DJI drone tracking data exposed in the US

TedCruz

Level 5
Thread author
Aug 19, 2022
176
Original post at CyberNews: https://cybernews.com/privacy/dji-drone-tracking-data-exposed-in-us/


Over 80,000 drone IDs were exposed in a data leak after a database containing information from dozens of airspace monitoring devices manufactured by the Chinese-owned DJI was left accessible to the public.


Think twice before taking out your shiny new drone for a spin near the Cannes Film Festival, a prison, a nuclear power plant, or an airport. Enhanced security institutions use devices to monitor drone movement, posing a privacy risk to its owner.

Recently, the Cybernews research team stumbled upon an unprotected database with over 90 million drone-monitoring logs generated by DJI devices – the largest market player in the world that sells both drones and devices to surveil them.

The surveillance race

Used by the military, businesses, and consumers, drones are “fundamentally changing aviation.” Therefore, the US Federal Aviation Administration (FAA) envisions integrating drones into the National Airspace System (NAS) by identifying all unmanned aircraft systems (UAS.)

The FAA introduced remote ID – analogous to license plates for drones – to identify owners of all drones in case they are flying in an unsafe manner or where they are not allowed to fly. Remote ID will provide information about drones in flight – the identity, location, and altitude of the drone and its control station or take-off location.

But it seems that Chinese-owned DJI, already controlling the lion’s share of the drone market worldwide, got there first. In 2017, it introduced the AeroScope device to provide an in-flight drone identification system.

In fact, the company boasted about protecting the prestigious Cannes Film Festival 2022 from unsolicited intrusions from aerial cameras – AeroScope was used by police officers to watch for drones in the area’s no-fly zone.

“From temporary events like festivals, government events, and major sporting events to fixed sites like airports, prisons, and nuclear power plants, AeroScope is a simple, robust technical solution to provide immediate information about DJI drones in the area – from their flight paths to their pilot locations to their serial numbers,” DJI said.

The Shenzhen-headquartered company holds a whopping 70% of the global consumer and enterprise drone market, according to the Business Insider report from 2020.

DJI was blacklisted by the Biden Administration in 2021 for its alleged involvement in the surveillance of the Uyghur Muslim minority in China.

On October 5, 2022, the US Defence Department added DJI and a dozen other companies to a list of Chinese entities believed to be connected to the Chinese military. Pentagon paved the way to further restrictions on their businesses, arguing that access to advanced technologies is crucial for modernizing the People’s Liberation Army.

DJI was also in the spotlight after Ukraine’s Vice Prime Minister Mykhailo Fedorov accused the company of helping the Kremlin to kill civilians by allowing Russia to freely use DJI devices, including AeroScope, on Ukrainian soil.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top