The Federal Aviation Administration (FAA) estimates that by 2023 there will be more than 835,000 commercial drones in the United States. As the use of drones for many commercial purposes (such as aerial inspections, utility projects, monitoring real estate and construction activities) increases, more and more organizations will consider how to integrate these devices into existing networks and systems. However, these organizations must also consider how to limit the cybersecurity and privacy risks associated with the data collected by the drones.
Drones operate by using software or firmware. Drone operators use computers and mobile devices to run drone applications. Drones store data (on the drone itself in many cases) and often communicate via wireless connections to ground stations and operators below. What are the risks? Well, hackers are already exploiting drone software and firmware vulnerabilities to take over the drone and gain access to the connected system and network (and the data stored on the drone). Malware is often embedded in drone software and can compromise not only the date collected on the drone, but the systems that the drone, software or connected devices are linked to.
For tips and considerations related to the cybersecurity of drones and drone data and software, check out the Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Best Practices for Operating Commercial Unmanned Aircraft Systems here.