Gatwick: attack of the drones

Authors – French Caldwell and Richard Stiennon

Key takeaways –

  1. Air transportation infrastructure is particularly vulnerable to non-lethal attacks by drones
  2. Regulatory controls alone will not stop drone attacks
  3. Attacks like the one at Gatwick this week are a serious reputational blow to the drone industry and rapidly growing drone control software and analytics vendor ecology

For two nights in a row, people living along the flight path of London’s busy Gatwick airport have slept soundly.  Thanks to a drone attack that started at 9p.m. GMT on 19 December 2018, all flights have been grounded.  Sussex police have been playing whack-a-mole with whomever is controlling the drone or drones – every time they think they may be getting close, the drone disappears, only to reappear later.  Meanwhile Gatwick’s neighbors are experiencing life without jet noise, while tens of thousands of holiday travelers have been stranded. 

 Hacking geofencing.  This incident demonstrates in spades the fragility of critical infrastructure and the challenge posed by emerging technologies.  Drone pilots are required to follow rules that should prevent interference with airport operations, and the rules are enforced through the control system software for the drones.  Geofencing built into the software should shutdown drones that stray into restricted airspace.  The geofencing is built into either the application software on a smartphone or laptop external to the drone, or into the firmware internal to the drone – the former being the case for toy or hobby drones and the latter usually being the case for industrial drones used by businesses or government agencies.

 However, the mobile or laptop application software is most likely not un-hackable, and regarding industrial drones, former Gartner analyst Jeffrey Vining who has followed drone technology for over a decade stated, “The firmware is potentially hackable over the wireless connection from the operator to the drone,” enabling the operator to disable the geofencing.

 Drones have proven to be an effective means of disruption. The General Atomics MQ-1 Predator,piloted from remote workstations in Nevada, have wreaked havoc on suspected insurgents throughout the Mideast. In July, Houthi rebels claimed a drone attack against Abu Dhabi airport.  A Houthi military source said the armed drone flew 1,500km.  That claim of attack has been discredited but there have been drone attacks by Houthi in Yemen, most recently in April 2018.

There is no question that commercially available drones for hobbyists should have built-in systems that help reduce their ability to interfere with airports, freeways or stadiums, and perhaps avoid power transmission lines.  However, it will always be possible for hackers to circumvent those built-in controls or build their own flying devices with no controls at all.

Fragile infrastructure.  The infrastructure that is the network of airports around the world has proven to be fragile. Any frequent traveler knows that a major backup at a large hub like Dulles, or Heathrow, can have repercussions felt around the world as flights are diverted or delayed. The cause is usually weather, but the specter of a coordinated series of drone attacks that leverage this fragility calls for more robust defenses than regulatory-imposed controls alone. 

 Counter-drones and contingencies.  Counter-drone systems are already under development. The Silent Archer system from SRC combines drone sensing and targeting capabilities. ()Most counter-drone systems rely on radio frequency jamming to disable drones.One commercial venture, Apollo Shield,has a handheld device that looks like a futuristic rifle for taking out drones. Counter-drone laser and microwave systems such as those being developed by Raytheon for the U.S. military also offer a solution to interference by drones in restricted airspace.  However, intentionally crashing drones could introduce new problems, particularly for large drones where the hazardous materials from batteries or fuel may need to be dealt with following a crash. 

It would be easy to criticize Gatwick Airport for not recognizing their vulnerability to rogue drone flybys and investing in counter-drone technology. But, as always, the first victim is the test case for new attacks that illuminate threats. Now would be a good time for the U.K. Home Office and the U.S. Department of Homeland Security to work with air traffic authorities on drone attack contingency plans and start educating airport administrators on the need to invest in counter-drone technology.

Recommendations

  1.  Public and private sector operators of airports,railroads, highways, stadiums, and other high traffic infrastructure should develop and practice contingency plans for drone attacks
  2. Governments should accelerate drone air traffic control system projects, and include defenses and drone attack contingency plans in those projects
  3. Commercial drone manufacturers like DJI, Yuneec, GroPro, and the rapidly emerging drone geofencing and analytics software ecology, including vendors like Airmap, PrecisionHawk, sensefly, Airware and others, should develop common standards that support drone air traffic control and non-military counter-drone defenses

5G Most Disruptive Technology Change Ever

Always look at infrastructure changes to make easy predictions about the future. You could get very rich.

