The Department of Homeland Security (DHS)/National Protection and Programs Directorate (NPPD)/Office of Cyber and Infrastructure Analysis (OCIA) assesses that unmanned aircraft systems (UASs) provide malicious actors an additional method of gaining undetected proximity to networks and equipment within critical infrastructure sectors. Malicious actors could use this increased proximity to exploit unsecured wireless systems and exfiltrate information. Malicious actors could also exploit vulnerabilities within UASs and UAS supply chains to compromise UASs belonging to critical infrastructure operators and disrupt or interfere with legitimate UAS operations.
UAS FACILITATE PHYSICAL ACCESS TO UNSECURED SYSTEMS
UASs provide malicious actors an additional method of gaining proximity to networks and equipment within critical infrastructure sectors. Malicious actors could then use the proximity provided by a UAS to wirelessly exploit unsecured systems and extract information from systems they cannot otherwise access remotely or may not be able to access due to range limitations. This includes networks and devices within secured buildings, as well as networks and devices behind fencing and walls.
UASs can also allow a malicious actor to wirelessly exploit vulnerabilities from a distance (figure 1). The prevalent ownership and operation of UASs by the general public, the distance from which UAS can be operated, and a lack of tracking data can also provide malicious actors a level of anonymity that otherwise may not be available. UASs, in particular UASs, are typically more difficult to detect than a malicious actor attempting to trespass beyond physical barriers.
UAS FOR WIRELESS SYSTEM EXPLOITATION
Malicious actors could utilize UASs in order to wirelessly exploit access points and unsecured networks and devices. This can include using UASs in order to inject malware, execute malicious code, and perform man-in-the-middle attacks. UASs can also deliver hardware for exploiting unsecured wireless systems, allowing malicious actors persistent access to the wireless system until the hardware is detected or runs out of power. While OCIA does not know of a confirmed incident utilizing UASs to exploit wireless systems, researchers have demonstrated this capability.
MALICIOUS ACTORS CAN EXPLOIT COMPROMISED UAS
While UASs can be used as a tool for an attacker, they are also vulnerable to exploitation. Many commercial UAS variations, for example, currently communicate with ground stations and operators using unencrypted feeds. This can allow a malicious actor to intercept and review data sent to and from the UAS.