- Input/Output Pins
- Multiple sensors onboard
- An accelerometer
- ArduPilotMega (APM) flight controller fitted on a drone he built himself.
- Mission Planner, a full-featured ground station application.
- Capturing, modifying, and injecting a data stream into a telemetry link connection over a serial port.
- Spoofing the connection to the ground station to take complete control of the interface.
Insecure Protocols Led to Installation of Malware
Also, Telemetry feeds for wireless remote data transmission, and monitoring of the vehicle could be intercepted and flight route of the Drone are shown a different path.
Researcher’s experiments only targeted drones that fly pre-programmed routes, UAVs specifically used in product delivery systems (such as mail, medical tests and food).
Design Flaws in Drones
Further he added, “Securing the firmware on embedded UAV modules, using secure bootloaders, and implementing authentication and encryption mechanisms,” could be some points that…
…an attacker can bypass any security measures, as nothing can be completely secured; similarly “Drones don’t necessarily have to be unhackable the goal should be to make them difficult and expensive to hack.”
- How propellers of his Drone can easily shred a stack of papers even at half of the speed needed to take off from the ground.
- Attacks against bootloaders, which are often not locked to signed firmware.