Hmmm, we can already seize your stuff, so why can't we shoot down your drone, officials mull
We're spying on you all the time, so why cry over a missing quadcopter – Feds
The US government is worried about its capacity for discrimination, at least with respect to drones.
It wants to extend its military's right to seize, surveil, or intercept drones to civilian agencies, the FBI, and criminal prosecutors. Rather than let Uncle Sam's armed forces have all the fun, why not give federal busybodies the right to stop or potentially shoot down flying gizmos.
"One of the biggest challenges for our federal security partners is threat discrimination – knowing who is flying where helps the FAA and our security partners understand what the operator’s intent may be, and is critical to threat assessment and response," explained Angela H. Stubblefield, deputy associate administrator for security and hazardous materials safety at the Federal Aviation Administration in prepared remarks on Wednesday.
Stubblefield delivered her testimony – an abridged version of her published commentary – before the Senate Homeland Security and Governmental Affairs Committee, during a hearing titled "Countering Malicious Drones."
The government gathering served as an opportunity to hear about the need for a recently proposed bill, the Preventing Emerging Threats Act of 2018 (S. 2836), which was co-sponsored by the two US senators running the show, Senator Ron Johnson, (R-WI) and Senator Claire McCaskill, (D-MO).
The bill would empower the Department of Homeland Security and the Department of Justice to surveil and seize drones, a power already accorded to the Department of Defense for national security.
The American Civil Liberties Union opposes the bill on the grounds that it's vaguely worded, lacks accountability provisions, and raises property and privacy rights concerns.
Drones, the coming threat
Drones, or Unmanned Aircraft Systems (UAS) for those who prefer the bureaucratic bowdlerization, represent a vessel for the investment-inspired hopes of entrepreneurs and the budget-buoying fears of law enforcement agencies.
Boosters of the flying machines tout their potential for delivering medicine, products and pizza, surveying, photography, and surveillance. Detractors point to alternative payloads – drugs and explosives – which have already been tried with some success.
Scott Brunner, deputy assistant director of the FBI's Critical Incident Response Group, in his spoken and written testimony warned that terrorists and criminals are already using drones – groups perhaps inspired by the drones used against them.
Drone 'swarm' buzzed off FBI surveillance bods, says tech blokeREAD MORE
"Drug traffickers have used UAS to smuggle narcotics across the US southern border, and criminals have used UAS to deliver contraband inside federal and state prisons," he said. "Similar to national security threat actors, criminal actors have utilized UAS for both surveillance and countersurveillance in order to evade or impede law enforcement."
And further malicious activity is anticipated. These threats, he said, could take the form of illicit surveillance, payloads involving chemical, biological or radiological weapons, or kinetic attacks against exposed facilities or events. It was also suggested that drones could assist with man-in-the-middle attacks on WiFi networks.
At the hearing, a video of an ISIS-flown drone dropping a grenade was shown to hammer home the threat.
Brunner said the FBI welcomed the the Preventing Emerging Threats Act of 2018. That's not entirely surprising given that the DHS, FBI and FAA helped develop the language of the bill.
The FAA, Stubblefield, said wants to see drone operators identified, for the sake of public safety.
"Anonymous operations in the National Airspace System are inconsistent with safe and secure integration," she said, adding that the model aircraft exemption makes it nearly impossible for the agency to develop new safety regulations and promotes the misperception among recreational drone users that they're not required to follow basic safety rules.
Bureaucracy steps in
While future rules such as those proposed in S. 2836 have to be hashed out through the legislative process, past rules have allowed the FAA to move forward with technical systems designed to support its regulatory mandate.
Recently, the agency in April began beta testing what it refers to as Low Altitude Authorization and Notification Capability (LAANC), which is intended to allow drone operators to get automated FAA clearance for planned flights while alerting air traffic controllers. It's a part of the planned UAS Traffic Management system, which will allow drones to be operated out of operator line-of-sight – a current requirement.
To further assist in separating the good drones from the bad, the US government is expanding its forensic arsenal.
The National Institute of Standards and Technology (NIST) maintains a library of forensic images of devices like computers and mobile phones known as Computer Forensic Reference Datasets, or CFReDS.
These data dumps are used by investigators and academic researchers as a digital baseline to which other devices can be compared. Recently, drones joined the list of samples.
Last year, under contract from the US Department of Homeland Security, cybersecurity biz VTO Labs began archiving drone image files. The archive currently holds 14 types of drones and that number is expected to reach 30 by December.
According to NIST, the data that can be retrieved from drones includes serial numbers, flight paths, launch and landing locations, photos and videos, and (in one case) credit card numbers. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Federal government of the United States
- Government of the United Kingdom
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Privacy Shield
- Trusted Platform Module
- Zero trust