Drone Threat Intel Report: DroneSec Notify #7
This summary has been extracted from our weekly public threat intelligence report. For more information on the platform or weekly email PDFs, please visit: dronesec.com/pages/notify or email us at [email protected] or join the slack group at dronesec.slack.com.
Welcome to another week of drone security focused Threat Intelligence. We’re proud to be serving drone threat intel to law enforcement in a number of countries across various continents, and always welcome feedback as to the format, methodology and delivery of this information. You may have noticed this issue came in one day later than usual. This is a permanent transition based on customer feedback and tweaking our process – from now on, you can expect a Wednesday delivery.
This week, we added a number of new sources to our Threat Intelligence Platform (TIP) and refined how we report on ‘News and Events’ that aren’t critical to an organisation’s immediate threat classification models. We are nearing the end of January which means our next issue will provide analysis and review of the month gone by. Weekly statistics and observations are available to our paid members only, as a dedicated service.
In our team’s constant uplifting of Red Team techniques, the office is diving into the new book “Red Team Development and Operations” by Joe Vest and James Tubberville. While we have deep roots in Red Team exercises focusing on physical/digital environments, it’s always a unique challenge to orient these towards the cyber-physical realm of drones, counter-drone and UTM systems. If your organisation is seeking to test your environment or counter-drone system against unknown, open-scoped threat actors, it’s a great read and I highly recommend putting a copy on your shelf.
We submitted a draft request to MITRE on an ATT&CK Framework for drone systems and invite anyone keen to collaborate on this to reach out at [email protected] Already, we’re seeing the likes of CREST and CompTIA establishing frameworks and standards for drones, and we recognise some deep technical analysis and mitigation strategies are essential for safe and secure drone, counter-drone and UTM system operations. A nod to Kevin Finisterre for his original threat modelling framework ‘DREAM’ and the positive effect it’s had on the drone security industry so far.
In this week’s news, we cover UK Police laws getting a refresh over tackling rogue and suspect drones, the FAA dealing with drones swarming the site of basketball legend’s Kobe Bryant’s crash site and the European Aviation Safety and Security plan including drones and counter-drone systems as a core aspect of their 2020 vision.
Taking a moment to reflect on history, we came across this stunning drone footage of the Auschwitz concentration camp in Poland – a sombre sight, but gripping that drones allow us to view such an experience from across the world. A reminder to embed security as an enabler of innovation rather than a reason for restrictions or slowing down an industry that gives a new perspective on the world. For anyone who celebrated it, we hope you had a happy Chinese New Year and Australia Day respectively.