US Army Bans Chinese DJI Drones

Author: Brian Karas, Published on Aug 08, 2017

The US Army has issued a ban on Chinese-made DJI drones.

A US Army memo obtained by sUAS News references a classified document from the Army Research Laboratory titles "DJI UAS Technology Threat and User Vulnerabilities".

Inside this note, we examine the specific technical issues involved and contrast it to issues in video surveillance with Chinese government owned Hikvision.

*** ** **** *** ****** * *** ** *******-**** *** drones.

*** **** **** ******** ** **** ************** * ********** ******** **** *** **** ******** ********** ****** "DJI *** ********** ****** *** **** ***************".

****** **** ****, ** ******* *** ******** ********* ****** ******** and ******** ** ** ****** ** ***** ************ *********** ********** ***** *********.

[***************]

Army **** ********* *** ******** *****

****** ********* *** *** ********, *** ** *** ********** ****** of *** *********, *** **** **** ** ** ********* **** all *** ********* *** ************ ** ******* **** *** ** Army *********. *** **** **** ** *** ** ** ********* removal ** ********* *** ******* *****, ******** ** ******* **** the ******* ** ************ *** *** ***/** ******** ********* **** out ** *** ****'* *******.

DJI ********

***, ***** ** ********, ** * ********* ***** ************, **** ~$1.5 ******* **** *******. ***** ******** ****** **** ******* *** professional *********, *** *** ********* ** ** **** ** *** with ******* ******** ********. ****** **** ** *** **** ******-******** drones, **** *** ****** **** ** **** ** ******** ********, as **** ** ** ******* ******** ****** **** ****.

No ******* ********** ****

** ****** ***** ******* ***, ** *** **********, *** *** Chinese ********** **** ********** ** **** ** *** ** **** notice. ******* ****** ** ****** ******* ** **** ******** ** other ******** ** ***/******* ********** ****. ****** *** **** **** the ******* ** ***** ** ***** *** ******* * ***** for *******, *** ** **** ****** ************* *** *********/******* *** Chinese ********** *** ***** **** ********** ***** *****.

Army *** ** ******

***** *** **** **** ********-******** ********, (*.*.: ******* / **** ******** *****), *****-**** "********" ********, ************ ***** **** ***, *** **** as ****. ** **** ***** ***** ******** *** ******** ******** by ******* ***** ****** *** ****, ** ******** ** ******** themselves.

DJI **** *******

***'* ******* ********** *** ******* ********* ** *** ***** ** **** *********, but **** **** *** ************ ******* *********** ***********, **** ** GPS ***********.

****** ****** *** ***** **** *** ****** ******** ** *********, the ***** **** ****** ** *** *** **** *********** ** value. ****** ** ********* *** *********** ** *******, ****** **** access ** *** ****, ********* *** ******* **********, ***** *********** discern ********* ** ********* *************, ***** *******, ** ***** *********.

Concerns *****

*** *** ********** ****** **** ** ******** **** ******** **** the ******* ********** ** ***** ****. ***** ******* ****** **** ** ** ******** *** **** may *** ** ******** *********** ********* ** ***** ******:

*** **** ****** *** ****** **** ********* *****, ** ** locations **** ***** *** **** *********, ***** **** ***** ****** to ** ********* **** ***'* ******* ********.

************, *** ***** ** *** ********** *********** ** ***** ******* has **** ********* ** ******* ***** ***** (*.*.:*,*,*,*).

Communication **** *** ********* ** *****

**** ****, *** ********** ** ****** **** ********** ****** *** way ** *** ******* ********* *************.

***** *** ****** *** ** **** ** * ****** **** prevents **** **** ********** ** *** ******** ** ***** ******* networks, ********** **** ***** **** **** ** ******* * ******** update,***** ******** *********** ******** *** *** ********** ***.

*** ******-***** **** **** ** ******* *** ****** *** **** collect *** ***** ****, ***** *** ** ******** **** *** app *** *** *****'* ******** ***********.***** **** ********* ******** ***** *** *** ***** ********* ****.

**** ********* ** *** *** *** ********** ********, *** ** 2016 *** ******** ** ********** *** ****, ********* ** ******* references ** ***-******* ***** *********** (**:********** *********). **** ***** ** ********* *** ***** ** **** ******* what **** ** ******* **** ** ***, ** **** ** gets ****.

