The US Customs and Border Protection (CBP) and the US Department of Homeland Security (DHS) are reporting multiple incidents wherein drug traffickers and cartels have hacked drones or unmanned air vehicles (UAVs) patrolling the border. The hacking has facilitated illegal border crossing, according to the agencies.
Although UAVs have become ubiquitous with US military operations, drones have also been used closer to home by local law enforcement agencies including police and border patrol officers. They are smaller drones with a notably lower bar on cybersecurity, with budgets being smaller among border agencies compared to their military counterparts.
With a basement budget comes the lack of essential modules, one of which safeguards the drone from a GPS spoofing attack. A GPS spoofing attack is notable for its relative ease wherein rogue GPS signals sent to GPS receivers.
GPS receivers are standard fittings across all UAVs and traffickers have figured out the means to engage in GPS spoofing techniques. When the drone receives these false coordinates, it can be tricked into vacating a particular zone or area which could facilitate illegal border crossing.
In the event of a drone trying to correct itself and head back to its patrol area, the spoofing device used by traffickers feeds the rogue coordinates again. This back-and-forth continues in a cyclic loop until the drone runs out of fuel and has to return to base. It is in this window that traffickers are certain of the lack of surveillance and move across borders with impunity.
The obvious solution is to implement anti-GPS-spoofing hardware within the drone’s framework but this comes at a cost. The module itself is expensive and entirely bulky, which affects the drone’s mileage and flight time, compromising operations. This has resulted in an impasse between federal agencies and manufacturers.
As things stand, the drones are still vulnerable as long as they fly without the anti-spoofing module. To facilitate the process of increased research into cheaper and lighter modules, the DHS has already funded several research programs and is certain to implement the necessary anti-spoofing module when a feasible prototype is confirmed.
Image credit: Wikimedia.