Counter-UAS technology: Kasperky enters chat

Hello everyone!

It has been a minute, and we missed you all while we were away.

An in that short while we were gone, there has emerged this report from a cyber security consulting company that we are all apparently in danger of being spied upon by drones.

Yea; we know.

Apparently, there may be people in the world who are still dreaming about that golden age of the cold war; and the emergence of drone technology has given them some ideas.

Cyber security and digital privacy company Kaspersky has released results of its Business Digitisation survey, which says it found that 53 percent of employees are afraid of drone spying.

Not the kind of spying where a creepy sex offender flies a drone into a neighbourhood, looking to ogle at naked women in their homes; but rather the industrial scale espionage, where corporate spies and hackers allegedly use innocent drones to get trade secrets, confidential information, and other sensitive data from corporations and data centres.

“Overall, 77 percent of employees in the META (Middle East, Turkiye, and Africa, where the survey was conducted) region fear cyberespionage within their industry,” said Kaspersky.

“The most frequent concerns about espionage are that it could lead to organisations losing money (mentioned by 42 percent of respondents) and intellectual property (24 percent), as well as harming business reputation (sixteen percent).

Kaspersky’s statement did not say where these fears emanate from, nor did it site any examples of the alleged spying threats.

But we suspect enough dust has been raised by the trade war between the USA and China; a major casualty of which has been Chinese industrial drones, which were banned from deployment by government departments, with the US federal government accusing Beijing of commandeering data collected by Chinese drone companies to use for espionage purposes.

This, of course, has been denied by the drone companies involved, the biggest of which is DJI, the biggest civilian drone maker in the world, that saw its market share of drone sales severely affected in North America.

Conducted earlier this year, the report explained that drones have the capacity to carry devices for hacking into corporate networks – for instance, a smartphone, a compact computer (like a Raspberry Pi), or a signal interceptor.

“Hackers use these devices to access corporate data and disrupt communications,” the company said in a statement.

“All wireless communication (Wi-Fi, Bluetooth, RFID, etc.) is vulnerable to drone attacks. Drones bring cyberespionage to a new level as they can access data channels that a traditional off-site hacker could not obtain.

“Most often drone spy threat concerns were mentioned by survey respondents in the spheres of IT, manufacturing, and energy. Overall, 70 percent of employees in the META region said their company would benefit from installing drone detection systems to protect the business from spying.”

As a solution to this problem, Kaspersky offered that threat intelligence plays a crucial role in countering cyberespionage, as it provides proactive measures that include continuously monitoring corporate IT systems for signs of espionage-related activities such as reconnaissance and data exfiltration and identifying threat actors.

Threat intelligence provides IP addresses, malware signatures, and patterns of behaviour which enable cybersecurity teams to detect and block espionage-related attacks in real-time.

And Kaspersky should know, because they supply such counter-drone technology, a revelation which makes their report… well; let’s just say no agenda is detected at all.

Kaspersky says its Threat Intelligence solution is a counter drone technology system used to detect, classify, and mitigate drones, using a combination of sensors, including radars, radio frequency analysers, cameras, lidars, jammers and other sensors, to track, analyse drone activity.

It helps organisations increase the awareness and knowledge of high-profile cyberespionage campaigns with comprehensive and practical reporting, the company says

“Our research showed that most business representatives understand the dangers of cyberespionage,” said Emad Haffar, Head of Technical Experts at Kaspersky.  

“Getting information on the tactics, techniques and procedures used by cyber spies helps organisations adapt their defenses and develop countermeasures to thwart these tactics effectively. Cyberespionage is typically carried out by the means of phishing, malware, exploits, and targeted attacks, but today we also need to take the threat of drone spying into account.

“Kaspersky Threat Intelligence helps organisations increase the awareness and knowledge of high-profile cyberespionage campaigns with comprehensive and practical reporting. And Kaspersky Antidrone detects, classifies and mitigates unwanted objects in the air, getting all the information on the drone in one single web interface.

“The solution allows to monitor the airspace of the controlled zone in automatic mode.”

We guess it is never a bad thing to always be ready for unseen circumstances; although cases of industrial espionage involving drone technology have yet to be well documented. However, research and policy thinktank Chatham House told Reuters in 2019 that digital espionage is on the rise.

“There’s no question it’s growing”, says Joyce Hakmeh, senior research fellow in cyber policy at the institute’s International Security Department.

“And digitisation has transformed the way espionage is done. Today, it’s done digitally and from distance.”

Tom van de Wiele, the principal security consultant at F-Secure acknowledged that such cases are not easy to come about.

“The prevalence of corporate espionage is hard to quantify exactly”, Van de Wiele said, adding that the attacks often went unnoticed by victims.

In cases where they are detected, the reason why would be unclear: was this done in the name of hacker kudos, or was it a secret stealing mission by the competition?

“We often only hear about the big attacks”, says Van de Wiele, pointing to the Aurora attack against Google and other corporations, likely aimed at stealing source code, as well as the ‘Shady Rat’ case, which targeted company data over many years.



Leave a Comment


Welcome! Login in to your account

Remember me Lost your password?

Lost Password