Hikvision ****** ************

*********'* ******* ************** ******* ******* ** ***'*:

**** ***, ********* ****** **** *** ******* *** ***** *********** with '***********'.

***** ** ******* *** ***-*********** ** ******** ** ******* ** *** ***** ** **** data, ****** **** ** **** ** ***** **** ****** "******* leakage" *****, *** ******* ***** **** ** *********:

********* **** ******* ************** *** ********* *********** ****** ***** ** ******* *****.

Data ******* ******** *** *********

********* *** ******* ******* **** *"***** ****" ************** ** *******. ***, ** ****, *********** *** ******* ** **** ** *** ********, *** *** ********** *** **** ** *** ******** *** the ****** ** ******** ********** **** ** ********* *******.

Hikvision, ***** ******

*** ** **** ******** *** ***** ** *********** *** *********, as *********'* ******* ********** ********* ***** ****** ** **** ******* cause *** *******. ********* *** ******* ***** ************ **** ********** outbound ********** ******** **** ******* ** ********* *******, *** ********* makes ** ****** ********* **** ******** **** ***/** ***** ** NOT ********* *** ****** ** ***** *******.

***** *********'* ******* ** ******* **** ***, *********'* ********** ***** recognition ** **** ***** **** *** *** ********* *** ** the ** ******** ** **** ****** *** **** **** ***, both ******* ********* **** ******* *** ********* **** ******* ** US ******** *******.

***** **** **** **** *********/*****/***. ***** **** *** ******** ** send **** ** *** ******* **********, ** *** **** ****** that ***, ******* ******* *******, **** ******* *********** *** **** it ** *** *******. ***** ******* *** * ****** ********* for *********** ********* ***** ******* ******* **** **** ****** ** sensitive ****, *** * ***** ** ****** ** ** ****** servers, **** ******** * ******* ****** ** ******** ***** ****.

**** ***** ** *** ** **** **** ***** **** ** Hikvision, *** ** * ****** ****** *****, *** ************ ********** in *** **, *** ********** ** ****** ***** ******** ** larger **********-***** ***********, ***** ** ********** ************* ***** ********* ******* for. ** **** ** *********** *** ***** ********* ** ***** that ***** ******** **** *** ********** ******* *** **** ********* information ** * ****** ******* ** ***, ***** ***** ****** US ***** ** ********-********* *************.

UPDATE - *** **** ***** **** ****

*** ** ****** * "***** **** ****", ***** **** ******* ******** ************** **/**** ****** ******* ****. This ** ******** ** ********* ********* ***** *******, "********* ****** and ******* ************* **** *** ***** *** ********** ** ******* sensitive ********** ****** *** *****", ********* ** ***'* *******. *** release **** **** "*** ***** **** **** ******* *** *** be ********* ** ********* ***** ** ******** ********** ** ******** or ****** ********* *** ** ***** *********** ** ************", ****** it ******** ***** **** *** **** ******* *****, **** ** the ********, **** **** **** **** ******** **** *****.

****

Comments (7)

*'* ******* ** **** ********** **** *** *% ** ****** who ***** **'* * **** **** *** *** ** **** to *** ********* ********.

**** *'* ******* ***** *** **** ****** ***** ******** ** other ************* ****** ** ******* ****.

*'* ******* **** *** *** ******.

******? *** *** ***% **** *** *** ***** *** ******* a ******* '**** ****' *******? ** ************ ** * ****** dream.

**** ****. *** ********. *** ***** ** **** ***** ******. Kratos **** ******? *****://***.************.***/****/********/***-******-***-****-*****-**********-****-****-******/

** **'** ** ****** ***** ******** ****** **** ***?

UPDATE - *** **** ***** **** ****

*** ** ****** * "***** **** ****", ***** **** ******* ******** ************** **/**** ****** ******* ****. This ** ******** ** ********* ********* ***** *******, "********* ****** and ******* ************* **** *** ***** *** ********** ** ******* sensitive ********** ****** *** *****", ********* ** ***'* *******. *** release **** **** "*** ***** **** **** ******* *** *** be ********* ** ********* ***** ** ******** ********** ** ******** or ****** ********* *** ** ***** *********** ** ************", ****** it ******** ***** **** *** **** ******* *****, **** ** the ********, **** **** **** **** ******** **** *****.

