Threat Categories
Spoofing
Connect to drone with default password
Brute force network secured with weak password
ARPspoofing (maninthemiddle attack)
GPS spoofing
Tampering
Inject instructions to the drone from another source
File system backdoor
Information Disclosure
Intercept communication between the drone and controller like instructions and position information
Gain access to the camera and video stream
Inspecting operational logic and local data on device through reverse engineering of the app
Denial of Service
Attack to prevent the controller to communicate with the drone
GPS jamming
Elevation of Privilege
Access the OS of the drone and elevate to root privileges
REFERENCES
Last updated