Facebook Twitter Instagram
    • Privacy Policy
    • Contact Us
    Facebook Twitter Instagram Pinterest Vimeo
    AI Home SecurityAI Home Security
    • Home
    • Home Security
    • Cyber Security
    • Biometric Technology
    Contact
    AI Home SecurityAI Home Security
    Cyber Security

    New Electromagnetic Attacks on Drones Could Let Attackers Take Control

    justmattgBy justmattgJune 28, 2023No Comments2 Mins Read

    [ad_1]

    Jun 28, 2023Ravie LakshmananFirmware Security / Tech

    Drones that don’t have any known security weaknesses could be the target of electromagnetic fault injection (EMFI) attacks, potentially enabling a threat actor to achieve arbitrary code execution and compromise their functionality and safety.

    The research comes from IOActive, which found that it is “feasible to compromise the targeted device by injecting a specific EM glitch at the right time during a firmware update.”

    “This would allow an attacker to gain code execution on the main processor, gaining access to the Android OS that implements the core functionality of the drone,” Gabriel Gonzalez, director of hardware security at the company, said in a report published this month.

    The study, which was undertaken to determine the current security posture of Unmanned Aerial Vehicles (UAVs), was carried out on Mavic Pro, a popular quadcopter drone manufactured by DJI that employs various security features like signed and encrypted firmware, Trusted Execution Environment (TEE), and Secure Boot.

    Cybersecurity

    Side-channel attacks typically work by indirectly gathering information about a target system by exploiting unintended information leakages arising from variations in power consumption, electromagnetic emanations, and the time it takes to perform different mathematical operations.

    EMFI aims to induce a hardware disruption by placing a metal coil in close physical proximity to the Android-based Control CPU of the drone, ultimately resulting in memory corruption, which could then be exploited to achieve code execution.

    “This could allow an attacker to fully control one device, leak all of its sensitive content, enable ADB access, and potentially leak the encryption keys,” Gonzalez said.

    As for mitigations, it’s recommended that drone developers incorporate hardware- and software-based EMFI countermeasures.

    Cybersecurity

    This is not the first time IOActive has highlighted uncommon attack vectors that could be weaponized to target systems. In June 2020, the company detailed a novel method that makes it possible to attack industrial control systems (ICS) using barcode scanners.

    Other assessments have illustrated security misconfigurations in the Long Range Wide Area Network (LoRaWAN) protocol that make it susceptible to hacking and cyber attacks as well as vulnerabilities in the Power Line Communications (PLC) component used in tractor trailers.

    Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.



    [ad_2]

    Source link

    Previous Article5 Portable & Easy-to-Use Bulletproof Items for Use in Your Day to Day
    Next Article Russian Spies, War Ministers Reliant on Cybercrime in Pariah State
    justmattg
    • Website

    Related Posts

    Cyber Security

    Name That Toon: Last Line of Defense

    April 16, 2024
    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024
    Cyber Security

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Add A Comment

    Leave A Reply Cancel Reply

    Facebook Twitter Instagram Pinterest
    • Privacy Policy
    • Contact Us
    AI Home Security © 2025 All rights reserved | Designed By ESmartsSolution

    Type above and press Enter to search. Press Esc to cancel.

    ↑