A decade ago I attended meetings around the world where the topic was “how can we, as a country, join the Internet revolution?”   Brazil and Columbia stick in my mind. Don’t even get me started on Australia and their wasteful endeavor to create a National Broadband Network(NBN). I never had the floor but I wanted to stand up and shout “deregulation!”  That is what sparked the internet revolution in the United States. In 1993, here in Michigan, it cost 8 cents a minute for telephone calls that went outside your immediate area code. You could be a mile away from your ISP’s nearest POP (Point Of Presence) and see outrageous phone bills that ratcheted up quickly at $4.80 an hour.  At RustNet we sold internet access for $19.50/month. If we wanted to get customers in a different area code we had to put stacks of dial-up modems in an office in that area code. Then we backhauled the traffic to our main office and sent the packets out to the internet through our upstream provider in Chicago. (Anyone remember Net99?).

The big break up of ATT had occurred in 1982 and the regional telephone companies (Baby Bells) started to compete for your business after the 1996 telecom deregulation. Per minute charges went away just in time to fuel the rapid growth of internet subscribers. By that time the telcos offered their own backhaul so you did not need to maintain huge stacks of modems in every POP. You just paid for a T1 to the telephone company’s Central Office (CO) and they delivered the calls to you.

In 1995 I published a business plan for How to Start an ISP. It gave me great visibility into the wave of deregulation that was sweeping the world. As each country figured out that per minute charges were holding them back they would deregulate, encourage competition, and I would see sales of the plan going to that country. South Africa and Mozambique used my plan as a starting point. The internet took off.  By 2005 you could tell which countries still had per minute charges. They had Internet Cafes because people could not afford to dial-in.

Of course 4G spelled the end to all that. Now you can get internet on your phone and, if you can tether your phone to your computer, you use that for internet access. I can get 95 Mbs over Verizon 4G.

Well 5G is going to explode many things. And it is coming fast. Ericsson predicts there will be one billion 5G subscribers in six short years.

What is different about 5G?  It is very, very, fast. Huawei has tested 5G connections at 70 gigabits per second. Gigabits. At that speed even immersive experiences like SecondLife will work. No wonder people are excited.

But what could this do for security?

5G introduces new networking paradigms. It is going to have dramatic effects on the Internet of Things (IoT) as very small, low power radios will be able to connect. That will pose an opportunity for data theft and continue the weekly news cycle of privacy violations that we have come to know and love.

But think about what these speeds will do to your typical enterprise (and SMB) networks. Why would anyone use the pokey internet connection at work when they get 5G at home and on their smart devices?  Businesses have already moved the critical tools they need to the cloud, (email to Office365, document sharing to Microsoft hosted Sharepoint or Google Docs, or DropBox, HR systems, Salesforce, etc.) They don’t need your network at all. And if you force them in through a VPN they are going to be tunneling through your pokey network to get access to those mission critical services.

Ever see the scene in Gettysburg where General Buford rants about how clearly he can see what will happen in the morning? 

The hardwired connection is dead for office use. Sure, every firewall vendor will add 5G radios to their UTM devices for remote offices and HQ, just as they have added 4G. But going through a gateway means dealing with the slow wifi in the office.  It will be faster for users to jump on the 5G network themselves. So they will.

Goodbye cable triple play. We won’t need twisted pair, CAT5, or fiber to the home anymore. All home devices, including your TV, will connect directly to the internet via 5G.

New, very fast growing, businesses will start up to address these problems.

Here is what happens next.

Stage 1. A startup that is probably already out there will introduce a policy overlay to the carrier networks. An enterprise will just enroll all employ devices and manage what they can do over the network. It will be like a virtual UTM. They will encrypt traffic, filter content, and apply firewall rules. Managed Service Providers will do that policy work for SMBs.

Stage 2. The carriers will recognize that they have created a monster as every enterprise starts cancelling their lease line subscription. Seeing the opportunity they will start to develop their own service offerings for security.

Stage 3. One carrier, late to the game, will acquire the fastest growing 5G security management platform from Stage 1.

Stage 4. All the other carriers will cut off that 5G management platform for their own networks and make their own acquisitions.

Stage 5. All carriers will bundle security into their offerings. Network security will finally be part of the internet.

 This whole time frame will play out by 2030.

Thank you technology.

Originally published at Forbes.com December 6, 2017