******:

***** ***** *** ** ****: **** *********** *** “******”

* *****-******** *********** *** ******* *********** **** ******* **** *** is ******* ********* **** ** *** ******* **********.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Broken Hikvision App Exposes Hypocrisy on Dec 06, 2017
While Hikvision talks about a commitment to cybersecurity, their broken app and their insecure 'solution' exposes not only their engineering...
Hikvision UPnP Hacking Risk on Dec 04, 2017
Hikvision IP cameras are being hacked even for end users who had not set up port forwarding and believed their cameras were 'safe' behind...
The Race To The Bottom Is Over on Nov 28, 2017
The race to the bottom in video surveillance is over. After 3 years of aggressive price cuts and heavy sales and marketing expenditures, the...
Hikvision Chinese Government Owner CETHIK Exposed on Nov 20, 2017
Hikvision deceives about its Chinese government ownership. Contrary to their claims about 'independence' and simply having 'shareholders' that are...
Dahua Forbes 'Next Web Crisis' Vulnerability Dispute on Nov 16, 2017
The buffer overflow vulnerability in Dahua products is not in dispute, in fact we covered it when it was first published. What is in dispute is...
Hikvision China Criticizes The WSJ on Nov 15, 2017
Hikvision, through the Chinese government's authoritative news service, has criticized the WSJ investigation into Hikvision. In this...
Vivotek Remote Stack Overflow Vulnerability on Nov 14, 2017
A stack overflow vulnerability in Vivotek cameras has been discovered by bashis, the security researcher who has also found vulnerabilities in...
Dahua Launches Electric Cars on Nov 13, 2017
Embattled mega video surveillance manufacturer Dahua is now electric car manufacturer Dahua. Let the jokes begin: But is the joke on Dahua's...
WSJ Investigates Hikvision on Nov 13, 2017
The Wall Street Journal (WSJ) has released a detailed investigation into Hikvision's government ownership and cybersecurity problems, hitting the...
Bubble: Dahua Doubles Market Capitalization on Nov 07, 2017
Dahua's stock is in a bubble. Those of you in the industry know how bad of a year Dahua has had - the zero-day backdoor, the massive hacking...

Most Recent Industry Reports

Robot Vandalism on Dec 11, 2017
Vandalism of security systems is a common concern. It is so common that camera vandalism statistics show that designers routinely sacrifice camera...
Access Controller Software Guide on Dec 11, 2017
Properly configuring access controllers software is key to a professional access system. These devices have fundamental settings that must be...
2018 Video Surveillance Cameras Overview on Dec 11, 2017
This report concisely explains the developments for surveillance cameras offered in 2017 and the state of offerings going into 2018, including...
Imperial Capital Security Investor Conference Review on Dec 08, 2017
Investment bank Imperial Capital holds an annual Security Investor Conference where 60+ companies present, including this year: IPVM bought a...
Integrator GPS Vehicle Tracking Statistics and Success Examined on Dec 08, 2017
GPS vehicle tracking is a growing but somewhat controversial topic. On the plus side, tracking may increases productivity by providing greater...
Hikvision NA Biggest Sale of 2017 on Dec 07, 2017
Hikvision North America has been relatively disciplined the past 5 months, reducing the number of sales and the breadth of what is on sale. No...
Security Integrator IT Expertise Statistics on Dec 07, 2017
20 years ago, putting physical security systems on IP networks was just emerging. Today, almost every system is networked in some way, IP cameras...
Lighthouse Deep Learning Camera Tested on Dec 07, 2017
A Silicon Valley startup, Lighthouse, with a Stanford PhD CTO, has released a deep learning AI camera with 3D sensors for just $300. The company...
Access Control Course Winter 2018 on Dec 07, 2017
Learn more below about the Winter 2018 IPVM Access Control Course. Register here. IPVM offers the most comprehensive access control course in...
Broken Hikvision App Exposes Hypocrisy on Dec 06, 2017
While Hikvision talks about a commitment to cybersecurity, their broken app and their insecure 'solution' exposes not only their engineering...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact