japan, citing privacy and vulnerability concerns, the government stops purchase of Chinese-origin drones and looks inward (and to western countries) for supply.
Over in the Middle East, some reports have emerged of the Taliban increasingly using airborne IED’s and explosives dropped from drones – a tactic heavily innovated by Islamic State, but apparently only recently by the Taliban. In Singapore, a record 20 out of 44 drone operators have been reported arrested after intruding into airport airspace. At almost 45%, that’s not a bad effort on behalf of officials looking to track and locate infringing individuals. All these stories and more, in today’s release.