Toy drone companies are not known for their cybersecurity finesse. Twice at this year’s annual hacker conference DEFCON, presenters demonstrated hacks on the Parrot series of drones that sent them crashing to the ground.
One, from Planet Zuda’s Ryan Satterfield, uses Wi-Fi and connects to an unsecured network port on the drone itself. With a simple text command, Satterfield sends a hovering drone crashing to the ground, like this:
Another hack, by Beltway-based security researcher Michael Robinson, takes advantage of the free Parrot app and the drone’s open Wi-Fi connection. With the right attack, Robinson switched control of the drone from the original pilot to a different Parrot app user.
These attacks are fairly basic, and according to Ars Technica, both researchers have informed Parrot about their drone’s vulnerabilities. While somewhat trivial for a toy, such weaknesses suggest caution when flying them for anything other than fun.
[via Ars Technica]
Update An earlier version of this post misstated the group that Ryan Satterfield belongs to. It is Planet Zuda, not Project Zuda.