The Question: In class I showed a DJI Tello drone. I explained that the drone uses the internet protocols for its communications. That is, the drone is a wireless access point. The drone controller (usually a phone) connects to that access point and they communicate using the UDP protocol. This communication includes
Please answer the following questions briefly (and in your own words):
a.) If the wireless connection is not encrypted, could the connection be eavesdropped?
b.) What would it mean to DoS or DDoS the drone? How might you do this?
c.) What are some things you could do with a man-in-the-middle attack on the drone?
a) Yes, if the wireless communication is not encrypted, it could be eavesdropped using another device. The device may be kept in between the controller and the drone. The signals may be interrupted in between and can be analyzed because the messages are in plain text.
b) DoS is short for Denial of Service. This is a type of attack in which the attacker floods the victim device with superfluous packets. In DoS attack, the attacker sends a huge number of TCP, ICMP or UDP packets to the victim making it effectively disabled, since it cannot accept requests from actual clients. This leads to the clients being unable to access the server and hence the service is denied to them. There are various ways in which DoS attacks can happen. One is the buffer overflow attack in which the attacker consumes all of the victim's hard disk space, memory or CPU time leading to slow processing in the server. In another way, called Flood attacks, the attacker consumes the entire bandwidth of the server, oversaturating its capacity.
DDoS is short for Distributed DoS. This is different from DoS in the following way: In DoS, a single device is used as the attacking device. But in DDoS, multiple devices are used as the attacking devices. DoS can be blocked by blocking communication from the attacking IP Address but that is not possible in DDoS since there are a huge number of attacking IP addresses. This happens often in the form of a botnet.
c) Man-in-the-middle attack happens when an attacker secretly receives and possibly alter the communication that happens between two parties in a communication. This usually happens in the form of eavesdropping. The attacker can manipulate the messages that are transferred between the devices.
In this scenario, the man-in-the-middle or the attacker can send malicious control instructions to the drone, for instance, increase the height when there are obstacles above so as to destroy the drone, or come down quickly and crash land, etc. Also, the messages from the drone can be interrupted and can be used to destroy the video signals or send fake video back to the controller. It can also send incorrect height or battery info to the controller, both of which can harm the drone later.
The Question: In class I showed a DJI Tello drone. I explained that the drone uses the internet protocols for its communications. That is, the drone is a wireless access point. The drone controller (u...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...