drone data security

DAVID WALTERS
Are you adhering to your clients data security and privacy requirements, as well as your own?  Not long ago, the US banned Chinese CCTV Cameras on critical infrastructure.  The UK recently raised similar concerns.  A similar story that’s been bubbling away for a while now is finally out: The US Army has issued a Memorandum enforcing the discontinued use of DJI Products due to cyber security concerns.

To understand how we got here, let’s backtrack a bit to the good old days.  The wookong flight controller was all we needed. It was one of the most reliable on the market, it made self-builds easier to manage and maintain, and it could be flown without the aid of an iPad.

Modern “smart drone” systems, on the other hand, are easy to fly right out of the box.  DJI is capitalizing on its advanced user-friendly technology.  The new DJI Spark can literally be launched and landed using only the pilot’s hands.

These systems are wonderful, but what’s really happening with the all the data these drones generate?  These include, at a minimum:

  • Flight Log Information
  • GPS Positioning
  • Aerial Sensor Captured Data (e.g. photographs or video)
  • APP Stored Data

In the good old days, data was easy to control because these data were siloed into their respective systems.  For example, any imagery was contained within the camera, and any flight data was contained within the system. None of it was connected to the internet, and at best could be accessed only locally via a laptop for updates and trouble shooting. IOSD contributed very little to that accessibility.

Modern systems from DJI sync all of the above data back to the DJI Servers when requested by DJI, so long as the pilot is logged in to the DJI app.  This will inevitably include some of the pilot’s payload data which is included in the flightlog.  To reiterate:

  • DJI includes in your flight log images from your flight.
  • DJI syncs your flight logs to their servers.
  • DJI’s app stores cached data from your Apple or Android device when offline and syncs that data when online.  This includes audio, video, and image data.
drone data security
Fig 1: Screenshot from the DJI GO app

Figure 1 is from a recent critical infrastructure inspection I performed. As you can see, it appears in the app, but I didn’t take this image. It’s a still image that DJI captured on its own, embedded in the flight log, that syncs to DJI servers when requested (see the blue cloud icon).

Can you see where the US Gov is coming from now with their recent ban now?

In fact, the DJI Go app communicates with a whole list of servers while your system is logged in.  Some pilots are blocking those links (click here to see their work).  What are all those comms, and where are they going?

One clue lies within the hardware: modern DJI models have hidden secondary microSD cards installed to log flight data. They are mentioned loosely under Feature Highlights in the Inspire 2 Manual:

Flight controller: The flight controller has been updated to provide a safer, more reliable flight experience. A new flight recorder stores critical data from each flight.

Similar cards have been found on the DJI P3, P4, Inspire 1, Inspire 2 and the Mavic.  One would expect the M600 also includes a card, but this has not been confirmed yet.

dji hidden sd card
Fig 2: Taken from the DJI Forums, where a Mavic user discovers a hidden SD Card.

Figure 2: Taken from the DJI Forums, where a Mavic user discovers a hidden SD Card.

So what does all this mean from a data security perspective? Let’s look at it from the clients perspective:

Client : Thanks for doing such a great job, the images look great.

Pilot: Thanks, here is the media release form.

Client: Great, can you confirm this is the only copy of the data

Pilot: ???

Can you confirm with any certainty that you own the only copy?

This affects any client whose location or content needs to remain private – anything from film sessions to survey data.  The copyright and data security infringement costs could add up quickly if that data is insecure.  This data privacy and security is even more important for emergency and government services, such as a police task force monitoring a sensitive diplomatic subject’s position.  For further reading, here’s a great article by TechCrunch on Data Privacy.

So what happens next? Will the UK follow suit?

In my opinion, this was probably shared with the UK before the registration system was raised, and I believe the UK will follow suit.  The fallout from the US Army’s decision will stretch far beyond the US itself.

So what can I do?

