Drones have yet another serious issue to contend with: malware

[Shawn Knight]

The public narrative around drone safety has largely focused on the potential threat to aircraft. But there’s another risk that nobody is really talking about – the fact that drones are essentially flying computers and thus, are prone to code-based attacks just like any other computer.

In the case of drones, one piece of nasty code comes to mind: the Maldrone malware.

As you know, drones are ultimately controlled by their pilot but there’s a ton of autonomy going on to keep the craft in flight. It’s this part of the equation that the malware hones in on. Once it infects a drone, the malware – created by security researcher Rahul Sasi – can hand off control to a hacker or even cause the machine to shut down and fall out of the sky like a ton of bricks.

Neither scenario sounds particularly inviting as you’re going to lose your drone either way and potentially injure or even kill someone.

Those aren’t the only nefarious use scenarios. If commercial drones end up becoming a thing, malware like this could make it easy for a hacker to hijack an inbound delivery and steal whatever is being transported.

Sasi recently demonstrated the malware’s ability using a Parrot AR drone but the truth of the matter is, Maldrone is designed to work with all current drone software.

If nothing else, this proves that drone makers and potentially even regulators need to take a real close look at drone security.

Permalink to story.

https://www.techspot.com/news/59552-drones-have-another-serious-issue-contend-malware.html

 

[Greg S]

Ok, so how exactly can you infect something that only accepts PPM signals? Unless you have found a vulnerability in basic 2.4Ghz protocols such as DSMX, you aren't going to be able to infect a drone on the fly. You would have to have the owner download the firmware and load it onto the flight controller. Considering that there are open-source options available, this would be near impossible to actually do on such a platform.

 

[Uncle Al]

I would be more concerned with a bug that would perform a "homing pigeon" function and have the drone fly away to some nearby designated place where it could be stolen .... of course, what is the market for "hot drones" these days?

 

[tonylukac]

Why don't cars have malware?

 

[amstech]

If my drone happened to fly to the neighbors yard and get some hot footage it was obviously hacked

 

[Skidmarksdeluxe]

So if your drone is full of bugs do you call it a tsetse drone then?

 

[cliffordcooley]

Why don't cars have malware?

There is little need in malware until they are self driven. Much like the concept Macs were once malware free.

 

[cartera]

Ok, so how exactly can you infect something that only accepts PPM signals? Unless you have found a vulnerability in basic 2.4Ghz protocols such as DSMX, you aren't going to be able to infect a drone on the fly. You would have to have the owner download the firmware and load it onto the flight controller. Considering that there are open-source options available, this would be near impossible to actually do on such a platform.

All though what you say is true, as drones become more popular more people and companies will use them and the malware will be spread like traditional malware and viruses. It will be loaded in dodgy programs and downloads for the unassuming user or employee to run on their computer which is connected to the drone which then allows the uplink.

If drones get more widespread use by companies this will become a big issue. If only I had a £1 for every employee at my company who asked if the email from prince Derek Akuma from Nigeria asking to deposit £1 million pounds into the company bank account. XD