CALLIE VAN VUUREN Smartphone applications can also be used to detect and locate nearby routers that may have been flown in by a drone
Although drones have been a positive business decision for various industries, such as agriculture, where drones are used for automated farming, drones can also pose a threat to companies when they are used for corporate espionage, says information and communications technology systems integrator NEC XON cybersecurity division GM Callie van Vuuren.
He explains that drones carry video or still cameras, microphones, routers, loaded USB flash drives, smartphones and other recording devices that can be dropped out of sight nearby sensitive areas.
“The aim is to steal data or inject data into a business, such as listening to conversations between businesspeople or injecting malware for greater exploitation at a later stage.”
Van Vuuren adds that these operations can ruin business deals and companies by negatively impacting on supply chains, corrupting service agreements, redirecting sensitive information, creating unnecessary costs and enforcing additional operational activities.
To prevent such espionage, he highlights that techniques, such as using cameras linked to artificial intelligence, machine learning algorithms and acoustic sensors, can be used.
Monitoring radio frequencies is also possible and is the most cost-effective and least resource-intensive method, Van Vuuren points out.
He explains that smartphone applications can also be used to detect and locate nearby routers that may have been flown in by a drone. “Finding and shutting down these unsecured routers stops the so-called ‘man-in-the-middle’ attacks, malware injections and other forms of attack.”
He explains that leaving a USB flash drive with malware at a company’s premises is one of the oldest hacker tricks in the book, and sometimes people use drones to drop these pre-infected and harmful drives that carry potential sniffing or keylogging software.
Van Vuuren says the solutions are largely an information technology (IT) fix, which means that most companies must either already have the IT skills or must be able to afford the outsourcing of an IT specialist to help combat these challenges.
He suggests that police and other intelligence services need to be able to better track as well as apprehend the illegal or dangerous use of drones. Reform in the drone sector, such as enforcing existing policies and regulations, can help to promote these goals.