Israel recently agreed to purchase a series of F-35 Lightning II Joint Strike Fighter jets from Lockheed Martin, with the first scheduled to arrive later this year. The F-35 Lightning is one of the most advanced fighter jets in the world, reportedly able to conduct electronic countermeasures.

Drone-Led Cyberattacks: An Emerging Threat

The computing capabilities of the F-35 allow for real-time intelligence sharing with both air and ground forces, making this jet a leader in intelligence gathering with meticulous striking capabilities. As the speed of innovation continues to accelerate, it’s easy to imagine this technology becoming available to civilians — not to mention cybercriminals.

Will drones, whether military, commercial or civilian, be used to facilitate targeted physical and logical attacks against organizations in the future? Drones are still relatively new in the consumer space, but the industry is continuously growing.

While every country controls its airspace differently, the Federal Aviation Administration (FAA) suggested that hobbyists and commercial entities in the U.S. should register all drones. As we know, however, criminals and other bad actors don’t follow laws and regulations.

Seeds Have Been Sown

Could fraudsters use drones to attack your network? It’s not that far-fetched. In 2015, leaked email communications revealed that a spyware vendor, Hacking Team, and a subsidiary of Boeing had considered designing a drone capable of intercepting communications and infecting targets using Wi-Fi networks nearby.

Additionally, researchers at Singapore University of Technology and Design have developed a way to deploy drone-led man-in-the-middle (MitM) attacks to eavesdrop on wireless print jobs by exploiting wireless printing networks within organizations. Researchers reportedly conducted this exercise to raise awareness to IT departments of vulnerabilities surrounding unencrypted wireless connections, even within secure office space.

Infiltrating and inserting malicious code into unsecured or improperly secured Wi-Fi networks is a known attack vector for fraudsters and cybercriminals to launch MitM attacks and other exploits. This experiment shows that inexpensive, consumer-owned drones can be used to carry out these types of malicious attacks.

Attacks From the Sky

How can organizations defend themselves against these types of threats? Thankfully, drone-led cyberattacks have yet to become mainstream. However, the prospect highlights the need for a potential shift in organizational security.

In the days before computer technology, bank robbers, shifty employees and economic downturns were the biggest threats to banks and financial institutions. When computer technology emerged along with the World Wide Web, business became global, and financial crime shifted to a mostly faceless, technology-driven threat.

Drones carrying cyberattack technology pose a threat because they could bypass physical controls. Theoretically, a drone could fly above a major bank or financial institution and conduct a malicious cyberattack from the sky. Such an attack would come without warning and be over before your morning coffee is complete.

Fighting Cyberattacks With Cyberattacks

Will organizations have to adopt drone-fighting tactics? Maybe so; there is technology being created to assist in this process. MalDrone, for example, is the first backdoor malware developed to hijack drones remotely. MalDrone can reportedly interact with the drone’s device drivers and sensors silently, allowing the attacker to control the drone remotely.

The technology is unique in that it can attack all drone makes and models, where previous drone malware attacks were specific to a make and model. This would effectively allow organizations to intercept the malicious attack and take the drone down, fighting a cyberattack with a counterattack.

Luckily we are not yet living in a world where the threat of drone-led cyberattacks are mainstream. But threats will continue to evolve as fast as technology is created. We must look into all angles of security, both physical and digital, when devising security plans to keep organizations safe.

More from Advanced Threats

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however, it’s important to understand how to build, implement and mature a repeatable, internal threat hunting program. What are the components…

Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data

Shopping online is an increasingly popular endeavor, and it has accelerated since the COVID-19 pandemic. Online sales during the 2021 holiday season rose nearly 9% to a record $204.5 billion. Mastercard says that shopping jumped 8.5% this year compared to 2020 and 61.4% compared to pre-pandemic levels. Cyber criminals are not missing this trend. The Ramnit Trojan, in particular, is out for a shopping spree that’s designed to take over people’s online accounts and steal their payment card data. IBM…

Detections That Can Help You Identify Ransomware

One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span geographies, industries and affiliations. Leveraging that access and knowledge against the ransomware threat has revealed tools, techniques and procedures that can often be detected through the default Windows event logs (WELs). In particular, the X-Force IR team has identified several…

How to Report Scam Calls and Phishing Attacks

With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They're not using ransomware to do that so much anymore, though. Not since the rise of big game hunting, anyway. This term marks ransomware actors' shift away from attacks against individual users and towards operations targeting large enterprises, noted CNBC. But attacks like phishing and…