Drones Were Vulnerable To Data Theft

Researchers at Check Point Technology discovered that an account takeover of commercial and consumer drones manufactured by the world’s leading drone vendor, DJI, could allow spying on enterprises, as well as hundreds of thousands of individuals. An attacker could gain full access to a user’s account across each of DJI’s account platforms and steal mostly cloud-based data, including user profile information and credit card details. The user would remain unaware of the problem. The researchers informed DJI, and the company responded appropriately. According to Check Point, there is no evidence that information was compromised, although the vulnerability clearly made a breach possible. The corporate use of drones has rapidly become ubiquitous, most notably in the manufacturing, agricultural and construction industries. Airlines have adopted drone technology to inspect machinery and infrastructure, and drones are used in large energy plants all over the world to inspect dangerous areas that were previously accessed by company employees.