Mary-Lou Smulders, Chief Marketing Officer at Dedrone provides a guide for teams managing drone threats at sites of critical importance.
The role of security professionals is constantly evolving as new practices and novel technologies continue to emerge. 2021 has certainly been a year of widescale adoption of cloud-based solutions which promise greater levels of flexibility and enhanced analytics to better understand and proactively negate issues before they arise.
Whilst technology does deliver greater opportunities for security teams, it can also be leveraged by bad actors as a tool to do harm. It is commonly recognised, amongst most sites of critical importance, that one major security concern is the rise of drones. The reason for such alarm is primarily due to a drone’s ability to bypass classic physical and cybersecurity solutions which have traditionally focused on thwarting a 2D entrance at the perimeter.
To date, there have been over 1,000 documented drone incidents and the numbers are growing exponentially. For example, in 2020 Dedrone saw a 217% increase in drone activity across a sampling of critical sites. So, what is the threat?
A starting point
If we study the most well-known incidents globally, most concerns range from acts of disruption to operational continuity, to sabotage, but some also include weaponised attacks. When considering this range of threats, it is essential to note that a drone does not present a new kind of threat but rather a new delivery mechanism for threats that are well understood. Therefore, security teams need to consider their current standard operating procedures (SOPs) before contemplating any forms of neutralisation techniques.
Before turning to technology to solve the problem, it is essential for the security professionals in question to consider the types of threats they see as being most probable for their asset. By identifying the most concerning kinds of threats – as well as the most likely locations these threats could occur – a site can then design and implement the best protocols and technology to address those threats.
The most common question asked in many conversations is: “How do I take down a drone?” In most instances, this is simply a brute force way of dealing with a problem and goes against all the fundamentals used in classic security approaches. For example, imagine deploying a taser on a suspected shoplifter before following basic intelligence gathering processes.
When examining potential technology solutions, it is essential that a security professional carefully considers a longer time horizon over a flashy silver-bullet C-UAS vendor claim. Below are some practical steps to enable the security professional to get to the answer that best suits their specific threat profile:
Step One – Conduct a risk assessment: Measure drone activity, define likely launch points and design passive mitigation processes.
Step Two – Achieve situational awareness: Capture and document patterns of drone activity and real time information.
Step Three – Build out SOPs: These protocols could include obstructing the view of sensitive data, coordinating with first responders and launching public awareness campaigns.
Step Four – Integrate with other data feeds: Consider the data and correlate it with other intel such as shift change schedules and information from onsite video management systems.
Step Five – Mitigation: There are many mitigation solutions available in the United Kingdom and around the world. To actively mitigate a drone is incredibly challenging and, in most cases, illegal. Additionally, the mitigation capabilities that do exist, such as cyber-takeovers (which only works with a few drone), net guns (which have a very limited range) and eagles are still very unreliable and require a considerable amount of improvement to be field ready.
Dedrone has hundreds of installations globally and we are seeing that our clients are primarily focused on steps one, two, three and four outlined above. As with any emerging market, clients are looking to system integrators and vendors to support their journey. Clients understand that when acquiring security solutions, decisions are often made based on price and convenience. Sadly, these factors are less transferrable in emerging markets, with a greater emphasis needing to be placed on capabilities and benefits.
As it stands currently, there are four principal ways to detect the presence of a drone – radio frequency, radar, optical and acoustic. Each of these detection methods has its merits and drawbacks and, consequently, it is essential to consider the following: Does the capability have a strong record of success and can it be proven with references?; What is the anticipated level of false alarms?; Is the solution passive or active?; Does the solution decrypt encrypted information (which is illegal in many jurisdictions)?; How easy is the detection method to spoof?
Beware of creating more issues
A common capability that is being offered to the market is based on reading broadcasted information being sent from the drone. Most drones use forms of encryption to ensure that data only arrives to its intended recipient. Taking the legalities aside, it is becoming commonly known that this primitive form of detection could end up causing more disruption in the future.
There have now been cases where bad actors are spoofing events and broadcasting to drone detection sensors. Consider the ramifications near your asset from this type of disruptive attack and consider whether relying on a broadcast-based detector offers any actual value for your organisation.
Whilst the necessity for airspace security is essential, it is vital that organisations and sites of critical national importance take a balanced and focused approach when protecting their assets. Do not think of silver bullets; instead, take a balanced approach with longer term horizons. Physical security concerns and challenges have been around for thousands of years and we still have plenty more of them to solve.
Finally, do not make decisions on convenience. Strongly consider what you are buying and whether it ticks a box or genuinely protects your asset.
Find out more at: https://www.dedrone.com/
This article was originally published in the January 2022 edition of Security Journal UK. To read your FREE digital copy, click here.