A big rise in drone use is likely to lead to a new wave of “dronejackings” by cybercriminals, security experts warned Tuesday.
A report by Intel’s McAfee Labs said hackers are expected to start targeting drones used for deliveries, law enforcement or camera crews, in addition to hobbyists.
“Drones are well on the way to becoming a major tool for shippers, law enforcement agencies, photographers, farmers, the news media, and more,” said Intel Security’s Bruce Snell, in the company’s annual threat report.
Snell said the concept of dronejacking was demonstrated at a security conference last year, where researchers showed how someone could easily take control of a toy drone.
“Although taking over a kid’s drone may seem amusing and not that big of an issue, once we look at the increase in drone usage potential problems starts to arise,” he said.
The report noted that many consumer drones lack adequate security, which makes it easy for an outside hacker to take control.
Companies like Amazon and UPS are expected to use drones for package deliveries — becoming potential targets for criminals, the report said.
“Someone looking to ‘dronejack’ deliveries could find a location with regular drone traffic and wait for the targets to appear,” the report said.
“Once a package delivery drone is overhead, the drone could be sent to the ground, allowing the criminal to steal the package.”
The researchers said criminals may also look to steal expensive photographic equipment carried by drones, to knock out surveillance cameras used by law enforcement.
Intel said it expects to see dronejacking “toolkits” traded on “dark web” marketplaces in 2017.
“Once these toolkits start making the rounds, it is just a matter of time before we see stories of hijacked drones showing up in the evening news,” the report said.
Other predictions in the report included a decrease in so-called “ransomware” attacks as defenses improve, but a rise in mobile attacks that enable cyber thieves to steal bank account or credit card information.
The report also noted that cybercriminals will begin using more sophisticated artificial intelligence or “machine learning” techniques and employ fake online ads.
