There seems to be some confusion in the counter-drone space about the definitions of “cyber-takeover” and “spoofing.” I have even heard top industry experts, vendors and end users mixing up these terms.
Cyber-takeover and spoofing are NOT interchangeable, although they are mentioned often in the same context and have similarities. Spoiler alert: spoofing is basically a name for methods that are commonly used while performing cyber-attacks. In the C-sUAS sphere, it is often used as part of a defense tactic, either in standalone form, or as part of a more elaborate mitigation process. As an isolated method, spoofing does not offer nearly the same level of control or continuity for users as complete cyber-takeover.
Spoofing is a method of mimicking a transaction – whether the communication is IP, radio frequency or telephony-based – so it appears legitimate to the receiver. Such communications usually appear to originate from an expected source. Instead of containing data sent by the original entity, though, the received information is the data the spoofer has chosen to convey.
Some cyber-attack methods may include spoofing, combined with other methods, to coerce a target into functioning in a way that would make it vulnerable. The attackers can then use this vulnerability to complete the attack. However, spoofing can be used in a standalone fashion, making the target respond or act according to the spoofed information, without being part of a more elaborate cyber-attack – or in the case of C-sUAS, without a cyber-drone takeover.
If you make a drone “think” it is higher than it actually is, to give an example from the C-sUAS world, the drone will likely react by descending, in an attempt to reach its intended altitude. This can be repeated until the drone has touched down and stopped its engines.
The GNSS example involves broadcasting fake signals, without the cyber-control element – there is no takeover of the drone’s system.
Sidenote: in cases where the spoofed signal is relevant to parties other than the attacked entity, the consequences may expand beyond the desired effect of the attack and pose collateral risk. Broadcasting a fake GNSS signal, for example, could affect nearby cars or aircraft (as well as other drones) using GNSS-based navigation systems.
Effective counter-drone, radio frequency-based (RF), cyber-takeover solutions detect and then take control over rogue drones in the airspace. These types of systems neutralize the threat by allowing operators to take full control over the drone, lead it along a pre-defined safe path and land it in a pre-planned safe zone.
The reason it is necessary to distinguish between spoofing and cyber-takeover is because some people in the industry mistakenly think these two terms are the same, not fully understanding that takeover offers its users much greater control due to its cyber capabilities. This is important information for organizations evaluating potential C-sUAS systems.
Read about D-Fend’s counter-drone system.