Drones are mobile vehicle systems that can function with varying degrees of autonomy from human operators. Depending on their design and function, they may also be called remotely operated systems, remotely piloted aircraft systems, or uncrewed ground/underwater vehicles.
Before deploying a drone, you should conduct a threat risk assessment (TRA). A TRA will help to identify potential security threats and determine the appropriate cyber security measures required to mitigate them. Understanding the risks associated with the use of drones for business or operational purposes will enhance your organization’s ability to protect your systems, data, and networks.
On this page
Types of drones
There are many styles of drones that have different forms and serve varying purposes. They can be generally categorized into 3 main types based on their design and intended use: commercial, own-made and professional.
Commercial drones
These drones are produced by commercial organizations and used to support business and individual activities. Commercial drones have a wide range of applications, depending on the field or line of business. Some examples include aerial photography, agricultural spraying and package delivery. Commercial drones generally use commodity parts with low-security supply chains.
Own-made drones
These drones are built and created by individuals or organizations, often for personal use. Own-made drones can also be organization-made and used to control features that would typically be managed by third parties. These drones generally use a mix of custom-made hardware, software and parts, which allows for more visibility into supply chains.
Professional drones
Professional drones are used in critical environments, such as military or search and rescue. These drones are used for tasks like perimeter surveillance, emergency response and industrial inspection. They typically feature components that have complete visibility and control of supply chain contents.
Professional drones can be used for many purposes, including:
- recreation
- surveillance
- commerce
- data collection
- infrastructure monitoring and inspection
- emergency response
- public safety
- security
How drones work
Drones can operate without a physical connection to a controller (for example, untethered and remote). They work semi-autonomously by using stability control, following a pre-programmed path or by human control. Some drones are capable of fully autonomous modes of operation, using onboard systems to navigate and perform tasks without real-time human input. An example of autonomous mode are drones that follow a pattern. Some drones connect to the Internet or require data to be transmitted through the Internet. Most rely on satellite systems to provide global positioning and timing services.
A drone’s functionality is supported by 2 main components: on-board and off-board systems.
On-board systems include:
- central control computer
- communication modules
- movement and stability controls
- positioning and navigation tools (like GPS and visual or acoustic sensors)
- data collection tools (like camera and microphones)
Off-board systems include:
- a control station (like a computer or mobile device)
- a user interface for monitoring and issuing commands
- data display and storage systems
Risks associated with drones
Drones are susceptible to a variety of cyber threats that can compromise their functionality and the data they collect. Most notably, drones can pose significant risk to your organization when connected directly or indirectly to your network. They are untrusted devices meaning their connection can be leveraged by threat actors as an attack vector or used to gain remote access to your environment.
Another common risk involves drones being misled through satellite navigation interference. For example, signals can be jammed or spoofed to create false signals and prevent communications from reaching the drone. This can cause the drone to go off course without realising that it has changed trajectory. Unintentional electromagnetic interference can also disrupt drone communication signals.
If your drone is compromised, threat actors may be able to:
- take control of the drone from the current authorized operator
- steal authentication and encryption mechanisms used by drones to gain access
- acquire images, the location of the operator and other data captured by sensors
- access sensitive information through drone images that contain metadata, revealing operational activities (for example, timestamps and location coordinates)
- exploit vulnerabilities in other systems by injecting malware
Artificial intelligence risks
Drones with artificial intelligence (AI) functionality may be vulnerable to different attack methods. Manipulated inputs to the drone can cause AI models to misinterpret data, leading to incorrect decisions. Consider the following examples of AI-related attacks.
Data manipulation
Images can be manipulated to deceive AI navigation systems by altering sensor inputs or physical objects. This can cause navigation systems to misinterpret information and may lead to incorrect or unexpected operational outcomes.
Data poisoning
Threat actors can corrupt training data through data poisoning attacks. This can result in faulty AI decision-making.
Swarm attacks
Threat actors can conduct swarm attacks which enable multiple AI-functioning drones to operate autonomously and collaboratively to overwhelm defences.
Denial of service attacks
Threat actors can gain unauthorized access to perform arbitrary code execution (for example, using commands or code to disable the drone or its process) due to traditional software vulnerabilities.
Management platforms and software risks
Drone management platforms or the software used to operate and manage drones rely on:
- remote connections
- cloud platforms
- flight telemetry sensors
- cloud infrastructure
These platforms and software can present further threat surfaces to your drones and data. If compromised, your drones and data are at risk of having their images and coordinates stolen, losing control and losing sensitive information. Some of these platforms may use sensitive authentication credentials used to access higher security levels, which can be a greater risk to your data if compromised.
Considerations for vendor selection
When selecting a drone vendor or manufacturer you should ask cyber security related questions, such as:
- Does the drone manufacturer engage in secure-by-design and secure-by-default practices?
