Andrew Garbarino Suggests U.S. Law Enforcement ‘Just Stop Using’ Chinese-Made Drones

Forbes Breaking News

At a House Homeland Security Committee hearing before the Congressional recess, Rep. Andrew Garbarino (R-NY) raised cybersecurity concerns around U.S. law enforcement and municipalities using drones manufactured by Chinese tech giant DJI.

Transcript

00:00Thank you all.

00:01Gentleman Yales, and I recognize the gentleman from New York, Mr. Garbarino.

00:06Thank you, Chairman. Perfect timing, and thanks for holding this great hearing today.

00:13As the chair of the subcommittee on cybersecurity infrastructure protection,

00:16I'm especially concerned about the potential for foreign manufactured drones

00:20to be exploited by adversaries to carry out cyber physical attacks against critical systems.

00:25Many U.S. law enforcement and municipal agencies continue to use DJI drones,

00:31despite security warnings from the Department of Homeland Security and CISA.

00:35Mr. Walker, Mr. Feddersen, from your perspectives,

00:39what are the cyber risks posed by these platforms,

00:42and do you believe agencies understand the surveillance or data exfiltration vulnerabilities

00:47they may be exposing themselves to?

00:50Sorry, Mr. Feddersen, if you want.

00:52Yeah, so I appreciate the question, sir.

00:54The cyber effect, obviously, we've seen in different formats and different forms,

00:59capable of carrying a virus, injecting it into, you know, Internet of Things in different places.

01:05We've seen this happen.

01:06We know it's happened several times.

01:08Anything that can connect Wi-Fi, Bluetooth, or anything that can connect even on the LTE bands

01:14can inject some type of virus or some type of cybersecurity vulnerability into the system.

01:21This is something that I know the interagency is aware of.

01:25They're trying to address it, but when it comes from all the different threat factors out there,

01:30a cyber attack from a drone tends to fall low on the list.

01:33It's not that it shouldn't be up on the list or it shouldn't be considered.

01:37It's just a priority-based aspect of things.

01:40But we know the potential's there.

01:42We know it's been used in the past.

01:45Mr. Walker.

01:48It's a really good question, and it's a very important matter.

01:50Essentially, any time that we have, you know, interconnected devices, Internet of Things,

01:56on a broad scale like this, you have cybersecurity concerns.

02:00One of the things that we proposed in our written statement was that we need to have a digital flight

02:07authorization service that has cryptographic credentials for both the operators, for the

02:13platform, and for their intention, and that only when those three elements are fused together

02:19in an appropriate manner will we authorize that flight.

02:21That is just one approach that we believe is appropriate to ensuring that we are strengthening

02:27our cybersecurity wall against potential vulnerabilities.

02:32Mr. Fezz, in your answer, you said that the inter-agencies are aware, you believe they're

02:37aware, and they're trying to address it.

02:40How – wouldn't addressing it just be stop using the drones, or, I mean, is there another

02:45way to address it?

02:46Honestly, the simplest way to do it is to use detection and mitigation capabilities that are

02:51out there today.

02:51I mean, the technologies and vendors that are out there can identify and stop a drone

02:55from moving into an area that may be sensitive or protected.

02:59Again, when you talked about critical infrastructure, though, I think it's important for us to remember

03:03that critical infrastructure is protected by private security, not law enforcement.

03:07So when we talk about data centers, we talk about stadiums or anything else, or even power plants,

03:13even our own nuclear plants are private security, not state and local law enforcement.

03:17So the authorities that we talk about must be expanded to them as well.

03:20If we're going to actually take care of our critical infrastructure.

03:23I've had this discussion with the NFL and a whole bunch of other people saying these

03:26authorities need to be expanded to local law enforcement when these issues arise.

03:31Mr. Walker, did you want to add something else?

03:33You look like you're about to know.

03:34Any other two want to add anything?

03:35Okay.

03:38Mr. Feddersen, as we've seen, our adversaries have utilized unmanned aircraft system capabilities

03:44for various activities and conflicts around the world.

03:46Based on your work in the intelligence and cyber operations, how realistic is the threat

03:52of adversaries using unmanned aircraft systems platforms to pre-conflict shaping activities,

03:58such as mapping soft targets or collecting signal intelligence inside the United States?

04:04It's already being used, sir.

04:05I mean, you just take a look at the borders.

04:07You take a look at the cartels.

04:09You talk to the cells that we know are inside the country.

04:12We know the agencies are actively pursuing them and going after them, but the threat is

04:17here today.

04:18It's just not the border.

04:19What else are they mapping out that we might not have, the public doesn't know about yet

04:26or it's not on the top of their radar?

04:28It's pattern of life.

04:30I mean, so they watch agents.

04:31They watch officials, government officials going to from their house.

04:36They figure out patterns of that.

04:37They can do surveillance and figure out patterns of airports, other critical infrastructure aspects

04:41of things.

04:42And we know, in particularly, prisons are being infiltrated every day with drones that are

04:48going back and forth.

04:49So, again, it's being able to figure out guard shifts, patterns, different things like that.

04:55Yeah, I'd like to add to that, Congressman.

04:57I mean, there's been 3,000 drone flights, unauthorized and unidentified drone flights over power plants

05:02and power installations in the last 24 months alone, that we don't know who flew it, why

05:07they were there, what their intention was, and what data they collected.

05:10So, sometimes it's difficult to answer your question on specifically what we're doing

05:13because we don't know who they are.

05:16I had another question, but I've run out of time and I yield back.

05:19Thank you, Chairman.

Category

Transcript

Be the first to comment

Recommended