The Drone Revolution: Capitol Prof Mulls the Cybersecurity Implications

With drones being used for a widening array of purposes, the level of public interest is high. Relatively little attention, however, is being paid to the cybersecurity implications, said Dr. Vincent Nestler during a Center for Academic Excellence (CAE) Tech Talk hosted by Capitol Technology University on Thursday (October 15).

Nestler, a California State University San Bernadino faculty member who also teaches in Capitol's cybersecurity program, joined Dr. Matt Miller, assistant professor of computer science and information technology at the University of Nebraska at Kearney, in a CAE “double-header.” The event, conducted online via Capitol’s distance learning platform, drew attendees from across the country. For recordings of their presentations, click here.

Nestler’s talk started with the question “what do drones have to do with cybersecurity?” While people don't always see the connection, he said, this is because many think of drones primarily in terms of being aerial vehicles.

Think of them as being complex computer-driven systems, and perceptions quickly change. In fact, Nestler said, “drones are all about cybersecurity.” Those who succeed in hacking into them may find themselves with powerful, lethal tools at their disposal.

As an example, he pointed to Iran’s capture of a US stealth drone, the RQ-170 Sentinel. The Iranians are widely thought to have pulled off this exploit by jamming the GPS signals that the drone was supposed to receive, and then feeding it new GPS signals that guided it into their possession.

Increased military applications of drones and robots present a dizzying array of potential hazards, and the security challenge is complicated even further when Artificial Intelligence (AI) is added to the mix.

“If AI becomes the disease, guns and ammo will not be the cure,” Nestler said. Rather, cybersecurity professionals will be called on to help.

Preceding Nestler, Miller kicked off the event with an introduction to reverse engineering, which he describes as “taking something and breaking it down in order to understand it, build a copy or improve it.” The process is important to cybersecurity analysts, who can use it to determine the functionality of malware and how best to respond to it.

His talk provided an overview of tools and techniques, including the use of “disassemblers” to translate machine code into assembly code. Miller also guided his students through examples of malicious code, drawing attention to the “tricks” used to circumvent detection or worm their way into a system.

It is a challenging and crucial line of work, he indicated.

“Understanding code can be difficult. If you have ever programmed code, you know that trying to write code is hard, and trying to understand somebody else’s code is really hard. Trying to reverse engineer code is even harder,” he told attendees.

The talks were hosted in real time over the internet using the Capitol Live platform. Access was free. The event drew a wide array of participants, including students and faculty from East Stroudsburg University, Kansas State University, New Jersey Institute of Technology, New Mexico Tech, Purdue University Calumet, New York University, Rochester Institute of Technology, the University of Dallas, University of South Alabama, Virginia Tech and other institutions.