- Products that incorporate secure-by-design and secure-by-default prioritize the security of customers as the core business requirement
- How does the drone minimize the effects of satellite spoofing and jamming attacks?
- Has a vulnerability analysis been performed on the drone, controller and any peripherals and has it been shared by an independent and verified third party?
- Is a list of all components and dependencies used in the software application available from the manufacturer?
- This is required to reflect the scope of vulnerabilities or mitigations in the software used for the drone and related systems
- Is supply chain information available for the drone and peripherals?
- Knowledge of the supply chains used in manufacturing the drone and related system offers information on potential vulnerabilities
- What documentation exists to ensure that proper cryptographic methods have been validated, applied and subjected to thorough testing?
- For more details on appropriate cryptographic methods, consult our guidance on becoming cryptographically agile (ITSAP.40.018)
Regarding user functionality and what security measures you might have to keep up with, consider the following questions:
- Do the drone, controller and peripherals require frequent updates?
- You should only update the firmware and software if necessary (for example, for security patches)
- Perform updates on separate, isolated systems to protect sensitive information and operations
- Can the drone, controller or peripheral firmware updates be reversed or returned to the previous version?
- Before installing patches, review the related details for necessary security features, as updates can include undesirable features or introduce other vulnerabilities
- Are proprietary software and drivers required to be installed on the systems to handle data with the drone?
- A device with access to your systems could expose those systems to threat actors
- Can a static code analysis (for example, examining the source code to identify vulnerabilities) be performed on the firmware or other software used to control or interact with the drone?
- This offers stronger cyber security and can be easily scanned and analyzed for vulnerabilities by a variety of third parties
- Is strong encryption used to store and communicate drone images?
- Encryption secures the data being stored on and transferred to and from the drone
- Can the drone store images and data by using on-board memory (for example, an SD card)?
- Using a secure peripheral to store and import data to a scanned external device can be more secure than using proprietary software
- Does the drone, controlling system and any peripherals connect to a cloud platform?
- Connecting to a cloud platform can introduce cloud-based vulnerabilities and threats
Considerations with own-made drones
When choosing to create or use an own-made drone, you should consider the following cyber security measures:
- Ensure that the source code is open source and has been audited by a verified organization
- Ensure that strong encryption practices are used to encode images stored and transmitted
- Test the drone thoroughly and make improvements where necessary
- Consider redundant and fail-safe systems (for example, ensure the system will function as needed if one or more parts fail)
- Make sure emergency remote takeover systems for human supervision exist
- Ensure the system architecture is well documented and includes all components
- Monitor and log activities for continuous security enhancements (for example, incident response)
Securing your drone
There are many cyber security considerations when setting up and securing your drone. The following actions can strengthen the security of your drone and your data:
- Use a dedicated or stand-alone controller for your drone rather than a mobile device used for other purposes
- Establish an isolated environment or zone for drone use so you can control and monitor network access
- Ensure the networks that the drones and related systems use are separate from networks used by other trusted systems to isolate the threat from other sensitive environments
- Use strong encryption to secure the data transferred to and from the device
- Set up a separate and secure isolated environment to transfer, install and scan recorded data and required applications (for example, updates and patches)
- Use an SD card or external peripheral to transfer sensitive data rather than cloud connections
- Disable default cloud connections
- If you need to use the cloud, use on-premises cloud platforms with strong encryption to protect data in transit and at rest
- Mitigate jamming or spoofing attacks by integrating tools (for example, microelectromechanical systems or fibre-optic cables) that recognize other signals and can be used for alternate guidance methods
Consider the following security tools to stay vigilant and monitor your drone data and activity:
- Take note of the information that could be accessed by the drone and shared with third parties when configuring your device
- Be suspicious of what data is being shared with remote servers and use a virtual private network to transfer the data
- Request a copy of the source code for the firmware and other drone software so your IT team can run a static code analysis
- Request evidence of a comprehensive third-party vulnerability assessment
- Monitor suspicious activity by implementing an intrusion detection and prevention system on the network used by drones to detect and block the traffic immediately
- Use monitor logs to indicate vulnerabilities, further secure sensitive information and patch areas that need greater security
- Implement a zero trust architecture if handling sensitive data and to mitigate AI related risks
Learn more
- Virtual private networks (ITSAP.80.101)
- Network security logging and monitoring (ITSAP.80.085)
- Network security auditing - ITSAP.80.086
- Using encryption to keep your sensitive data secure (ITSAP.40.016)
- Connected and automated vehicle cyber security for your organization (ITSAP.00.142)
- Guidance on becoming cryptographically agile (ITSAP.40.018)
- U.S. and International Partners Publish Secure-by-Design and -Default Principles and Approaches (Cybersecurity and Infrastructure Security Agency)