A researcher working for IBM developed a method to hijack police drones and was able to take control of the drone and prevent the original operator from regaining control. The exploit was developed by Nils Rodday during his time at the Netherlands’ University of Twente as a graduate researcher and presented at the RSA Conference, according to Wired.
In explaining how he was able to take over the police drone, Rodday said it came down to a practice of leaving the protocol between the drone and the controller unsecured. By dropping encryption, the operator gets rapid transmission of commands between the two points, but leaves it open to an attacker using the same signal as the drone.
Changing the drone’s protocols and make it so that the signal can’t be hijacked was the method of protection with additional hardware could be needed to compensate for commands.
Rodday’s studies weren’t meant simply to poke holes in the security of a particular manufacturer’s drones, but to point out that law enforcement could be exploited from the skies because of weak encryption. The manufacturer of the model wasn’t given, but Rodday did notify it of the vulnerabilities and it was said that the company planned to fix it in the next model released.