Drone Hacking Risks in Modern Warfare

📡 Ukrainian FPVs Now Hunt Russian Kamikaze Drones Using Electronic Warfare ▪️ Ukrainian forces have started using small 5W jamming modules mounted on FPV drones to intercept and down Russian "Molniya-2" kamikaze UAVs. ▪️ These Russian drones transmit telemetry back to their operators — a vulnerability that Ukraine is now exploiting for targeted jamming. 🔍 How it works: The Molniya UAV’s telemetry reveals the frequency and signature of the onboard control receiver. Ukrainian spectrum analyzers can detect these patterns in real time. This enables FPV operators to load specific jamming profiles into their drones, tuned to a narrow bandwidth of just a few MHz. ⚠️ A small jammer on the FPV is enough to break the command link, sending the enemy drone off-course or into the ground. 💬 One Ukrainian EW specialist remarked: “Their telemetry is a fingerprint. Once we see it, we know how to kill it.” 🧠 Why it matters: This is low-cost, ultra-targeted EW — a leap forward in tactical drone warfare. Ukraine is not just defending with jammers — it’s offensively intercepting enemy UAVs mid-flight using drone-mounted signal warfare. It’s another sign that electronic warfare is no longer a domain of heavy trucks and towers — but something a $500 drone can carry into battle. #ElectronicWarfare #FPV #Ukraine #DroneWar #Molniya #UAV #Jamming #TelemetryHacking #DroneVsDrone #EWInnovation #SignalWarfare

A recent cyber campaign out of China didn’t just target drone companies. It targeted the supply chain behind the drone companies. Attackers from the cyber espionage group known as Earth Ammit breached software vendors and ERP systems, injecting malware into trusted tools and pushing it downstream into defense, satellite, and industrial networks. They didn’t need to compromise a weapons system directly -- they just had to wait for the next update to ship. This is what modern cyber warfare looks like: upstream infiltration, downstream chaos. And it exposes something we don’t talk about enough: the fragility of our defense tech ecosystem when critical components are built on third-party code, outsourced tooling, and foreign supply. If we’re serious about fielding autonomous systems at scale, the conversation can’t stop at features or specs. It has to include full-stack security and trusted manufacturing from the board level up. A breach in your supply chain is a breach in your system. It’s that simple. Article in comments.

India has canceled three orders totaling 400 military UAVs due to security concerns about China-made components. Valued at $26.3 million, the orders included 200 medium-altitude, 100 heavyweight and 100 lightweight logistics drones. A Chennai-based company placed the orders in 2023 under emergency procurement provisions. Excerpts from my story for Aviation Week Network below: The cancellation of the orders comes as India grapples with intensifying hacking of its drones deployed along the two countries’ 2,167-mi.-long, disputed border in the Himalayas. It includes China-administered Aksai Chin, the Depsang Plains (administered by India in the west and China in the east) and the eastern Indian state of Arunachal Pradesh. China claims the latter as part of Tibet. Given the risk of further border clashes, The Times of India reported on Feb. 7 that India’s “defense establishment is cracking the whip” against Indian firms that use Chinese components in drones supplied to the military. The Indian newspaper cited sources who said that the problem is ongoing and a major cybersecurity threat. The sources said that the Indian military plans to make more comprehensive checks of UAVs during procurement, requiring certifications from manufacturers that the drones contain no China-made components or malicious code. Lt. Gen. A. B. Shivane, former director general of Mechanized Forces in the Indian Army, cited China’s 2017 National Intelligence Law that requires Chinese firms to cooperate with Beijing’s intelligence services. Under the law, data collected both within China and internationally should be provided to China’s intelligence services. “This raises serious concerns for countries using Chinese technology in military equipment,” Shivane said in a Feb. 10 Firstpost commentary. Dependence on foreign technology, particularly from China, “creates weaknesses that could be exploited,” necessitating an assertive approach to reduce vulnerability in military systems. #aerospace #defense #drone #uav #technology #aviation #india #china #nationalsecurity #military #cybersecurity #security #supplychain #geopolitics #foreignpolicy https://lnkd.in/esUmuZus

As reports emerge of Iranian-launched drones reaching targets across the Gulf and beyond — including Kuwait, Qatar, Bahrain, Saudi Arabia, Oman, Iraq, Jordan, Israel, Azerbaijan and the UAE — most analysis understandably focuses on range, payloads, and air-defence interception. But there is another dimension that deserves far more attention. 𝗢𝘂𝗿 𝗼𝘄𝗻 𝗺𝗼𝗯𝗶𝗹𝗲 𝗻𝗲𝘁𝘄𝗼𝗿𝗸𝘀. Many long-range one-way attack drones can fly most of their route autonomously using pre-programmed waypoints. Yet recent conflicts suggest that some Shahed-type systems incorporate commercial communication modules, including cellular connectivity. This creates a troubling possibility. A drone could travel hundreds or even thousands of kilometres autonomously — and then, as it approaches its destination, simply attach to the local mobile network. At that moment, the very qualities we celebrate in modern telecom infrastructure become an advantage for the attacker. Dense coverage. High reliability. High bandwidth. These are the features we expect and demand as everyday mobile subscribers. But they also provide an adversary with a ready-made communications infrastructure inside the very countries being targeted. A drone entering national airspace may suddenly gain access to a 𝗵𝗶𝗴𝗵-𝗽𝗲𝗿𝗳𝗼𝗿𝗺𝗮𝗻𝗰𝗲 𝗰𝗼𝗺𝗺𝘂𝗻𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀 𝗻𝗲𝘁𝘄𝗼𝗿𝗸 𝗯𝘂𝗶𝗹𝘁, 𝗺𝗮𝗶𝗻𝘁𝗮𝗶𝗻𝗲𝗱, 𝗮𝗻𝗱 𝗼𝗽𝘁𝗶𝗺𝗶𝘀𝗲𝗱 𝗯𝘆 𝘁𝗵𝗲 𝘃𝗲𝗿𝘆 𝘀𝗼𝗰𝗶𝗲𝘁𝘆 𝗶𝘁 𝗶𝘀 𝗮𝘁𝘁𝗮𝗰𝗸𝗶𝗻𝗴. That connectivity could allow telemetry, limited control updates, mission monitoring, or even the transmission of intelligence back to the attacker. In effect, the drone’s final communications link may not come from the country that launched it. It may come from 𝗼𝘂𝗿𝘀. This is why mobile network signalling analysis is becoming increasingly important. By analysing signalling activity within the network, operators and security agencies can identify abnormal device behaviour and help deny attackers the ability to exploit national telecom infrastructure. Modern conflict increasingly exploits civilian infrastructure in unexpected ways. Telecommunications networks are no exception. Melrose Networks melrosenetworks.com #counteruas #mobile #defence #nationalsecurity

Russian developers behind a custom firmware used to convert consumer drones for military use in Ukraine have reported a cyberattack on their infrastructure, disrupting the system that distributes the software. According to a statement posted on the Telegram channel Russian Hackers – To the Front, unidentified hackers breached servers responsible for delivering the “1001” firmware, displayed false messages on operator terminals, and then disabled the system.  The developers said the firmware itself was not compromised, calling the risk of backdoors or malicious code “extremely low.” However, drone operators were advised to disconnect their terminals as a precaution. The firmware, used to modify certain DJI drone models, is not available for public download and is distributed through a network of drone service centers equipped with pre-configured laptops, known as “terminals,” that receive updates from a remote server. Independent Russian cybersecurity expert Oleg Shakirov said on Telegram the attackers likely targeted this server.   “No one has claimed responsibility for the attack so far, but it’s clear the perpetrators knew exactly what they were doing — the target was highly specialized,” he said. The developers claim around 200,000 drones had been updated with the 1001 firmware as of March. While not widely known, the software removes manufacturer-imposed flight limits, improves resistance to GPS spoofing, and enables the use of high-capacity batteries, all of which makes them more suitable for military missions. https://lnkd.in/gqg-qUJz

The “Harvest Now, Decrypt Later” threat is already here! 👇🏽 Adversaries are currently intercepting encrypted US military traffic from satellite downlinks, diplomatic cables, drone feeds and storing it. It’s unreadable today, but it’s a ticking time bomb waiting for a quantum key to unlock it. The financial markets are panicking over what a quantum breakthrough could do to Bitcoin. But while investors worry about their portfolios, we need to be talking about the silent crisis facing our national defense. The same "Q-Day" capability that threatens a blockchain poses an existential risk to military command and control. A quantum break doesn't just mean a data leak; it means: • Hijacked satellite controls. • Compromised drone uplinks. • The potential for forged digital signatures on command orders. In finance, a quantum break means lost capital. In defense, it means lost trust in our own eyes and ears on the battlefield. To my colleagues in defense and government: The transition to Post-Quantum Cryptography (PQC) cannot be treated as a standard IT upgrade. It is a strategic imperative. We must accelerate the migration of High Value Assets and secure legacy hardware immediately. We cannot wait for Q-Day to arrive to start building the shield. #QuantumSecurity #DefenseTech #PQC #NationalSecurity