  • There are “closed” systems on the market where data within the system and payload are separate. This separation offers enhanced security compared to merged systems like DJI’s. Aerialtronics is a prime example of a secure and safe system, and even offers the possibility of video encryption between the UAS and the operators.
  • Ensure you fully understand the system you’re flying, and the data security and privacy policies of your clients.
  • Consortiq now offers an Enterprise Grade Secure Solution for managing your flight log data, on an instance that only you have access to called CQNet. For more information click here.
  • Remember: your flight data is just as sensitive and critical as your payload.

To understand the architecture around how CQNet is keeping your flight data secure, more information can be found here.

For further reading, check out this article by Kevin Pomaski.

******************** Updated Statement from DJI ************************

08-08-2017

Firstly I think it’s great that DJI are responding to the Army Statement with some valid points. I have copied below the latest statement from Adam Lisberg the Communications Director from DJI and he does raise some valid points.

Hello to all of you who have written about the US Army memo about DJI drones. Below please find an updated statement from DJI, which you can attribute to me personally as a DJI spokesman or to DJI generally, whichever you prefer. As this should make clear, we still don’t know exactly what the Army’s objections are, which makes it rather difficult for us to respond to them, but we’re continuing our efforts to find out so we can address those concerns. If you have further questions, please send them my way. I’ll answer them as best I can.

 DJI makes civilian drones for peaceful purposes. They are built for personal and professional use, and are not designed for military uses or constructed to military specifications. We do not market our products for military customers, and if military members choose to buy and use our products as the best way to accomplish their tasks, we have no way of knowing who they are or what they do with them. The US Army has not explained why it suddenly banned the use of DJI drones and components, what “cyber vulnerabilities” it is concerned about, or whether it has also excluded drones made by other manufacturers. 

Around the globe, businesses and governments rely on DJI to provide an aerial perspective on their work to save time, save money and sometimes even save lives. Even in highly sensitive applications involving critical infrastructure, customers use DJI products with confidence that they can accomplish their tasks. DJI has worked hard to earn our reputation as the drone industry’s leading innovator, and we will continue to provide solutions that our customers can depend on. If any of our customers have questions or concerns about DJI’s technology, we ask them to contact us directly so we can work to address them.

Adam Lisberg

Corporate Communication Director, North America

DJI Technology Inc.

adam.lisberg@dji.com | www.dji.com

********************************************************************************

Thanks for the comments all, the above applies to all systems not just DJI, the only reason DJI are the topic is because of the recent noise and my own experience with there systems.

it’s about how users control the data that’s the important thing here the UAS is irrelevant.

Users are now not logging in to the Go Account and not even syncing flights to ensure some control. I used to fly with an IPAD with no data connections to ensure no data left and also to ensure no updates occurred mid flight.

*******************************************************************************

08/08/2017

I have added some additions highlighted in bold and underlined that Adam Lisberg from DJI has requested. To highlight that the sync is done when requested by the User.

In my opinion, it still comes back to the point that no matter what UAS you are operating, as a user, you must understand fully what your UAS is capturing from aerial data, and flight log data and where that data is stored and migrated to when using these.- DW

****************************************************************************

08/08/2017

Firstly I would like to thank DJI for approaching me regarding the article. In addition to the below article, Adam Lisberg shared with me this statement during our conversation which I have permission to share to enable a better understanding of what encrypted data is communicated to DJI Directly

There are encrypted data packets that can go back to DJI servers. That data may include what country the drone is in (so we can send the right geofencing coordinates and instructions on which communication bands to legally use); the app version you’re using; what email address you used to log in; and other similar data that does not indicate anything about where you’re flying or what data you’re collecting.


From the DroneSec team…

This was a guest post by David Walters originally published on LinkedIn here. We first came across David in his interview with sUAS news which you can watch below.

Get in touch with David.

If you enjoyed this article and would like to get in touch with David, please contact him via LinkedIn, Consortiq or email at: david.walters@consortiq.com.

Join the discussion: