LAS VEGAS – A presenter at Black Hat 2016 last week showed how consumer drones could do more than just conduct aerial spying they also can carry a transmitter to hack into a wireless keyboard or interfere with industrial controls.
It’s not enough to place a fence around a building to keep intruders out, according to Jeff Melrose, a principal tech specialist at Yokogawa, an industrial controls provider. These days, some consumer drones can travel up to 3 miles or more. That makes them a potential security risk. A hacker could easily pilot one and land it on a building’s roof to secretly conduct surveillance through the onboard camera, he said.
In addition, the machines could interfere with a facility’s computers and other equipment. Melrose has been testing this possibility with DJI Phantom drones, which can be bought for$500 or more.
He noted that many consumer drones can carry a small payload of a few kilograms or enough to haul a transmitter. That transmitter could be used to jam or send radio transmissions.
Melrose tested this by fitting a drone with a 20 feet-long tether that hauled the transmitter through the air. He found that it could easily hover over a target or follow a moving object while the transmitter operated.
The danger is that a drone could send off enough electromagnetic interference to disrupt the wireless networks controlling important utilities, he said. In the past, naval radar systems have done just that and accidentally forced pipelines to malfunction or burst.
Cybercriminals could also use a drone’s transmitter to hack into wireless keyboards or mice by exploiting the “MouseJack” vulnerability, a problem found up to 100 meters away in peripherals made by Microsoft, Logitech, Dell and others.
This story was published by PC World.
