Five ways to combat corporate espionage drones

It’s a myth that nothing can be done about “the drone menace” and its threat to corporate security.
Read time 4min 10sec

Corporate espionage targeting enterprises and key personnel using drones is a growing concern in South Africa.

And, while there’s a popular myth that nothing can be done about “the drone menace”, it’s not entirely true in this context.

The solutions hinge on how criminals use drones. The solutions are largely an IT fix, which means most enterprises either already have the skills to make them work, or can fairly easily get the service.

Preparing for the most common threats is paramount since it avoids poor and often costly responses down the road.

The precedents of corporate espionage and other cases involving drones have been set.

Gatwick and Heathrow airports in the UK were both shut down by eco-activists for a few days and a few hours, respectively. That disrupted travel and cost hundreds of millions of pounds.

In the US, they’ve been used to fly small payloads over prison walls, carrying things like cellphones, money and drugs. Right here in South Africa, drones have been used to spy on various commercial operations, anything from mining to retail to automotive. They’ve also been used against key executive personnel, ports where goods are transported, and data centres.

In most cases where drones have been used in a hostile way, either in war-like, commercial or personal conflict, there are several similarities that unite what have typically been poor responses.

Gatwick had no response capability other than to ground all planes and eventually call in the military with specialised equipment after first going through several other authorities. At Heathrow, they jammed the signals between the drone and operator but that’s illegal for the commercial and private sector in South Africa.

It’s also important to note that not all drones are a serious threat. Some drones really are just badly piloted. A lot of drone hobbyists in South Africa take the time and trouble to get their licences. They belong to clubs and they take the law and safety seriously. They’re also advocating for reform in the sector.

Regardless, businesses must be able to respond now.

One of the ways is that our IT teams or security personnel can scan the radio waves for drone signals nearby, which means the 356MHz to 366MHz range for off-the-shelf drones in South Africa. Scanning a greater range will help identify more sophisticated attackers.

It’s important to note that not all drones are a serious threat. Some drones really are just badly piloted.

Then we must figure out what any identified drones are doing. They’re used in a few ways in the espionage role against businesses. They carry video or still cameras, microphones, routers, loaded USB flash drives and smartphones and other recording devices that can be dropped out of sight nearby sensitive areas.

Camera detectors will show any cameras in a variety of ways. Some will detect the radio signal used to transmit data, some will detect the glint of light off the lens, and others will detect a chip installed in every camera.

You can also scan for microphones dropped by drones because they have to transmit their data. Even consumer-grade devices will quickly detect and help you locate the source of nearby radio signals.

You can use a smartphone app to detect and locate nearby routers that may have been flown in by a drone. I use an app called FLUKE. Finding and shutting down unsecured routers stops man-in-the-middle attacks, malware injections and other forms of attack.

Leaving a USB flash drive with malware lying around a company’s premises is one of the oldest hacker tricks in the book. Education is your best weapon against it. The ubiquity of broadband Internet does make this less of a threat but USB drives are still widely used.

Recording devices must either be retrieved, in which case the sensitive area they’re dropped in must be accessed by a person, or they must transmit, typically a radio signal that can be discovered and located. Some devices will use laser to transmit data but they must be accurately positioned, so that’s not typical of how corporate espionage actors use drones today.

By focusing on how drones are used in the corporate espionage role, noting that most instances involve some form of IT-based response, businesses won’t get caught in a cycle of having to buy and constantly upgrade unnecessary drone counter-measures with rapid upgrade cycles.

By focusing on the risks I mentioned above, we can vastly improve our ability to withstand the additional vector that drones have brought to the corporate espionage threat.

Vernon Fryer

Chief information security officer and head of CDOC at NEC XON.

Vernon Fryer is chief information security officer and head of CDOC at NEC XON.

He has nearly 50 years of experience in the cyber security industry. He has served at IBM, SAPS, Interpol Southern Africa, and been SA’s national head of the Computer Crime Unit. He lives and breathes cyber security.

Fryer has investigated computer fraud, helped track assets in liquidation, testified in intellectual property disputes, conducted forensic investigations and numerous security audits for regulatory requirements.

He was on the International Computer Crime Work Group and in 2008 was included in the Who’s Who in the World.

Today, Fryer develops business solutions that mitigate unified cyber and physical security threats, and operates Africa’s foremost cyber security managed service. He also consults to the continent’s most prominent defence, government, financial and mineral resources operations, as well as businesses in several other sectors.

See also