Defending Against Drone Incursions Isn't Easy, Black Hat Session Reveals

At a briefing at the Black Hat Conference, researchers from security firm Bishop Fox detail findings on what tools are available to defend against drones.


LAS VEGAS—At the Black Hat USA 2016 event last year, Francis Brown, Managing Partner at security firm Bishop Fox demonstrated the Danger Drone, an airborne hacking device.

This year Brown and Bishop Fox returned to the Black Hat Conference to discuss how to prevent drone-borne hacking or other forms of espionage, in a colorfully-named Black Hat Arsenal talk called "The Game of Drones."

In an interview with eWEEK ahead of his talk Brown said that over the past year he has become interested in the nascent drone defense market, which now includes multiple vendors that claim to offer tools that can protect against drone-borne spying or cyber-attacks.

"I noticed all these crazy defenses and no one had really tested them to see if they worked or not," Brown told eWEEK.  "Our customers were starting to ask us about what they need to do to defend themselves against drones."

The range of drone defense products spans from bazooka cannons that shoot nets to capture drones, to other drones that will dogfight with a drone in mid-air. As opposed to the Danger Drone talk in 2016 where the actual drone was flown and demonstrated, Brown noted that he's not going to be able to shoot a bazooka canon in the middle of the Mandalay Bay conference center, he will show videos of the various anti-drone defenses in action.

Drone defense technologies typically include two classes of products, those that are for visibility and then there are products that can actually respond to drone threats in different ways. Brown noted that there are far more drone detection products on the market then there are response products. Brown said that his firm researched 86 different drone defense products prior to the Black Hat session.

"Once you've detected a drone and it's flying around doing something that it's not supposed to be doing, that's where you need a response product," Brown said.

The drone response products include both ground-to-air as well as air-to-air interception products. A common technique across a number of the drone response products evaluated by Bishop Fox were frequency jamming technologies that aimed to disrupt the drone's communication with its' home-base controller.

"Most jamming products are not even allowed to be sold in the U.S.," Brown said. "It's illegal to jam cellphone signals and GPS in the U.S. and that's what those products try to do."

Overall, Brown noted laws pertaining to drone interference are relatively immature. He said that there is a U.S. Federal law, that has yet to be enforced, that views drone interference as aircraft sabotage, which carries a prison term of up to five years.

"No one has been prosecuted under the law yet," Brown said. "For the most part, laws protect the drones."

There are also drone defense products that try to interfere with the wireless communications in some way, without actually jamming the signal. One technique is to send a signal that will force the drone to land, though it's an approach that doesn't always works.

With standard WiFi networks a common attack is to send what is known as a 'de-auth' packet that attempts to trick a client device into disconnecting from a network. That same approach can work on drones too, but only at the low end of the spectrum, according to Brown.

"If you're just controlling your drone over WiFi, then there are things you can do to interfere with those drones pretty easily," Brown said. "But on the high-end drones, like the Danger Drone that is controlled over a cellular connection, those same techniques won't work."

Brown said that the drone defense products he recommends depends on what the individual is trying to defend against and the legal methods available in a given jurisdiction. His plan is to keep testing new products as they emerge, since at this point the market is still very early and immature.

"An increasing number of people are getting budgets and people keep asking me what products they should buy, but at this point, it's very unclear," Brown said. "The stuff is pretty fun to test too, so we'll keep testing."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.