🛸 Drone Hacking Scenario — Awareness, Risks & Responsible Defense 🚨 Drones are powerful tools for industry, inspection, and recreation — but their connectivity and sensors also create potential security and privacy risks if devices are misconfigured or left unprotected. 📡⚠️ This post outlines what defenders should know (not how to attack): common threat vectors, how organizations can detect misuse, and practical hardening & policy steps to reduce risk. 🔎🛡️ Attackers may try to exploit weak credentials, outdated firmware, or insecure telemetry channels — which can lead to privacy invasions, data leakage, or loss of control of the platform. 🧩📵 Defenders should focus on inventorying fleet devices, enforcing strong authentication, keeping firmware up to date, segregating drone control networks, monitoring telemetry for anomalies, and logging events centrally for correlation in a SIEM. 🔑🔁🧰 For researchers: always work in isolated test ranges or lab environments, get explicit written permission, follow manufacturer disclosure policies, and coordinate with regulators and local authorities before any field tests. 📝✅ If you discover a vulnerability, follow responsible disclosure practices so vendors can patch safely — do not publish exploit details that enable misuse. 🤝🔒 ⚠️ Disclaimer: Educational & defensive guidance only. I will not provide instructions to exploit, jam, or illegally interfere with drones or other devices. Unauthorized tampering is illegal and dangerous — always stay ethical and lawful. 🚫⚖️ #DroneSecurity #UAV #CyberSecurity #InfoSec #Privacy #ResponsibleResearch #Defense #EthicalTech #ThreatDetection #SecurityAwareness 🛡️🛰️

🚁DJI Drones hacked. Recent research presented at the Network and Distributed System Security (NDSS) Symposium 2023 delves into critical security vulnerabilities of consumer drones manufactured by DJI, an industry leader with a 94% market share. The paper, "Drone Security and the Mysterious Case of DJI’s DroneID," is a comprehensive security analysis that should capture the attention of cybersecurity professionals and drone technologists. **Key Findings:** - **DroneID Protocol**: Contrary to prevailing assumptions, the DroneID protocol lacks encryption. This means sensitive location data of both the drone and operator can be accessed using cheap Commercial Off-The-Shelf (COTS) hardware. - **Critical Vulnerabilities**: A total of 16 vulnerabilities were discovered, including denial of service and arbitrary code execution. Of note, 14 vulnerabilities can be triggered remotely via the operator's smartphone, potentially leading to mid-flight drone crashes. - **Security Analysis Methods**: The researchers employed a combination of reverse engineering and a custom fuzzing approach tailored to DJI’s communication protocol, DUML. This method was effective in uncovering critical flaws in drone firmware. **Implications:** - **Data Privacy**: The absence of encryption in the DroneID protocol poses immediate risks to operator privacy. - **Operational Risk**: The vulnerabilities uncovered could be exploited to disable safety countermeasures, execute arbitrary commands, or even crash drones during flight. - **Broader Security Concerns**: Given DJI’s significant market share, these findings raise urgent questions about the cybersecurity readiness of consumer drones in critical applications, including surveillance and logistics. **Recommendations:** - **Vendor Action**: DJI has since fixed all disclosed vulnerabilities. However, the study underscores the necessity for routine security audits. - **User Vigilance**: Operators should ensure firmware is consistently updated to the latest secure version. For an in-depth understanding, the full research paper is attached to this post. #NDSS2023 #DroneSecurity #DJI #Cybersecurity #TechnicalAnalysis

🚁 How do you defend against an attack that bypasses every traditional security measure by simply flying overhead? 🔐 The intersection of drones and cybersecurity is creating new challenges we can't ignore. Here's what you need to know: ✅ Increased Range: Modern drones offer extended flight capabilities, expanding the potential attack surface. ✅ Threat: Open-source knowledge and affordable components make it possible to build sophisticated attack tools, even in resource-constrained environments. ✅ Miniaturization: Small devices like Raspberry Pis can be easily mounted on drones, enabling wireless network breaches and data capture. ✅ Multi-Purpose Attacks: Drones can be equipped to perform various functions, from WiFi hacking to RFID/NFC data collection. ✅ Silent Threats: Fixed-wing drones offer quieter operation and longer range compared to traditional quadcopters, making detection more challenging. 🔑 The key takeaway? As drone technology advances, so does its potential for cyber attacks. It's crucial for cybersecurity professionals to stay informed and develop strategies to counter these emerging threats. Check out this Friday's episode of #SimplySecured to hear from Luke Canfield as he shares his experiences with Drone technology and its capabilities. What steps is your organization taking to address drone-based cyber risks?