In this report, the authors explore approaches for understanding, inventorying, and modeling cybersecurity implications of the rapid growth in drone usage, focusing specifically on current vulnerabilities and future trends. The authors propose conceptual approaches meant to enable the enumeration and categorization of drone-related cyber threats and explore some of the potential benefits and challenges of modeling the commercial drone threat.

Cover: How to Analyze the Cyber Threat from Drones
Read Online

How to Analyze the Cyber Threat from Drones

Background, Analysis Frameworks, and Analysis Tools

by Katharina Ley Best, Jon Schmid, Shane Tierney, Jalal Awan, Nahom M. Beyene, Maynard A. Holliday, Raza Khan, Karen Lee

Download

Download eBook for Free

FormatFile SizeNotes
PDF file 4.6 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.

Purchase

Purchase Print Copy

 FormatList Price Price
Add to Cart Paperback96 pages $26.00 $20.80 20% Web Discount

Research Questions

  1. What are the cybersecurity implications of the rapid growth in UAS, in terms of both UAS as cyber weapons and UAS as cyber targets?
  2. What are some conceptual approaches that can enable the enumeration and categorization of drone-related cyber threats?
  3. What are the industry trends related to cybersecurity and UAS and the implications thereof?
  4. What threats exist related to cybersecurity and UAS, from the perspective of the Department of Homeland Security?

This work explores approaches for understanding, inventorying, and modeling cybersecurity implications of the rapid growth in unmanned aerial systems (UAS), focusing specifically on current vulnerabilities and future trends. The authors propose conceptual approaches meant to enable the enumeration and categorization of UAS-related cyber threats and explore some of the potential benefits and challenges of modeling the commercial UAS threat. These approaches are applied to real-world threat scenarios to test their validity and illustrate the types of attacks that are currently feasible. Industry trends and the implications of these trends for cybersecurity are presented. Finally, the authors consider the UAS-related cybersecurity threat from the perspective of the Department of Homeland Security (DHS). Specifically, the authors describe the vulnerability of particular DHS components to the threats described in this report and suggest possible means of threat mitigation.

Key Findings

The cybersecurity threat landscape introduced by a wider range of UAS use is not well understood

  • A combination of "blue" and "red" team approaches to enumerating, understanding, and categorizing cyber threats related to UAS as targets and UAS as weapons can help stakeholders better understand the space.
  • Emerging trends such as autonomous flight, UAS traffic management, swarming, AI, and blockchain will continue to add complexity to this space.

Compromised drones can have real impacts on security for the Department of Homeland Security

  • If faced with compromised drones, Customs and Border Protection might lose intelligence, surveillance, and reconnaissance (ISR) capabilities, creating visual blind spots in detection of smuggling or other nefarious activities at borders and ports.
  • Compromised Federal Emergency Management Agency (FEMA) drones might reduce the agency's capability to identify, reach, or supply individuals in peril or medical distress in disaster zones.
  • Compromised Cybersecurity and Infrastructure Security Agency (CISA) drones would degrade the ability of CISA to conduct critical infrastructure inspections in some cases, and could be used in a cyberphysical attack to damage the critical infrastructure it was meant to survey.
  • Compromised Immigrations and Customs Enforcement drones will reduce overall capability, require fallback to less-familiar concepts of operation, and increase risk for the agents in the field.

Recommendations

  • DHS must continue to work with senior policymakers, cybersecurity experts, and other government and law enforcement agencies to move towards a coherent UAS cyber strategy.
  • DHS should also prioritize the most critical vulnerabilities and find ways to close attack vectors and protect attack surfaces.
  • DHS will need to monitor UAS adoption and anticipate the implications of widespread UAS diffusion.

Table of Contents

  • Chapter One

    Introduction

  • Chapter Two

    Understanding the UAS Threat Space

  • Chapter Three

    The UAS and Cybersecurity Threat Space Today

  • Chapter Four

    Industry Trends and the Future of UAS Cybersecurity

  • Chapter Five

    UAS, Cybersecurity, and the Department of Homeland Security

  • Chapter Six

    Conclusion and Recommendations

  • Appendix A

    Attack Categorization

Research conducted by

This research was conducted using internal funding generated from operations of the Homeland Security Research Division (HSRD) and within the HSRD Acquisition and Development Program.

This report is part of the RAND Corporation Research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.

This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.